Merge pull request #171 from aspnet/pakrym/pool-user

Detect pool user in script
2016-08-15 08:59:30 -07:00 · 2016-08-15 08:59:30 -07:00 · e94106e28c
parent cb68dd8cd3 b876319379
commit e94106e28c
1 changed files with 37 additions and 2 deletions
--- a/Provision-AutoGenKeys.ps1
+++ b/Provision-AutoGenKeys.ps1
@ -69,14 +69,49 @@ function Provision-AutoGenKeys {
 }

 $ErrorActionPreference = "Stop"
+if (Get-Command Get-IISAppPool -errorAction SilentlyContinue)
+{
+    $processModel = (Get-IISAppPool $appPoolName).processModel
+}
+else
+{
+    Import-Module WebAdministration
+    $processModel = Get-ItemProperty -Path "IIS:\AppPools\$appPoolName" -Name "processModel"
+}
+
+$identityType = $processModel.identityType
+Write-Output "Pool process model: '$identityType'"
+
+Switch ($identityType)
+{
+    "LocalService" {
+        $userName = "LocalService";
+    }
+    "LocalSystem" {
+        $userName = "System";
+    }
+    "NetworkService" {
+        $userName = "NetworkService";
+    }
+    "ApplicationPoolIdentity" {
+        $userName = "IIS APPPOOL\$appPoolName";
+    }
+    "SpecificUser" {
+        $userName = $processModel.userName;
+    }
+}
+Write-Output "Pool user name: '$userName'"
+
 Try
 {
-    $poolSid = (New-Object System.Security.Principal.NTAccount("IIS APPPOOL\$appPoolName")).Translate([System.Security.Principal.SecurityIdentifier]).Value
+    $poolSid = (New-Object System.Security.Principal.NTAccount($userName)).Translate([System.Security.Principal.SecurityIdentifier]).Value
 }
 Catch [System.Security.Principal.IdentityNotMappedException]
 {
    Write-Error "Application pool '$appPoolName' account cannot be resolved."
 }

-Provision-AutoGenKeys "4.0" "32" $poolSid 
+Write-Output "Pool SID: '$poolSid'"
+
+Provision-AutoGenKeys "4.0" "32" $poolSid
 Provision-AutoGenKeys "4.0" "64" $poolSid