IIS 7.5: Setting 'app pool user' as the anonymous user programmatically

Question

I have an web app in IIS 7.5 with its own AppPool using .net 4.

I want to use the feature of having anonymous access as the app pool identity - which is easily configured in a GUI via the inetmgr snapin.

Is there any way do this programmatically, for instance through web.config?

I've looked around and it appears that the anonymousAuthentication element does the trick, but it does not explain how to specify the app pool user in any significant way. I've tried setting my anon user to 'IIS APPPOOL/[AppPoolName]' as seems to be suggested here, with no success.

Any suggestions to how this is supposed to be configured?

Answer 1

You can do it programmatically via Ansible like this:

- name: Set 'Anonymous Authentication' to 'Application pool identity'
  community.windows.win_xml:
    path: C:\Windows\System32\inetsrv\Config\applicationHost.config
    xpath: //configuration/system.webServer/security/authentication/anonymousAuthentication
    attribute: userName
    fragment: ''
    type: attribute

Answer 2

For the lazy (me)

<system.webServer> <security> <authentication> <anonymousAuthentication userName="" /> </authentication> </security> </system.webServer>

Answer 3

Taking a closer look at that link: http://www.iis.net/ConfigReference/system.webServer/security/authentication/anonymousAuthentication

'If you leave this value blank (that is, username=""), Anonymous authentication uses the application pool identity to authenticate anonymous users'