WiX not configuring IIS site correctly

Asked 25/9, 2013 at 13:27 Answered 15/6, 2017 at 9:20

I have an installer which configures 2 websites, one of which has some applications under the root site. The top level site is configured for Windows Authentication only, as below:

<iis:WebSite Id="WebSite"
             Description="Application"
             Directory="WEBSITE_INSTALLLOCATION"
             AutoStart="yes"
             ConfigureIfExists="yes"
             StartOnInstall="yes">

        <iis:WebAddress Id="AllUnassigned" Port="80" />

        <iis:WebApplication Id="WebApplication"
                            Name="Console"
                            WebAppPool="WebAppPool"/>

        <iis:WebDirProperties Id="WebProperties"
                              AnonymousAccess="no"
                              WindowsAuthentication="yes"
                              AuthenticationProviders="NTLM,Negotiate"/>

</iis:WebSite>

Other (optional) components in the installer then declare applications/virtual directories as follows:

<iis:WebVirtualDir Id="HelpWebSite" Alias="Help" Directory="ApexHelpDir" WebSite="WebSite">
    <iis:WebApplication Id="HelpApp" Name="Help" WebAppPool="WebAppPool"/>
    <iis:WebDirProperties Id="HelpProps" AnonymousAccess="yes" WindowsAuthentication="no"/>
</iis:WebVirtualDir>

The behaviour I'm seeing is what I'd expect 9/10 times, but intermittently the installer will install the "Website" site with both anonymous authentication and windows authentication, rather than just the Help application with anonymous authentication. The only explanation for this that I can think of is that the act of adding a virtual directory/application underneath a root site occasionally causes the root to inherit the child authentication settings as well as its own.

Note: I tried to raise this as a bug on the wixtoolset.org site, but kept getting an error when trying to do so.

Underclothes answered 25/9, 2013 at 13:27 Comment(5)

Did you ever find a resolution to this issue? – Overpass 16/1, 2014 at 15:12

@Oren no, unfortunately I've still not found a resolution to this. We're currently using WiX 3.7, so I can't say whether it's been fixed as of 3.8 – Underclothes 20/1, 2014 at 13:4

now that I think about this, I've seen this behavior. I have this one install that every once in awhile both auth are enabled. Hmmmm. – Odorous 19/5, 2015 at 2:15

+1 on looking for a resolution. I deploy to two different environments, and one of them has this issue inconsistently. Some days, we have anon and windows enabled, and on other days Windows only (by design). – Toliver 8/8, 2016 at 14:31

I am still seeing this behavior as of Wix v3.11. – Camouflage 29/1, 2018 at 23:26

Alternatively, you can write a batch script to create a website and call from WIX as custom action.

Batch file

%systemroot%\system32\inetsrv\appcmd.exe add site /name:YourWebSite /PhysicalPath:%systemdrive%\inetpub\wwwroot /bindings:http/*:80:

WIX(product.wxs)

<CustomAction Id="CreateWebsite" Execute="deferred" Impersonate="no" Return="check" Directory="TARGETDIR" PatchUninstall="no" ExeCommand="Batchfilepath" />

<InstallExecuteSequence>
<Custom Action="CreateWebsite" Before="InstallFinalize">NOT Installed AND NOT PATCH</Custom>
</InstallExecuteSequence>

Change your ExeCommand attribute value to point to the correct batch file path.

Landonlandor answered 3/6, 2015 at 12:53 Comment(0)

The workaround for me was to disable Anonymous Authentication at the server level.

It seems that when this flakiness occurs it does inherit the setting from the server level, although I've no idea why it only happens sometimes.

Here's the Powershell script:

Set-WebConfigurationProperty -Filter "/system.webServer/security/authentication/anonymousAuthentication" -Name Enabled -Value False -PSPath IIS:\

Roscoe answered 15/6, 2017 at 9:20 Comment(0)

Recommended topics

Hot tags