I've read a number of web articles explaining how to enabled Kerberos and NTML authentication. What is the process of removing these settings?
appcmd.exe set config "mysite" -section:system.webServer/security/authentication/windowsAuthentication /-"providers.[value='Negotiate']" /commit:apphost
appcmd.exe set config "mysite" -section:system.webServer/security/authentication/windowsAuthentication /-"providers.[value='NTLM']" /commit:apphost
Thanks!
Note here the -"providers... is to remove the settings, so if the above commands are executed, you would be first removing 'Negotiate' and then 'NTLM'
If you have additional other providers just add commands for the same and you would be able to remove the same.
Note: To add a new setting use +"providers... instead of -"providers... in the command.
Related
How can I use appcmd in IIS10 to set the physical path of a website?
Something like...
appcmd set site summit /[path='/'].path:c:\newpath
This is the setting I am trying to change...
You could change the site physical path using below command:
appcmd set site /site.name:"site name" /application[path='/'].virtualDirectory[path='/'].physicalPath:"D:\newpath"
Do not forget to run the command prompt as administrator.
I want to change the IIS-7 configuration of HTTP Trace method and .NET trust level using a PowerShell script.
I have it by using appcmd in cmd prompt.
-- .NET Trust Level
%systemroot%\system32\inetsrv\appcmd set config /commit:WEBROOT /section:trust /level:Medium
-- HTTP Trace method disabled
%systemroot%\system32\inetsrv\appcmd set config /section:requestfiltering /+verbs.[verb='TRACE',allowed='false']
I'm behind a corporate firewall and cannot connect using the command line interface, which probably doesn't get proxy information from the system configuration, but I cannot find a way to set the correct options.
The environment variables mentioned in the other answer are part of the solution, so you do need to set them by running these commands before az login. Note that (in my case, at least) both URLs start with http, not https.
In PowerShell:
$env:HTTP_PROXY="http://my-proxy-details"
$env:HTTPS_PROXY="http://my-proxy-details"
In cmd:
SET HTTP_PROXY http://my-proxy-details
SET HTTPS_PROXY http://my-proxy-details
Or, to set them permanently:
[Environment]::SetEnvironmentVariable("HTTP_PROXY", "http://my-proxy-details", "Machine")
[Environment]::SetEnvironmentVariable("HTTPS_PROXY", "http://my-proxy-details", "Machine")
If that fixes it for you, you can stop reading here. If not, and you see a certificate error, the extra step is to find the Azure CLI's private Python installation, and add your root certificate to its cacert.pem files. While Python itself uses the Windows certificate store, some packages (notably certifi) do not.
You will need your proxy's root certificate in PEM format - that is, as base64 text rather than as a binary. It may well have the .cer extension.
Find the site-packages folder inside Azure CLI's program folder. For me, it's C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\Lib\site-packages. Search it for files named cacert.pem. I found three of them. Copy the contents of your certificate and paste it at the bottom of each of these files. Save them and try again.
You could use HTTP_PROXY or HTTPS_PROXY environment variables to set a proxy.
In CMD
You need add "=" when set environment variables:
SET HTTP_PROXY=http://my-proxy-details
SET HTTPS_PROXY=http://my-proxy-details
In PowerShell:
$env:HTTP_PROXY="http://my-proxy-details"
$env:HTTPS_PROXY="http://my-proxy-details"
Is there an appcmd for setting Load User Profile to false on DefaultAppPool on IIS7 via appcmd?
I have already tried this
%systemroot%\system32\inetsrv\appcmd set config -section:applicationPools /[name='DefaultAppPool'].processModel.loadUserProfile:false
But this only sets it for the defualt App Pool and doesnt change the main setting called "
Set Application pool defaults..."
You can do this with the following:
c:\windows\system32\inetsrv\appcmd.exe set config -section:applicationPools "/[name='appPoolNameGoesHere'].processModel.loadUserProfile:false"
c:\windows\system32\inetsrv\appcmd.exe set config -section:applicationPools "/[name='appPoolNameGoesHere'].processModel.loadUserProfile:true"
I am running a site using Windows Azure Cloud. Is there a way I can ping my site every 20 minutes? My site has low traffic and I need to stop the site from starting and stopping the app pool all the time.
You might be able to setup a Cron Job to do a ping, check out Task 'Scheduling with Windows Azure Web Sites using a Cron Job Service' for an example
If you're using a full Cloud Service (a.k.a. Web Role) you can use a startup task to set the app pools to never shut down. This script does that, as well as a few other IIS configuration changes that I found useful.
#ECHO OFF
#REM A file to flag that this script has already run
#REM because if we run it twice, it errors out and prevents the Azure role from starting properly
#REM %~n0 expands to the name of the currently executing file, without the extension
SET FLAGFILE=c:\%~n0-flag.txt
IF EXIST "%FLAGFILE%" (
ECHO %FLAGFILE% exists, exiting startup script
exit /B
) ELSE (
date /t > %FLAGFILE%
)
#REM Enable IIS compression for application/json MIME type
#REM This will fail the second time you run it on a machine (eg, your desktop). So don't do that.
%windir%\system32\inetsrv\appcmd.exe set config -section:system.webServer/httpCompression /+"dynamicTypes.[mimeType='application/json',enabled='True']" /commit:apphost
%windir%\system32\inetsrv\appcmd.exe set config -section:system.webServer/httpCompression /+"dynamicTypes.[mimeType='application/json; charset=utf-8',enabled='True']" /commit:apphost
#REM Set IIS to automatically start AppPools
%windir%\system32\inetsrv\appcmd.exe set config -section:applicationPools -applicationPoolDefaults.startMode:AlwaysRunning /commit:apphost
#REM Set IIS to not shut down idle AppPools
%windir%\system32\inetsrv\appcmd set config -section:applicationPools -applicationPoolDefaults.processModel.idleTimeout:00:00:00 /commit:apphost
#REM remove IIS response headers
%windir%\system32\inetsrv\appcmd.exe set config /section:httpProtocol /-customHeaders.[name='X-Powered-By']