File-Level Security
IIS installs the metabase files with strict access control entries (ACEs) set to prevent anyone but administrators from viewing your configuration data. An Access Control List (ACL) is a container for ACEs.
The following table lists the metabase files, their purpose, and the permissions that are set on them.
| File | Purpose | Access Control List (ACL) |
|---|---|---|
| systemroot\System32\Inetsrv\MetaBase.xml | Stores configuration data for the IIS services. For more information, see Metabase Configuration File. | NT AUTHORITY\SYSTEM : Full control BUILTIN\Administrators : Full control |
| systemroot\System32\Inetsrv\MBSchema.xml | Stores the schema for the configuration file. The schema defines what IIS properties can be set at certain metabase nodes. For more information, see Metabase Schema. | NT AUTHORITY\SYSTEM : Full control BUILTIN\Administrators : Full control |
| systemroot\System32\Inetsrv\History\History File | Stores the metabase history files that are created automatically by IIS. For more information, see Rolling Back the Metabase Using History Files. | NT AUTHORITY\SYSTEM : Full control BUILTIN\Administrators : Full control |
| systemroot\System32\Inetsrv\MetaBack\Backup File | Stores the metabase backup files that are created on demand by using the Backup/Restore Configuration feature. For more information, see Backing Up and Restoring the IIS Metabase. | NT AUTHORITY\SYSTEM : Full control BUILTIN\Administrators : Full control |
Related Topics
- For information on access control, see "Access Control" in Windows Help.