Home
%3CLINGO-SUB%20id%3D%22lingo-sub-1006358%22%20slang%3D%22en-US%22%3EManage%20IIS%20locally%20with%20a%20non-admin%20account%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1006358%22%20slang%3D%22en-US%22%3E%3CP%3EAdministrators%20mostly%20use%20a%20local%20or%20domain%20account%20that%20has%26nbsp%3B%3CSTRONG%3Elocal%20admin%20rights%3C%2FSTRONG%3E%26nbsp%3Bto%20manage%20IIS.%20How%20about%26nbsp%3B%3CSTRONG%3Enon-administrator%26nbsp%3B%3C%2FSTRONG%3Eaccounts%3F%20Can%20a%20non-administrator%20account%20use%20IIS%20Manager%3F%3C%2FP%3E%0A%3CP%3EThe%20answer%20is%26nbsp%3B%3CSTRONG%3EYES%26nbsp%3B%3C%2FSTRONG%3Ebut%20it%20also%20depends%20on%20what%20you%20manage%20and%20how%20you%20access%20IIS%20Manager.%3C%2FP%3E%0A%3CP%3EIf%20you%20login%20to%20the%20server%20with%20a%20non-admin%20account%20and%20go%20to%20IIS%20Manager%2C%20you%20can%20only%20manage%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EWebsites%3C%2FLI%3E%0A%3CLI%3EApplications%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EBy%20design%2C%20non-admin%20accounts%20can%E2%80%99t%20manage%20application%20pools%20locally.%3C%2FP%3E%0A%3CP%3EHowever%2C%20If%20you%20open%20IIS%20Manager%20in%20another%20server%20and%20connect%20it%20to%20your%20actual%20server%20from%20there%2C%20you%20can%20manage%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EApplication%20pools%3C%2FLI%3E%0A%3CLI%3EWebsites%3C%2FLI%3E%0A%3CLI%3EApplications%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EThe%20following%20steps%20are%20for%20a%20website.%20You%20can%20use%20similar%20steps%20for%20applications.%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3EOpen%20IIS%20Manager%3C%2FLI%3E%0A%3CLI%3EClick%20the%20website%3C%2FLI%3E%0A%3CLI%3EDouble%20click%20%E2%80%9C%3CSTRONG%3EIIS%20Manager%20Permissions%3C%2FSTRONG%3E%E2%80%9D%3C%2FLI%3E%0A%3CLI%3EClick%20%E2%80%9C%3CSTRONG%3EAllow%20User%3C%2FSTRONG%3E%E2%80%9D.%20Add%20your%20domain%20or%20local%20users%20(I%20used%20IISTEAM%20domain%20%E2%80%93%20see%20the%20screenshot)%3C%2FLI%3E%0A%3CLI%3ELog%20off%20administrator%3C%2FLI%3E%0A%3CLI%3ELog%20back%20in%20with%20a%20non-admin%20user%3C%2FLI%3E%0A%3CLI%3EOpen%20IIS%20Manager%3C%2FLI%3E%0A%3CLI%3ESelect%20%E2%80%9C%3CSTRONG%3EFile%20%26gt%3B%20Connect%20to%20Site%3C%2FSTRONG%3E%E2%80%9D%3C%2FLI%3E%0A%3CLI%3EEnter%20%E2%80%9C%3CSTRONG%3Elocalhost%3C%2FSTRONG%3E%E2%80%9D%20as%20a%20server%20name.%20Enter%20your%20site%20name.%20Click%20%E2%80%9C%3CSTRONG%3ENext%3C%2FSTRONG%3E%E2%80%9D%3C%2FLI%3E%0A%3CLI%3EEnter%20username%20and%20password%20(a%20user%20from%20IIS%20Manager%20Permissions%20list).%20Click%20%E2%80%9C%3CSTRONG%3EFinish%3C%2FSTRONG%3E%E2%80%9D%3C%2FLI%3E%0A%3CLI%3EThe%20website%20will%20show%20up%20in%20IIS%20Manager%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F156921i9BEC17D60D4DFD21%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_0.png%22%20title%3D%22clipboard_image_0.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3EStep%203%20%E2%80%93%20IIS%20Manager%20Permissions%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F156920iC69E9EF06E68B533%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_1.png%22%20title%3D%22clipboard_image_1.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3EStep%207%20%E2%80%93%20Connecting%20a%20remote%20site%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EFor%20managing%20application%20pools%20with%20a%20non-admin%20user%26nbsp%3B%3CSTRONG%3Eremotely%3C%2FSTRONG%3E%2C%20add%20users%20to%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fiis%2Fmanage%2Fremote-administration%2Fconfiguring-remote-administration-and-feature-delegation-in-iis-7%23configure-iis-manager-permissions-for-a-site-or-an-application%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EIIS%20Manager%20Permissions%3C%2FA%3E%26nbsp%3B(just%20like%20we%20did%20above).%20Then%20go%20to%20%E2%80%9CIIS%20Manager%20%26gt%3B%20Management%20Service%E2%80%9D%20and%20enable%20it.%20After%20this%20change%2C%20you%20can%20open%20IIS%20Manager%20in%20another%20server%20and%20add%20this%20server%20as%20a%20new%20connection%20(%3CA%20href%3D%22https%3A%2F%2Fblogs.msdn.microsoft.com%2Fasiatech%2F2011%2F07%2F20%2Fiis-7-delegate-remote-application-pool-recycling-for-non-administrator%2F%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Eblog%20post%3C%2FA%3E).%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1006358%22%20slang%3D%22en-US%22%3E%3CP%20style%3D%22margin%3A%200cm%200cm%207.5pt%200cm%3B%22%3E%3CSPAN%20style%3D%22font-size%3A%2013.5pt%3B%20font-family%3A%20'Arial'%2Csans-serif%3B%20color%3A%20%236b6b6b%3B%22%3EAdministrators%20mostly%20use%20a%20local%20or%20domain%20account%20that%20has%26nbsp%3Blocal%20admin%20rights%26nbsp%3Bto%20manage%20IIS.%20How%20about%26nbsp%3Bnon-administrator%26nbsp%3Baccounts%3F%20Can%20a%20non-administrator%20account%20use%20IIS%20Manager%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-TEASER%3E
Microsoft

Administrators mostly use a local or domain account that has local admin rights to manage IIS. How about non-administrator accounts? Can a non-administrator account use IIS Manager?

The answer is YES but it also depends on what you manage and how you access IIS Manager.

If you login to the server with a non-admin account and go to IIS Manager, you can only manage

  • Websites
  • Applications

By design, non-admin accounts can’t manage application pools locally.

However, If you open IIS Manager in another server and connect it to your actual server from there, you can manage:

  • Application pools
  • Websites
  • Applications

The following steps are for a website. You can use similar steps for applications.

  1. Open IIS Manager
  2. Click the website
  3. Double click “IIS Manager Permissions
  4. Click “Allow User”. Add your domain or local users (I used IISTEAM domain – see the screenshot)
  5. Log off administrator
  6. Log back in with a non-admin user
  7. Open IIS Manager
  8. Select “File > Connect to Site
  9. Enter “localhost” as a server name. Enter your site name. Click “Next
  10. Enter username and password (a user from IIS Manager Permissions list). Click “Finish
  11. The website will show up in IIS Manager

clipboard_image_0.png

Step 3 – IIS Manager Permissions

clipboard_image_1.png

Step 7 – Connecting a remote site

 

For managing application pools with a non-admin user remotely, add users to IIS Manager Permissions (just like we did above). Then go to “IIS Manager > Management Service” and enable it. After this change, you can open IIS Manager in another server and add this server as a new connection (blog post).