Archive Search
Rss feed GitHub Twitter Facebook LinkedIn BitBucket SoundCloud

@manhng

Welcome to my blog!

Give specific local Windows user group full control access to a folder and its sub folders (IIS_IUSRS + IUSR)

September 6, 2020 23:07

Give specific local Windows user group full control access to a folder and its sub folders (edit)

Application Pool Identities | Microsoft Docs

https://stackoverflow.com/questions/48075130/give-specific-local-windows-user-group-read-access-to-a-folder-and-its-subfolder

https://stackoverflow.com/questions/7334216/iis7-permissions-overview-applicationpoolidentity

https://docs.microsoft.com/en-us/iis/manage/powershell/powershell-snap-in-creating-web-sites-web-applications-virtual-directories-and-application-pools

https://docs.microsoft.com/en-us/iis/get-started/planning-for-security/understanding-built-in-user-and-group-accounts-in-iis

  • IIS_IUSRS (build-in group in IIS 7.0)
  • IUSR (build-in account in IIS 7.0)
  • IIS AppPool\DefaultAppPool

https://docs.google.com/document/d/1gkN2Dy-sL1cx6T5l1pg9RKK0EHxtUzujSk_j-kpCrYQ

Application Pool Identities - Full Access from IIS - Web Deploy - Deployment (HAY HAY HAY HAY HAY)

using System.IO;
using System.Security.AccessControl;

namespace GiveFullPermissionToFolder
{
 class Program
 {
 private static void Main(string[] args)
 {
 string path = @"C:\Deploy";

 DirectoryInfo directoryInfo = new DirectoryInfo(path);
 DirectorySecurity directorySecurity = directoryInfo.GetAccessControl();

 //var groupName_IIS_IUSRS = Environment.MachineName + @"\IIS_IUSRS";

 //var groupName = @"IIS AppPool\DefaultAppPool";
 //var groupName = @".\IIS_IUSRS";
 //var groupName = @".\Users";
 //var groupName = @"IUSR";
 //var groupName = @"Authenticated Users";

 var groupNames = new[]
 {
 @"IIS AppPool\DefaultAppPool",
 @".\IIS_IUSRS",
 @".\Users",
 @"IUSR",
 @"Authenticated Users"
 };

 foreach (var groupName in groupNames)
 {

 directorySecurity.AddAccessRule(
 new FileSystemAccessRule(groupName,
 FileSystemRights.FullControl,
 InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
 PropagationFlags.None,
 AccessControlType.Allow));

 directoryInfo.SetAccessControl(directorySecurity);
 }

 System.Console.WriteLine("Done");
 }
 }
}

How to give full permission to a folder

using System;
using System.IO;
using System.Security.AccessControl;

namespace Secure
{
 internal class Program
 {
 private static void Main(string[] args)
 {
 string path = @"D:\Samples\WebService";

 DirectoryInfo directoryInfo = new DirectoryInfo(path);
 DirectorySecurity directorySecurity = directoryInfo.GetAccessControl();

 var groupName_IIS_IUSRS = Environment.MachineName + @"\IIS_IUSRS";
 var groupName = @".\IIS_IUSRS";

 directorySecurity.AddAccessRule(
 new FileSystemAccessRule(groupName,
 FileSystemRights.FullControl,
 InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit,
 PropagationFlags.None,
 AccessControlType.Allow));

 directoryInfo.SetAccessControl(directorySecurity);

 System.Console.WriteLine("Done");
 }
 }
}
Tags: IIS_IUSRS, IUSR, Application Pool, ApplicationPool, IIS
Categories: IIS_IUSRS | IUSR | Application Pool | ApplicationPool | IIS
comment

Categories

Recent posts

Popular tags