2.0.0
Microsoft IIS Administration 2.0.0
Microsoft IIS Administration is a REST API that allows consumers to configure and monitor their IIS web servers. With the API installed on your IIS machine, you can configure your IIS instance with any HTTP client including our new web management tool https://manage.iis.net.
Visit https://manage.iis.net/get to get started.
Requirements
Change Log
- IIS Hostable Web Core, Windows Authentication, Url Authorization, and the ASP.NET Core Module have been removed as requirements for installation
- The web.config and applicationHost.config files have been removed from the application
- Access control is now handled through the appsettings.json file
C:\Program Files\IIS Administration\2.0.0\Microsoft.IIS.Administration\config\appsettings.json - There is no more local IIS Administrators group created during installation of the IIS Administration API. The installing user is granted access to the API via the appsettings.json file, and more users can be granted access by adding them to the appsettings.json file, or by creating a Windows group, adding the users to the group, and then adding the group to the appsettings.json file if desired.
Enhancements
- Added ability to set the key property of web sites (id in applicationHost.config)
- All configuration settings can now be provided as command line arguments
Bug Fixes
- Copy directory no longer indicates that the directory has been completely copied before all files are finished copying acefb3d
New Access Control Configuration
The web.config file has been removed from the application and the logic for granting/preventing access to the API has been moved to the appsettings.json file. There is now a security section that can be used to control Windows Authentication and other requirements for different areas of the API.
"security": {
"require_windows_authentication": true,
"users": {
"administrators": [
"DOMAIN\\UserName"
],
"owners": [
"DOMAIN\\UserName"
]
},
"access_policy": {
"api": {
"users": "administrators",
"access_key": true
},
"api_keys": {
"users": "administrators",
"access_key": false
},
"system": {
"users": "owners",
"access_key": true
}
}
}
require_windows_authentication: A boolean value that specifies whether valid Windows Authentication is required for all requests to the API. If true, any request that is not Windows Authenticated will be rejected. If false, Windows Authentication can be turned off based on the access_policy settings.
users: A mapping between Windows Identities and roles within the API. Any user type can be created, but by default the appsettings.json file contains administrators and owners. These user types are used in the access_policy section to control who has access to different sections of the API.
access_policy: The access policy specifies requirements to be able to access certain areas of the API. The users requirement specifies which users have access to the section, where users are from the users map mentioned above. To allow all users, Everyone can be specified as the value for this requirement. the access_key requirement specifies whether an access key is required to access the section of the API.
access_policy:api: This access policy is for API resources such as web sites, application pools, and files. The default requirements to access these resources are still Windows Authentication and an access key.
access_policy:api_keys: This access policy is for manipulating API keys. The default requirements to manipulate access keys is still Windows Authentication with no access key requirement.
access_policy:system: This access policy is for high privilege actions that are offered by the API, such as changing the identify of an application pool to LocalSystem.