Skip to main content

How to manage IIS locally with a non-admin account?

System administrators use IIS Manager to host and manage their web applications in IIS. In the majority of the companies I worked with, administrators use a local or domain account that has local admin rights to use IIS Manager. How about non-admin accounts? Can a non-administrator account use IIS Manager?

The answer is YES depending on what you want to manage and how you want to access IIS Manager.

New post-apocalyptic fiction book
My new book is releasing in November 2020!

If you login to Windows Server with a non-admin account and open IIS Manager, you can only manage

  • Websites
  • Applications

Non-admin accounts can’t manage application pools locally. This is by-design.

In the next section, I will briefly explain how to manage websites and applications locally with a non-admin account.

Manage IIS websites and applications locally with a non-admin account

The steps below are for a website. You can use similar steps for applications.

  1. Go to IIS Manager
  2. Click the website. Open “IIS Manager Permissions
  3. Click “Allow User”. Add your domain or local users (In the screenshot below, I used IISTEAM domain)
  4. Log off administrator. Log in with non-admin user
  5. Go to IIS Manager
  6. Select “File > Connect to Site
  7. Enter “localhost” as a server name and enter your site name. Click “Next
  8. Enter username and password (a user from IIS Manager Permissions). Click “Finish
  9. The website will show up in IIS Manager
IIS manager permissions for non-admin accounts
Step 3 – IIS Manager Permissions
Remote IIS management with non-admin accounts
Step 7 – Connecting a remote site

For managing application pools with a non-admin user remotely, add users to IIS Manager Permissions just like we did above. Additionally, go to “IIS Manager > Management Service” and enable it. After this, you can open IIS Manager in another server and add this server as a new connection. Here is a good blog post about this.

You can also use or Windows Admin Center to manage IIS websites remotely.

After connecting to IIS Manager, you may see that some bindings are missing. Check this post out for the root cause and solution: Missing bindings in IIS (net.tcp, net.pipe, net.msmq, msmq.formatname)

One thought to “How to manage IIS locally with a non-admin account?”

Leave a Reply

Your email address will not be published. Required fields are marked *