private void syncronizeIisIdentity(CleanWebsite website) { // Only create or update when IIS is enabled. if (website.IisSite.Mode != WebsiteIisMode.Disabled) { // Create the user if it does not exist and IIS is not disabled. if (!wuManager.Exists(website.IisSite.IdentityUserName)) { SecurityIdentifier sid = wuManager.Create(website.GetIisIdentity(this)); website.IisSite.IdentitySid = sid.Value; } else { // Ensure that SID is kept up to date (as it may become out of sync). website.IisSite.IdentitySid = wuManager.Get(website.IisSite.IdentityUserName).Sid.Value; // Update user in case site name has changed. wuManager.Update(website.GetIisIdentity(this)); // Ensure that the password is correct. wuManager.SetPassword( new SecurityIdentifier(website.IisSite.IdentitySid), DecryptPassword(website.IisSite.IdentityPassword)); } } else { // If user exists, then remove the user to keep the system tidy. tryRemoveIisIdentity(website); // Remove directory security belonging to user to keep system tidy. removeWebsiteSecurity(website); } }
private void createServiceAccount() { windowsUser = new WindowsUser( accountUserName, accountPassword, accountDisplayName, accountDescription, WindowsUserFlag.PasswordCannotChange | WindowsUserFlag.PasswordNeverExpires); WindowsUserManager manager = new WindowsUserManager(Environment.MachineName); manager.Create(windowsUser); manager.GrantLogonAsService(windowsUser); }