Usually the IUSR_<machine name> and IWAM_<machine name> passwords are set automatically and are never known. However, I’ve seen cases in which for some reason the passwords get out of sync or corrupted and need to be reset. The easiest way to reset these passwords is to extract the passwords that Microsoft IIS has in its metabase and update the accounts in Local Users and Groups to use that password.
You first need to update the adsutil.vbs script, which you’ll find in the AdminScripts folder under the Inetpub folder, to display sensitive information (e.g., passwords) instead of just asterisks. Open the adsutil.vbs file in Notepad and search for the text “IsSecureProperty = True”, replace this text with “IsSecureProperty = False” and save the file. Now run the following commands to return the passwords (/anonymoususerpass is the IUSR account; /wamuserpass is the IWAM_account).
C:\Inetpub\AdminScripts>cscript adsutil.vbs get w3svc/anonymoususerpass
anonymoususerpass : (STRING) “/XEv`J01T”!69I”
C:\Inetpub\AdminScripts>cscript adsutil.vbs get w3svc/wamuserpass
wamuserpass : (STRING) “ikI37Q”W5[,uu%”
If you want to reset the passwords to match the passwords you had already set in Local Users and Groups, use the following command:
C:\Inetpub\AdminScripts>cscript adsutil.vbs set w3svc/anonymoususerpass “Pa55word”
anonymoususerpass : (STRING) “Pa55word”
C:\Inetpub\AdminScripts>cscript adsutil.vbs set w3svc/wamuserpass “Pa55word”
wamuserpass : (STRING) “Pa55word”
You should now run the command below to sync the password from IIS with Microsoft Transaction Server (MTS) and component services:
C:\Inetpub\AdminScripts>cscript.exe synciwam.vbs -v
IIS Applications Defined:
Name, AppIsolated, Package ID
You should now restart IIS via the “All Tasks” context menu option of the IIS server in the Microsoft Management Console (MMC) Internet Information Services Manager snap-in.