How can I enable pass through authentification on IIS5?
When you create a virtual directory that is mapped to a remote share, you must provide the username and password that the remote system will use to access the share.
Sometimes instread of using a predefined account you want to configure IIS to use the logged on user’s credentials instead.
This is called Pass Through Authentication; you can enable pass through authentication for both IIS 4 and IIS 5.
On IIS 4 pass through authentication is unsupported, but can be done with a few extra steps.
To use Pass Through Authentification you must use an authentication method that supports pass through authentication as not all authentification methods do. The following methods do support it.
- Anonymous with IIS control password disabled
- Basic Authentification
- Integrated Windows if everyone uses IE 5.0 on Win2K systems which are part of a domain. In this situation Kerberos will be used.
- Certificate Mapping (IIS 5.0 version, not Windows Mapper)
See this article for a limitation on Pass Through Authentification for IIS http://support.microsoft.com/support/kb/articles/Q286/4/01.ASP
The following script will allow you to configure Pass Through Authentification for IIS 5. option Explicit
' chris crowe
' Sunday october 29, 2000
' www.iisfaq.com - lots more scripts there
Dim IISObj, ArgComputer, ArgSiteNumber, ObjectPath, ArgMode, ArgDirectory
Sub DisplayUsage
WScript.Echo "usage: cscript SetIIS5PassThroughAuthentification.vbs"
WScript.Echo " [--computer|-c COMPUTER1[,COMPUTER2...]]"
WScript.Echo " [--SiteNumber|-n SITENUMBER]"
WScript.Echo " [--Dir|-d Directory]"
WScript.Echo " Enable or Disable"
WScript.Echo " [--help|-?]"
WScript.Echo ""
WScript.Echo "Dir is the Virtual directory you want to enable or disable PassThroughAuthentification on"
WScript.Echo ""
WScript.Echo "Example 1: SetIIS5PassThroughAuthentification.vbs -n 1 Enable --dir Protected"
WScript.Echo ""
WScript.Quit(1)
End Sub
Sub checkCmdLine()
Dim OArgs, ArgNum
Set oArgs = WScript.Arguments
ArgNum = 0
if (oArgs.Count = 0) then
Call displayUsage
end if
While ArgNum < oArgs.Count
Select Case LCase(oArgs(ArgNum))
Case "--computer","-c":
ArgNum = ArgNum + 1
if (ArgNum = oArgs.count) then
Call DisplayUsage()
end if
ArgComputer = oArgs(ArgNum)
Case "--sitenumber","-n":
ArgNum = ArgNum + 1
if (ArgNum = oArgs.count) then
Call DisplayUsage()
end if
ArgSiteNumber = CLng(oArgs(ArgNum))
Case "--dir","-d":
ArgNum = ArgNum + 1
if (ArgNum = oArgs.count) then
Call DisplayUsage()
end if
ArgDirectory = oArgs(ArgNum)
Case "enable":
ArgMode = true
Case "disable":
ArgMode = false
Case "--help","-?":
Call DisplayUsage
Case Else:
WScript.Echo "Unknown argument "& oArgs(ArgNum)
Call DisplayUsage
End Select
ArgNum = ArgNum + 1
Wend
if (ArgSiteNumber = "") then
WScript.Echo "Site number is required."
WScript.Echo ""
Call DisplayUsage
end if
if (ArgDirectory = "") then
WScript.Echo "Virtual directory is required."
WScript.Echo ""
Call DisplayUsage
end if
if (ArgMode = "") then
WScript.Echo "Enable or Disable must be specified."
WScript.Echo ""
Call DisplayUsage
end if
end sub
on error resume next
ArgComputer = "localHost"
ArgDirectory = ""
ArgMode = ""
ArgSiteNumber = ""
CheckCmdLine()
ObjectPath = "IIS://" & ArgComputer & "/W3SVC/" & ArgSiteNumber&"/root/" & ArgDirectory
SET IISObj = getObject(ObjectPath)
If (Err <> 0) Then
WScript.Echo "TERMINATING --- Error accessing " & ObjectPath & vbcrlf & "Does the virtual directory " & _
chr(34) & ArgDirectory & chr(34) & " exist?" & vbcrlf & Err.Description & " (0x" & hex(Err) & ")"
wscript.quit(2)
End If
IISOBJ.UNCAuthenticationPassThrough = ArgMode
IISObj.SetInfo
if (Err <> 0) then
WScript.Echo "Unable to set the UNCAuthenticationPassThrough: " & Err.Description & " (" & Err & ")"
WScript.Quit(2)
end if
WScript.Echo "UNCAuthenticationPassThrough on Virtual directory " & chr(34) & argDirectory & chr(34) & _
" on "& argcomputer & " set to """ & ArgMode & """"
|