Powershell script to modify IIS Auth

We are trying to use PowerShell script to modify the Anonymous Identity to that of the corresponding App Pool. The following command works while manually running on the server from a elevated powershell prompt:

Add-WebConfiguration –filter /system.webServer/security/authentication/anonymousAuthentication 'IIS:\Sites\api’
Set-Webconfigurationproperty –filter /system.webServer/security/authentication/anonymousAuthentication ‘IIS:\Sites\api’ –name username –value ‘’

When we add this to a Powershell script step during deployment it runs without error but Auth is not changed as expected. When we run it as a post package deployment script we get the following error:
Failed: CustomScriptConvention.PostDeploy.ps1
11:38:06 Verbose | Running PowerShell script: \fs-01\inetpub\api\CustomScriptConvention.PostDeploy.ps1
11:38:08 Error | Add-WebConfiguration : A positional parameter cannot be found that accepts
11:38:08 Error | argument ‘IIS:\Sites\api’.
11:38:08 Error | At \fs-01\inetpub\api\CustomScriptConvention.PostDeploy.ps1:10 char:1
11:38:08 Error | + Add-WebConfiguration â?"filter
11:38:08 Error | /system.webServer/security/authentication/anonymo …
11:38:08 Error | + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
11:38:08 Error | ~~~
11:38:08 Error | + CategoryInfo : InvalidArgument: (:slight_smile: [Add-WebConfiguration], Par
11:38:08 Error | entContainsErrorRecordException
11:38:08 Error | + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.IIs.PowerS
11:38:08 Error | hell.Provider.AddConfigurationCommand
11:38:08 Fatal | PowerShell script returned a non-zero exit code: 1
| Tentacle version

Any insight to getting these commands to work during deployment would be much appreciated.

Hi Doug,

Thanks for getting in touch!

Looking at the script you’ve supplied and the error, it looks like the ‘IIS:\Sites\api’ parameter you’re passing to the Set-WebConfigurationProperty Cmdlet hasn’t been named. Looking at the documentation for this cmdlet, it looks like this can be passed as a positional parameter, but maybe because you’re naming the first parameter it’s not understanding what you mean?

I haven’t tested, this but try updating that line to:

Set-Webconfigurationproperty –filter /system.webServer/security/authentication/anonymousAuthentication -PSPath 'IIS:\Sites\api' –name username –value ''

Hope that helps!


I will give it a shot. Why does it not error and not actually work when run as a PowerShell step (nothing in raw logs) and why does it not error and actually work when I run it manually? Octo tentacle is running as default local system, maybe the path is an issue for that profile and needs to be explicitly defined?

Adding -PSPath fixed the issue when running as a under a PowerShell step. Thanks!

Hi Doug,

Thanks for the reply, and I’m glad you got it working!

I actually don’t know why it would work in one context and not the other. If you’re running the exact same script, it should be consistent, but maybe there is something to do with the user profile?

Kind Regards,