I can only think of two ways go to about modifying IIS's configuration programmatically, from classic ASP. The first is to use COM classes such as ADSI or WMI to manipulate the configuration. The second would leverage the new ASP.Net classes that Microsoft introduced, Microsoft.Web.Administration. (For completeness, you could also use System.DirectoryServices, but these classes are just a managed wrapper around ADSI.)
I'm going to discuss the COM-based solution first, since this approach would involve the least amount of overhead. I'm going to focus on ADSI, as opposed to WMI, since that's what I've used in the past. ADSI can be used add sites, vdirs, apps, etc.
Dim myNewSiteID, oIIsWebServiceObj, oBindings
oBindings = Array(0)
Set oBindings(0) = providerObj.get("ServerBinding").SpawnInstance_()
oBindings(0).IP = "192.168.1.1"
oBindings(0).Port = "80"
oBindings(0).Hostname = "yournewsite.example.com"
Set oIIsWebServiceObj = GetObject("IIS://MachineName/W3SVC")
myNewSiteID = oIIsWebServiceObj.CreateNewSite("NewSite", oBindings, _
To create a new virtual directory, you could use:
Dim IIsWebVDirRootObj, IIsWebVDirObj
Set IIsWebVDirRootObj = GetObject("IIS://localhost/W3SVC/1/Root")
Set IIsWebVDirObj = IIsWebVDirRootObj.Create("IIsWebVirtualDir", "NewVDir")
IIsWebVDirObj.Put "Path", "C:\NewContent"
IIsWebVDirObj.Put "AccessRead", True
IIsWebVDirObj.Put "AccessScript", True
I'm 95% certain that in order to use either ADSI or WMI, you're going to need to enable the IIS6 Compatibility, since these COM objects attempt to manipulate the metabase, which newer versions of IIS no longer use. To enable IIS6 compatibility, see this MSDN page for IIS 7.5 or this MSDN page for IIS8.
If I was dead-set on using .Net somehow, I'd choose Microsoft.Web.Administration over System.DirectoryServices. No matter which .Net class you go with, you're going to have to wrap it to be able to use it from classic asp, since there's no native way to call .Net. In order to do this, you've need to wrap any code that you write in a CCW - a COM-Callable Wrapper. It's entirely possible to do this in such a way that you write all of your code in .Net, and instantiate a COM component that is just a container for all of the .Net code. I won't go into detail as to how to wrap .net code in a CCW, but your CCW'd .Net code would be as simple as:
ServerManager serverManager = new ServerManager();
Site mySite = serverManager.Sites.Add("NewSite", "C:\\Sites\\yournewsite", 80);
mySite.ServerAutoStart = true;
Now, the bigger problem: You are running as IUSR, or IUSR_MachineName, or some limited account that has absolutely no permissions to muck with IIS's configuration. One way or another, you're going to have to gain more permission. You might be able to use impersonation in classic asp, but the other approach is to change the identity that your application is running as. In your case, as absolutely scary as it is, you'd need to run as something much more privileged than IUSR.
Or, just turn off Anonymous Authentication, and enable Basic Auth. Then, grant sufficient privileges to the user that will be authenicating to the server, and the code should run fine.
Thank you! Approach 1 looks fantastic. I will try to set it up this evening. Permissions are obviously a concern. If I open up this hole for this one piece of code, it opens it for everything on this site. I might have to create a second app, like a web service or something to handle this. If that is the case, I could do it as .net.