0

I've created a script for most of the functions I need when creating a Site for my IIS, however, there is still one thing missing.

Namely, I can't seem to find the commands for setting script privileges on a Site.

I want all script rights but no execution rights if I've understood it correctly.

So, how do you set those privileges through powershell?

Edit: The answer I was looking for was:

set-webconfigurationproperty -filter /system.webserver/handlers -name accesspolicy -value $flagsPermissions -PSPath $PS_PATH -Location $siteDescription

It works nicely.

Improve this question
4
  • 1
    What version of IIS, 6? Commented Nov 15, 2012 at 10:08
  • Ah, yes, sorry, 7. Commented Nov 15, 2012 at 10:13
  • By default Execute permissions are turned off, so there is not need to change anything when creating a new site. Unless you changed the defaults. Commented Nov 15, 2012 at 10:31
  • I might've been unclear. I want to turn scripts on, not off. It seperates between scripts and executables in the GUI, and I don't want normal programs executable, jsut scripts. Commented Nov 15, 2012 at 10:54

1 Answer 1

Reset to default
3

A new site on IIS 7+ should have it's handler accessPolicy set to 'Read, Script' so that's exactly what you want, no need for changes.

If you still want to change it:

You could use appcmd.exe from PowerShell:

appcmd set config /section:handlers /accessPolicy:Read,Script

More info on TechNet

For specific sites this setting is usually set in web.config rather than ApplicationHost.config

Improve this answer
5
  • Ah, then it seems that someone else have modified the defaults (I've also verified this with a local install), I'll have to check why that is before I make any changes to that. However, appcmd doesn't seem to exist on either of the systems I am working on. Also, yes, modifying web.config would work fine as well. Commented Nov 15, 2012 at 12:24
  • 1
    appcmd.exe is not in the path by default. It is in C:\Windows\system32\inetsrv Commented Nov 15, 2012 at 12:29
  • Ah, thanks. The command partly works, however, only if I enter Read OR Script, otherwhise, the second option is ignored with an error message (In swedish unfortunately). Also, the thing I'm looking to do is in fact in web.config, just across 82 different sites. Commented Nov 15, 2012 at 12:49
  • Two things: First, thanks, your messages led me to realize what the terms I was actually looking for (handlers, accesspolicy read, script). Second, that led me to the following line: set-webconfigurationproperty -filter /system.webserver/handlers -name accesspolicy -value $flagsPermissions -PSPath $PS_PATH Which works wonderfully. Also, we switched to inherited script privileges as well. Thanks for the assistance! Commented Nov 15, 2012 at 14:28
  • Ah, look, I tried upvoting it, but Accepting was the way to go. Commented Nov 15, 2012 at 15:50

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.