Question:
I need to give a user (developer) permission to
- restart IIS
- add applications
- copy websites to inetput/wwwroot
- change IIS settings
The user does and may NOT have admin rights, as this would enable him to install programs.
Operating system: Windows 7, Enterprise Edition
How can I do that ?
See Delegate Site and Application Management (IIS 7)
I assume you mean that the developer is using Windows 7 and the server is either Windows Server 2008 or 2008 R2? If that is the case, have a look at the IIS Web Deployment Tool. Additional documentation can be found here.
With the Web Deployment Tool installed on your server, you as an administrator can delegate certain things such as adding applications, restarting app pools, deploying content to the wwwroot, etc. Rules and permissions can be setup so that non-administrators can perform these functions. You will, however, have to setup certain accounts to be able to perform these "admin" functions as a non-admin. A designated local or domain account will need to be setup as an administrator on the server, and the providers configured to run as that account when a non-administrator user uses it. Here is an example of that.
Note: The configuration in the Web Deployment Tool would be in addition to any features within IIS Manager that you have delegated permissions (i.e. certain web.config settings.).