diff options
author | Trond Hindenes <trond@hindenes.com> | 2016-11-07 22:07:53 +0100 |
---|---|---|
committer | Brian Coca <bcoca@users.noreply.github.com> | 2016-11-07 16:07:53 -0500 |
commit | 2c1e88a180e88bb4bd39c63b57677758b871a590 (patch) | |
tree | d2407a402cd1eba00b9e871d89aea1c7215ccc5c /windows/win_acl.ps1 | |
parent | 08d9cdf883fe3df4535bd914661ee3a9de58c9ae (diff) | |
download | ansible-modules-extras-2c1e88a180e88bb4bd39c63b57677758b871a590.tar.gz |
Added support for IIS AppPool identities (#2675)
Diffstat (limited to 'windows/win_acl.ps1')
-rw-r--r-- | windows/win_acl.ps1 | 29 |
1 files changed, 26 insertions, 3 deletions
diff --git a/windows/win_acl.ps1 b/windows/win_acl.ps1 index 2e20793e..068130a2 100644 --- a/windows/win_acl.ps1 +++ b/windows/win_acl.ps1 @@ -32,9 +32,19 @@ Function UserSearch $searchDomain = $false $searchDomainUPN = $false + $SearchAppPools = $false if ($accountName.Split("\").count -gt 1) { - if ($accountName.Split("\")[0] -ne $env:COMPUTERNAME) + if ($accountName.Split("\")[0] -eq $env:COMPUTERNAME) + { + + } + elseif ($accountName.Split("\")[0] -eq "IIS APPPOOL") + { + $SearchAppPools = $true + $accountName = $accountName.split("\")[1] + } + else { $searchDomain = $true $accountName = $accountName.split("\")[1] @@ -51,7 +61,7 @@ Function UserSearch $accountName = $env:COMPUTERNAME + "\" + $accountName } - if ($searchDomain -eq $false) + if (($searchDomain -eq $false) -and ($SearchAppPools -eq $false)) { # do not use Win32_UserAccount, because e.g. SYSTEM (BUILTIN\SYSTEM or COMPUUTERNAME\SYSTEM) will not be listed. on Win32_Account groups will be listed too $localaccount = get-wmiobject -class "Win32_Account" -namespace "root\CIMV2" -filter "(LocalAccount = True)" | where {$_.Caption -eq $accountName} @@ -60,7 +70,20 @@ Function UserSearch return $localaccount.SID } } - Else + Elseif ($SearchAppPools -eq $true) + { + Import-Module WebAdministration + $testiispath = Test-path "IIS:" + if ($testiispath -eq $false) + { + return $null + } + else + { + $apppoolobj = Get-ItemProperty IIS:\AppPools\$accountName + return $apppoolobj.applicationPoolSid + } + } { #Search by samaccountname $Searcher = [adsisearcher]"" |