Are you using IIS6 or 7 or 7.5? I'm pretty (99.9%) sure that UNCPassword is not stored in clear text - you are just able to retrieve it in clear text if you use ADSI or WMI (and have the requisite permissions).
Cheers Ken From: Christopher Bodnar [mailto:[email protected]] Sent: Wednesday, 6 April 2011 6:14 AM To: NT System Admin Issues Subject: IIS WMI and PowerShell Thought I would pass this along in the hope that it may save someone some time: http://technet.microsoft.com/en-us/library/ff730973.aspx So I'm trying to retrieve some settings on virtual directories on an internal FTP sever we have. I've been trying to use PowerShell as much as possible instead of VBScript, so I fire it up and start working at it. Eventually decide on something like this: get-wmiobject -Class IIsFtpVirtualDirSetting -NameSpace root\MicrosoftIISv2 -Computer FTPSERVERNAME And I get "Access Denied", so I try another namespace on the same server: get-wmiobject -list -NameSpace root\Microsoftnlb -Computer FTPSERVERNAME Works perfectly. Huh?..... try another. All the namespaces enumerate except for MicrosoftIISv2. Again, huh?.... So I finally Google it and and found the link above, which explains it in detail. Ugh...... If you are still with me here, and interested, try enumerating the UNCUserName and UNCPassWord. I couldn't believe what I was seeing when I did that. I know it's FTP and across the wire the passwords are sent in clear text, but I had no idea they were stored that way as well. Not good. Thanks for listening. Chris Bodnar, MCSE, MCITP Technical Support III Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: [email protected]<mailto:[email protected]> Phone: 610-807-6459 Fax: 610-807-6003 ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
