private void syncronizeIisIdentity(CleanWebsite website)
{
// Only create or update when IIS is enabled.
if (website.IisSite.Mode != WebsiteIisMode.Disabled)
{
// Create the user if it does not exist and IIS is not disabled.
if (!wuManager.Exists(website.IisSite.IdentityUserName))
{
SecurityIdentifier sid = wuManager.Create(website.GetIisIdentity(this));
website.IisSite.IdentitySid = sid.Value;
}
else
{
// Ensure that SID is kept up to date (as it may become out of sync).
website.IisSite.IdentitySid = wuManager.Get(website.IisSite.IdentityUserName).Sid.Value;
// Update user in case site name has changed.
wuManager.Update(website.GetIisIdentity(this));
// Ensure that the password is correct.
wuManager.SetPassword(
new SecurityIdentifier(website.IisSite.IdentitySid),
DecryptPassword(website.IisSite.IdentityPassword));
}
}
else
{
// If user exists, then remove the user to keep the system tidy.
tryRemoveIisIdentity(website);
// Remove directory security belonging to user to keep system tidy.
removeWebsiteSecurity(website);
}
}
private void createServiceAccount()
{
windowsUser = new WindowsUser(
accountUserName,
accountPassword,
accountDisplayName,
accountDescription,
WindowsUserFlag.PasswordCannotChange |
WindowsUserFlag.PasswordNeverExpires);
WindowsUserManager manager = new WindowsUserManager(Environment.MachineName);
manager.Create(windowsUser);
manager.GrantLogonAsService(windowsUser);
}
