2

I have a need to modify the applicationHost.config file located by default at c:\windows\System32\inetsrv\config.

Reviewing the XML file, there are many entries for location under configuration. I need to modify only a specific one. Perhaps checking if it exists first before modifying it?

The following XML is what I want to modify. The is nested under the top level configuration. I want to change just one entry, anonymousAuthentication enabled="true" if found to be false. 

<location path="Default Web Site/MyWebsite/SiteA">
    <system.webServer>
        <security>
            <authentication>
                <digestAuthentication enabled="false" />
                <basicAuthentication enabled="false" />
                <anonymousAuthentication enabled="false" />
                <windowsAuthentication enabled="true">
                    <providers>
                        <clear />
                        <add value="Negotiate" />
                        <add value="NTLM" />
                    </providers>
                </windowsAuthentication>
            </authentication>
        </security>
    </system.webServer>
</location>

A side note. I do see that I could use set-webconfigurationproperty. However, when I do so, it tells me the configuration section cannot be used at this path. This happens when the section is locked at a parent level. I'm using PSPath, which is supposed to get around that, but it's not working.

Improve this question
1
  • Regarding your side note, you might need to go in Feature Delegation of your IIS server (inetmgr.cpl) and set Authentication - Anonymous to Read / Write then attempt again to use set-webconfigurationproperty Commented May 24, 2019 at 21:08

1 Answer 1

Reset to default
2

Something like this should do the trick. I recommend you create a backup copy of your Applicationhost so you can revert should need arise.

You'll need to run that script as administrator.

The trick is to leverage SelectNodes or SelectSingleNode and target the specific nodes you are interested in. I used your provided code to specify I was looking for the node you were interested in but only where the location path corresponded to "Default Web Site/MyWebsite/SiteA"

$InetConfigPath = 'c:\windows\System32\inetsrv\config\applicationHost.config'
$xml = [xml](get-content -Path $InetConfigPath -Raw)


$Nodes = $xml.SelectNodes('//location[@path="Default Web Site/MyWebsite/SiteA"]/system.webServer/security/authentication/anonymousAuthentication')
foreach ($Node in $nodes) {
    if ($Node.enabled -eq $false) {
        $Node.enabled = 'true'
    }
}


$xml.Save($InetConfigPath)
  • WebAdministration module is recommended over modifying the ApplicationHost.config file directly to avoid unintended consequences.

References

Select Nodes Using XPath Navigation

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Yes, thank you! Apologies, I missed that there was a reply to my question. I ended up using the WebAdministration module, as it seemed much safer for this file.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.