How can I check the Password of the IUSR and IWAM Local Accounts on a Machine?

Usually the IUSR_<machine name> and IWAM_<machine name> passwords are set automatically and are never known. However, I’ve seen cases in which for some reason the passwords get out of sync or corrupted and need to be reset. The easiest way to reset these passwords is to extract the passwords that Microsoft IIS has in its metabase and update the accounts in Local Users and Groups to use that password.

You first need to update the adsutil.vbs script, which you’ll find in the AdminScripts folder under the Inetpub folder, to display sensitive information (e.g., passwords) instead of just asterisks. Open the adsutil.vbs file in Notepad and search for the text “IsSecureProperty = True”, replace this text with “IsSecureProperty = False” and save the file. Now run the following commands to return the passwords (/anonymoususerpass is the IUSR account; /wamuserpass is the IWAM_account).

C:\Inetpub\AdminScripts>cscript adsutil.vbs get w3svc/anonymoususerpass

anonymoususerpass : (STRING) “/XEv`J01T”!69I”

C:\Inetpub\AdminScripts>cscript adsutil.vbs get w3svc/wamuserpass

wamuserpass : (STRING) “ikI37Q”W5[,uu%”

If you want to reset the passwords to match the passwords you had already set in Local Users and Groups, use the following command:

C:\Inetpub\AdminScripts>cscript adsutil.vbs set w3svc/anonymoususerpass “Pa55word”

anonymoususerpass : (STRING) “Pa55word”

C:\Inetpub\AdminScripts>cscript adsutil.vbs set w3svc/wamuserpass “Pa55word”

wamuserpass : (STRING) “Pa55word”

You should now run the command below to sync the password from IIS with Microsoft Transaction Server (MTS) and component services:

C:\Inetpub\AdminScripts>cscript.exe synciwam.vbs -v

IIS Applications Defined:
Name, AppIsolated, Package ID

You should now restart IIS via the “All Tasks” context menu option of the IIS server in the Microsoft Management Console (MMC) Internet Information Services Manager snap-in.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: