Encrypted Properties
Applies To: Windows Server 2003, Windows Server 2003 with SP1
IIS encrypts sensitive data in the metabase configuration file, MetaBase.xml, so that it cannot be viewed even if an unauthorized user gains access to the file.
Important
Do not manually change encrypted properties in MetaBase.xml. There is no way to encrypt your data before inserting it by using Notepad or another text editor. Only WMI, ADSI, or ABOs can be used to change the data in encrypted properties.
Metabase properties are marked for encryption by an attribute that is set on the property in the metabase schema file. The following example from the metabase schema file shows how the AnonymousUserPass property is marked for encryption with a SECURE attribute:
<Property InternalName = "AnonymousUserPass" ID = "6021" Type = "STRING" UserType = "IIS_MD_UT_FILE"
Attributes = "INHERIT|SECURE" MetaFlagsEx = "CACHE_PROPERTY_MODIFIED"
DefaultValue = ""/>
Warning
You cannot use WMI, ADSI, or ABOs to add an attribute to an existing property in the metabase schema. For example, you cannot add the SECURE attribute to an existing property. If you attempt to use WMI, ADSI, or ABOs to remove a property in the metabase schema and then create it again with the SECURE attribute, the metabase configuration data for that property is lost. You can, however, use ADSI to create new properties in the metabase schema with the SECURE attribute. Manual changes made to the metabase schema are not supported and might cause an error.
The following metabase properties are encrypted:
ADConnectionsPassword
AdminACL
AdminACLBin
AnonymousUserPass
ImapDsPassword
LogOdbcPassword
Pop3DsPassword
RoutePassword
SmtpDsPassword
UNCPassword
FeedPassword
WAMUserPass