automate iis client cert mapping

My first post didn't seem to go through, apologies if this is a repeat.

I am attempting to automate the process of setting up client cert
authentication for a web app. Basically, I need to automate setting "Accept
client certificate" for a particular web app and enable client cert mapping
for that web app and setup the certificate to account mapping. From the
research I have done I think that the proper wmi/adsi object is
IIsCertMapper in terms of mapping a particular cert to an account (I just
need a 1 to 1 mapping)

My problem is that when (in powershell) I use the following:
gwmi -list -n "root/microsoftiisv2"
I see the IIsCertMapper class but when I gwmi IIsCertMapper -n
"root/microsoftiisv2" the object returned seems to be null (i.e. passing it
to get-member produces an error).

I have a feeling that I need to first create an instance of the
IIsCertMapper that is attached/contained by the webapp but I haven't
figured out how to do that.
I would prefer to use powershell and wmi to get the job done but at this
point I really don't care.

If anyone has any insight in how to automate this process or an example of
how to properly use IIsCertMapper I would greatly appreciate it.

Thanks
eric

Ok, I figure that I need to create an instance of the IIsCertMapper class
but I get an error when I try to do this.
PS C:\> $cMapperCl = [wmiclass]"root/MicrosoftIISv2:IIsCertMapper"
PS C:\> $cMapperCl


IIsCertMapper


PS C:\> $cMapperIn = $cMapperCl.CreateInstance()
PS C:\> $cMapperIn
format-default : Exception retrieving members: "Not found "

I am not sure what I am doing wrong here. I am able to create the instance
in cim studio.

I am also able to use com
PS C:\> $loc = New-Object -com WbemScripting.SWbemLocator
PS C:\> $loc

Security_
---------
System.__ComObject


PS C:\> $conn = $loc.ConnectServer("Localhost", "root/MicrosoftIISv2")
PS C:\> $certMapper = $conn.Get("IIsCertMapper").SpawnInstance_()
PS C:\> $certMapper


Qualifiers_ : {dynamic, Locale, provider}
Properties_ : {Caption, Description, InstallDate, Name...}
Methods_ : {CreateMapping, DeleteMapping, GetMapping, SetAcct...}
Derivation_ : {CIM_LogicalElement, CIM_ManagedSystemElement}
Path_ : System.__ComObject
Security_ : System.__ComObject
SystemProperties_ : {__PATH, __NAMESPACE, __SERVER, __DERIVATION...}

Thanks

Sorry for the long post but I think all the info is needed to get across
what is going on.

I decided to try creating a website.
ServerBinding has the same problem as IIsCertMapper in that the
CreateInstance method of the wmiclass doesn't seem to work:

PS C:\> $serBindCl = [wmiclass]"root/microsoftiisv2:ServerBinding"
PS C:\> $serBindCl


ServerBinding


PS C:\> $serBindIn = $serBindCl.CreateInstance()
PS C:\> $serBindIn
format-default : Exception retrieving members: "Not found "

But based on a post by mow I decided to try to use it anyway (the post had
to do with datatables
http://mow001.blogspot.com/2005_10_0...archive.html):

PS C:\> $serBindIn.IP = ""
PS C:\> $serBindIn.Hostname = ""
PS C:\> $serBindIn.Port = "1234"
PS C:\> $webService = gwmi IIsWebService -n "root/microsoftiisv2"
PS C:\> $webService.CreateNewSite("MySite", $serBindIn,
"C:\Inetpub\wwwroot")


__GENUS : 2
__CLASS : __PARAMETERS
__SUPERCLASS :
__DYNASTY : __PARAMETERS
__RELPATH :
__PROPERTY_COUNT : 1
__DERIVATION : {}
__SERVER :
__NAMESPACE :
__PATH :
ReturnValue : IIsWebServer='W3SVC/434112589'

As you can see even though powershell doesn't seem to be able to see into
the ServerBinding Instance created by the CreateInstance method, it is still
usable.

next I tried looking at psbase

PS C:\> $serBindIn
format-default : Exception retrieving members: "Not found "

Try looking at the base:
PS C:\> $serBindIn.psbase


Scope : System.Management.ManagementScope
Path :
Options : System.Management.ObjectGetOptions
ClassPath : ServerBinding
Properties : {Hostname, IP, Port}
SystemProperties : {__GENUS, __CLASS, __SUPERCLASS, __DYNASTY...}
Qualifiers : {Locale, provider}
Site :
Container :

Try commiting it
PS C:\> $serBindIn.psbase.Put()


Path :
\\.\root\microsoftiisv2:ServerBinding.Hostname="{7F06EBFF-3AD0-43FC-BCC2-A5696BB69C80}",IP="{3A32E542-A
641-404E-A66C-AFE5730A33D0}",Port="{F9623D98-93D6-41F5-856B-865CC020516A}"
RelativePath :
ServerBinding.Hostname="{7F06EBFF-3AD0-43FC-BCC2-A5696BB69C80}",IP="{3A32E542-A641-404E-A66C-AFE5730A33
D0}",Port="{F9623D98-93D6-41F5-856B-865CC020516A}"
Server : .
NamespacePath : root\microsoftiisv2
ClassName : ServerBinding
IsClass : False
IsInstance : True
IsSingleton : False

And now I can see it normally:
PS C:\> $serBindIn


__GENUS : 2
__CLASS : ServerBinding
__SUPERCLASS : IIsStructuredDataClass
__DYNASTY : IIsStructuredDataClass
__RELPATH :
ServerBinding.Hostname="{7F06EBFF-3AD0-43FC-BCC2-A5696BB69C80}",IP="{3A32E542-A641-404E-A66C-AFE5730
A33D0}",Port="{F9623D98-93D6-41F5-856B-865CC020516A}"
__PROPERTY_COUNT : 3
__DERIVATION : {IIsStructuredDataClass}
__SERVER : SVC-EKNUTSEN-3
__NAMESPACE : ROOT\microsoftiisv2
__PATH :
\\SVC-EKNUTSEN-3\ROOT\microsoftiisv2:ServerBinding.Hostname="{7F06EBFF-3AD0-43FC-BCC2-A5696BB69C80}"
,IP="{3A32E542-A641-404E-A66C-AFE5730A33D0}",Port="{F9623D98-93D6-41F5-856B-865CC020516A}"
Hostname : {7F06EBFF-3AD0-43FC-BCC2-A5696BB69C80}
IP : {3A32E542-A641-404E-A66C-AFE5730A33D0}
Port : {F9623D98-93D6-41F5-856B-865CC020516A}

For some reason the object has to be committed to the metabase in order for
powershell to be able to enumerate it's properties and methods?

Unfortunately my original problem is still not solved because of the
following error:

PS C:\> $certMapperClass = [wmiclass]"root/microsoftiisv2:IIsCertMapper"
PS C:\> $certMapperIn = $certMapperClass.CreateInstance()
PS C:\> $certMapperIn.psbase.Put()
Exception calling "Put" with "0" argument(s): "Invalid object "
At line:1 char:25
+ $certMapperIn.psbase.Put( <<<< )

Even if I am able to create the IIsCertMapper instance I am not sure what to
do with it