Develop Reference

Detecting a kill request in a Windows service with dotnet core 3.1

I have created a Windows service on dotnet core 3.1 using the class BackgroundService.
Is there a way to detect a kill request that was sent e.g. via the task manager, with taskkill or programmatically?

Some basic steps in the command prompt for you to follow:
1 - Find out the Service Name
2 - Find out the PID of the service
sc queryex servicename
3 - Kill the PID
taskkill /f /pid [PID]
You can read more.

ASP.Net Webforms, run Powershell script on more than 200 Windows 10 machines where firewall is enabled

I need to Change Service user, Start and Stop Windows Services through PowerShell. I am invoking the PowerShell script from an ASP.Net Webforms.
All 200 Windows 10 machines are firewall enabled. I am using following Powershell code segment to change user:
$oService = Get-WmiObject -ComputerName $Server -Query "SELECT * FROM Win32_Service WHERE Name = '$sServiceName'"
$oService.StopService() | Out-Null
$oService = Get-WmiObject -ComputerName $Server -Query "SELECT * FROM Win32_Service WHERE Name = '$sServiceName'"
$oService.Change($null,$null,$null,$null,$null,$null,"$sUsername",$sPassword) | Out-Null
When the firewall is turned on then the script throws exception for each machine.
I tried to run following command on each machines:
netsh advfirewall firewall set rule group="Windows Management Instrumentation (WMI)" new enable=yes
But still no luck. Is there any way to run Powershell scripts from Asp.Net Webforms where firewall is on for each machines?

How can I set the host name for a web site/web application in IIS using tfs release management client?

I have to deploy a few sites using TFS Release Management Client, all of them in them same machine so same IIS. They will be all on port 80 but the requests are served for different host names (domains).
Using IISConfig tool, it is possible to change the port but not the host name, do you know a quick way already implemented to achieve that without creating a custom tool?

As confirmed here, it is not possible but if you scroll down there is a suggestion how to quickly work around the limitation.
Creating 2 actions
-Command "& { Import-Module WebAdministration; New-WebBinding -Name '__Name__' -IPAddress '__IPAddress__' -Port '__Port__' -HostHeader '__HostHeader__' }"
and
-Command "& { Import-Module WebAdministration; Remove-WebBinding -Name '__Name__' -IPAddress '__IPAddress__' -Port '__Port__' -HostHeader '__HostHeader__' } "

Configuring IIS Client Certificate Mapping Authentication

I'm trying to configure IIS client cert mapping on IIS 8, Windows Server 2012. I don't see the configuration showing up in applicationHost.config, and the cert I'm trying to present isn't offered up as an option by my browser.
Here's what I've tried so far:
In IIS, I created a top-level site called "PackageManager":
SSL Settings are as follows:
Authentication: Enabled Anonymous:
In Configuration Editor,
Section: system.webServer/security/authentication/iisClientCertificateMappingAuthentication
From: ApplicationHost.config <location path=’PackageManager’>
I set the following:
I wanted manyToOneMappings so I could map the cert to my service account (a domain user):
Here I created 2 rules to match the Subject and Issuer CN's of the GoDaddy cert:
Then I generated a PowerShell script for all the above as follows:
Set-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -location 'PackageManager' -filter "system.webServer/security/authentication/iisClientCertificateMappingAuthentication" -name "enabled" -value "True"
Set-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -location 'PackageManager' -filter "system.webServer/security/authentication/iisClientCertificateMappingAuthentication" -name "defaultLogonDomain" -value "CMC"
Add-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -location 'PackageManager' -filter "system.webServer/security/authentication/iisClientCertificateMappingAuthentication/manyToOneMappings" -name "." -value #{name='My 1st Mapping';description='1st User Mapping';userName='DOMAIN\username';password='XXXXXXXXXXX'}
Add-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -location 'PackageManager' -filter "system.webServer/security/authentication/iisClientCertificateMappingAuthentication/manyToOneMappings/add[#name='My 1st Mapping']/rules" -name "." -value #{certificateField='Subject';certificateSubField='CN';matchCriteria='*.mydomain.com';compareCaseSensitive='False'}
Add-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -location 'PackageManager' -filter "system.webServer/security/authentication/iisClientCertificateMappingAuthentication/manyToOneMappings/add[#name='My 1st Mapping']/rules" -name "." -value #{certificateField='Issuer';certificateSubField='CN';matchCriteria='Go Daddy Secure Certificate Authority - G2';compareCaseSensitive='False'}
What’s weird about all the above, is that I don’t see any references to this configuration in C:\Windows\System32\inetsrv\Config\applicationHost.config.
When browsing this site, I get prompted to use a cert, but IE doesn't present the cert I was expecting:
That was a self-signed cert I had been experimenting with.
Then I get hit with a lovely 403, so I’m at an impasse.
What am I doing wrong in the config that it doesn't show up in applicationHost.config, and why am I not given a choice to present my client cert (it's in my store)?

I experienced the same problem under Windows Server 2012 and I solved it by adding two additional registry keys under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet \Control\SecurityProviders\Schannel:
• ClientAuthTrustMode Value type: REG_DWORD, Value data: 2
• SendTrustedIssuerList Value type: REG_DWORD, Value data: 0
For more information see IIS 8.5 - Mutual certificates authentication fails with error 403.16

Your GoDaddy certificate seems to be a Server Authentication certificate (Server authentication OID 1.3.6.1.5.5.7.3.1) that can be used by IIS for SSL security and this one should be installed in Certificates>>Local computer>>Personal
For client certificates you need Client authentication OID 1.3.6.1.5.5.7.3.2 and this one should be installed in Certificates>>Current User>>Personal.
demo

Scripting remote control for IIS 7

My server is running on windows server 2008, IIS 7.
My client is Windows server 2003 or Windows XP.
I want to start/stop websites remotely.
I easily managed to do it interactively using IIS 7 manager on my clients machines (cf http://blogs.iis.net/bdela/archive/2007/10/08/remote-administration-managing-iis-7-rco-from-windows-xp-2k3-and-vista.aspx )
But I want to do it in a non interactive-way, the goal is to script this as part of a msbuild script.
I tried the MSBuildExtensionPack but it works only if IIS7 is installed on the client site.
I tried powershell cmdlets, but I have to start dcom on the server (http://learn.iis.net/page.aspx/160/writing-powershell-commandlets-for-iis-70/ ).
What can I do?

If you can upgrade both client and server to PowerShell 2.0 you could use PowerShell remoting along with PowerShell 2.0's WebAdministration module to do this. First you need to enable remoting on the server PowerShell like so (from an elevated prompt):
PS> Set-ExecutionPolicy RemoteSigned
PS> Enable-PSRemoting -Force
Then on the client machine execute the following:
PS> Invoke-Command servername {Import-Module WebAdministration; Stop-WebSite Foo}

Thanks! Powershell 2.0 did the trick. Nevertheless your commands didn't seem to work.
On the server side I ran
PS> winrm quickconfig
and on the client side I ran
PS> Invoke-Command -computername servername -scriptblock {[system.reflection.assembly]::loadfrom("c:\windows\system32\inetsrv\microsoft.web.administration.dll");$server2 = New-object microsoft.web.administration.servermanager;$server2.Sites["Foo"].Stop()}
As described in : http://www.powershellcommunity.org/Default.aspx?tabid=55&EntryID=65