Discovery of IIS Web.Config and Password Reset
Steps Required
- Add domain controller as a resource.
- Add domain admin account.
- Add domain member servers as new resources and create resource group.
- Configure remote password reset for IIS web.config files.
- Associate resource groups for the IIS web.config files.
- Verify supported IIS websites.
- Change password.
1. Add domain controller as a resource
- Navigate to "Resources" tab.
- Click on "Add Resource" button, and select "Add Manually" from the drop-down list.
- In the pop-up form that opens, add the Domain Controller - PMP Machine, as a new resource with 'Resource Type' as Windows Domain.
- Supply the NETBIOS name - PMPDC, in upper case in the 'Domain Name' field.
- Fill in the other details such as DNS.
- Click "Save & Proceed".
2. Add domain admin account and IIS websites
- Navigate to "Resources tab".
- Click the "Resource Actions" icon against the newly added resource and select "Add Accounts" from the drop down list.
- In the pop-up form that opens, add the domain administrator account (John Newton) and click "Add".
- Then, continue to add the accounts in the same way. When you are done, click "Save".
3. Add domain member servers as new resources and create resource group
- Continue adding the other member servers of the domain - Win1, Win2, Win3, and Win4 as new resources in the same way as explained above.
- Navigate to "Resources" tab.
- Click "Add Resources" button and add the member servers along with their respective local accounts.
- Now, go to "Groups" tab and click on "Add group" button and select 'Dynamic Group' from the drop down.
- In the pop-up form that opens, name the group and choose 'Match any of the following'.
- Click 'Save'.
4. Configure remote password reset for IIS web.config files
Instead of manual addition explained in Step 3, you can also discover the required resources and groups in your domain by following the steps given below:
- Navigate to "Resources" tab.
- Click the "Resource Actions" icon against the WindowsDomain 'PMP Machine' resource and select "Configure password reset" from the drop down.
- In the pop-up form that appears, select the 'Domain Admin' (John Newton) account as the 'Administrator Account'.
- Click "Save".
5. Associate resource groups for the IIS web.config files
- Click on the WindowsDomain 'PMP Machine' resource name.
- In the UI that opens, click the "Account Actions" icon against the app pool account (John Newton in this case) and then select "Edit account" from the drop down.
- In the pop-up form that appears, associate resource groups for this service account by moving it to the other box.
- Click "Save".
6. Verify supported IIS websites
- Click the WindowsDomain 'PMP Machine' resource name.
- Select the IIS website 'John Newton' and click the "IIS web.config" button.
- In the pop-up form that appears, click "Fetch" under "Supported IIS websites".
- Password Manager Pro will scan and list all the websites that are run in the servers of IIS websites in which the service account is used in the connection string of the web.conf files. After reviewing the list, hit 'OK'.
7. Change password
- Click on the WindowsDomain 'PMP Machine' resource name.
- Click the "Account Actions" icon against 'John newton' and then select "Change Password" from the drop down.
- In the pop-up form that appears, either provide or generate a new password. Make sure to enable 'Apply password changes to the remote resource'.
- Click "Save". Password Manager Pro will immediately reset the password in the domain first and then, automatically update the new password across all servers where 'John Newton' is used to run IIS websites.
Additional steps to schedule periodic password resets for IIS websites
The aforementioned steps are adequate to carry out password resets for app pool accounts anytime on demand. If you would like to configure automatic password resets on a periodic basis, execute the additional steps given below:
To configure periodic password reset for IIS websites,
- A resource group has to be first created.
- Click the "Actions" icon against the resource group and select "Periodic Password Reset" from the drop down.
- A pop-up form will open with a four step process through which required schedule can be created.