How Do You Iterate Authentication for App IIS7 In PowerShell - iis-7

I need to iterate all authentication modes for an IIS Application and disable all except one.
something like:
foreach($itm in [collection of authentication modes for app]){
if([certain authentication]){enabled = true}else{enabled = false}}
I'm familiar with Set-WebConfigurationProperty.

You can iterate all native (as well as any installed third-party) authentication modes for the root web application for a given site by calling Get-WebConfiguration:
$siteName = "MySiteName"
$authentications = Get-WebConfiguration `
-filter "system.webServer/security/authentication/*" `
-PSPath "IIS:\Sites\$siteName"
You can also iterate the authentication modes for any given web application in the site (or even specific file(s)). The following retrieves the authentication modes for a contrived web application called "\foo":
$authentications = Get-WebConfiguration `
-filter "system.webServer/security/authentication/*" `
-PSPath "IIS:\Sites\$siteName\foo"
The SectionPath property can be used to examine the authentication mode, e.g.:
$authentications | foreach {$_.SectionPath}
Which outputs:
/system.webServer/security/authentication/digestAuthentication
/system.webServer/security/authentication/anonymousAuthentication
/system.webServer/security/authentication/iisClientCertificateMappingAuthentication
/system.webServer/security/authentication/basicAuthentication
/system.webServer/security/authentication/clientCertificateMappingAuthentication
/system.webServer/security/authentication/windowsAuthentication
You might think you could do something as simple as this in your foreach loop...
$authentications | `
foreach { $_.Enabled = $_.SectionPath.EndsWith('\windowsAuthentication') }
...but there's a problem. It doesn't work. It won't actually fail with an error, but it won't change anything either.
That's because authentication sections are locked. To change a setting in a locked section, you need to call Set-WebConfigurationProperty and include the -Location parameter, e.g.,
Set-WebConfigurationProperty `
-filter "/system.webServer/security/authentication/windowsAuthentication" `
-name enabled -value true -PSPath "IIS:\" -location $siteName
I suppose you can still pipe the objects to the foreach-object cmdlet but it's probably going to be a lot easier to read (and maintain) if you script this using a foreach loop.
$siteName = "MySiteName"
$authentications = Get-WebConfiguration `
-filter "system.webServer/security/authentication/*" `
-PSPath "IIS:\Sites\$siteName"
foreach ($auth in $authentications)
{
$auth.SectionPath -match "/windowsAuthentication$"
$enable = ($matches.count -gt 0)
Set-WebConfigurationProperty `
-filter $auth.SectionPath `
-name enabled -value $enable -PSPath "IIS:\" -location $siteName
}

Related

Azure Powershell - Problem with assigning private IP address to an NIC

Here is my script
$my_vnet = Get-AzVirtualNetwork -Name <vnet_name>
$my_subnet = Get-AzVirtualNetworkSubnetConfig -Name <subnet_name> -VirtualNetwork $my_vnet
Add-AzNetworkInterfaceIpConfig -Name ext-ipconfig6 -NetworkInterface $my_nic -
Subnet $my_subnet -PrivateIpAddress 10.0.0.6
There is no error when running the script. If I use the following command to check, I do see the IP object created.
Get-AzNetworkInterfaceIpConfig -Name ext-ipconfig6 -NetworkInterface $my_nic
...
{
"Name": "ext-ipconfig6",
"PrivateIpAddress": "10.0.0.6",
"PrivateIpAllocationMethod": "Static",
"Subnet": {
"Id": "blabla"
},
"Primary": false
}
However, I don't see it created on the portal.
Comparing with others created in the portal, I see other properties like Etag, Id, ProvisioningState, ...etc. Where did I do wrong...?
Thanks!
You are just creating the Network Interface IP configuration and not setting it to the existing Network interface itself.
I tested the same script which resulted as below :
To fix the above you will have to add | Set-AzNetworkInterface after the Add-AzNetworkInterfaceIpConfig command like below :
$vnet = Get-AzVirtualNetwork -Name "ansuman-vnet" -ResourceGroupName "ansumantest"
$nic= Get-AzNetworkInterface -Name "ansumannic01" -ResourceGroupName "ansumantest"
Add-AzNetworkInterfaceIpConfig -Name "IPConfig2" -NetworkInterface $nic -Subnet $vnet.Subnets[0] -PrivateIpAddress "10.0.0.7" | Set-AzNetworkInterface
Output:

MSB4018 Error Visual Studio 2015 ASP.Net and Error Publish Web App to Azure

I am working with Visual Studio 2015 Community with Azure 2.9 For the first time. I tried creating a brand new ASP.Net Web Application. The default template build and viewed in the Browser with no issues.
I tried publishing the site using Azure. When doing so I get this error
The "InvokePowerShell" task failed unexpectedly.
System.Management.Automation.CommandNotFoundException: The term '[cmdletbinding(SupportsShouldProcess=$true)]
param($publishProperties, $packOutput, $nugetUrl)
# to learn more about this file visit http://go.microsoft.com/fwlink/?LinkId=524327
$publishModuleVersion = '1.0.1'
function Get-VisualStudio2015InstallPath{
[cmdletbinding()]
param()
process{
$keysToCheck = #('hklm:\SOFTWARE\Wow6432Node\Microsoft\VisualStudio\14.0',
'hklm:\SOFTWARE\Microsoft\VisualStudio\14.0',
'hklm:\SOFTWARE\Wow6432Node\Microsoft\VWDExpress\14.0',
'hklm:\SOFTWARE\Microsoft\VWDExpress\14.0'
)
[string]$vsInstallPath=$null
foreach($keyToCheck in $keysToCheck){
if(Test-Path $keyToCheck){
$vsInstallPath = (Get-itemproperty $keyToCheck -Name InstallDir -ErrorAction SilentlyContinue | select -ExpandProperty InstallDir -ErrorAction SilentlyContinue)
}
if($vsInstallPath){
break;
}
}
$vsInstallPath
}
}
$vsInstallPath = Get-VisualStudio2015InstallPath
$publishModulePath = "{0}Extensions\Microsoft\Web Tools\Publish\Scripts\{1}\" -f $vsInstallPath, $publishModuleVersion
if(!(Test-Path $publishModulePath)){
$publishModulePath = "{0}VWDExpressExtensions\Microsoft\Web Tools\Publish\Scripts\{1}\" -f $vsInstallPath, $publishModuleVersion
}
$defaultPublishSettings = New-Object psobject -Property #{
LocalInstallDir = $publishModulePath
}
function Enable-PackageDownloader{
[cmdletbinding()]
param(
$toolsDir = "$env:LOCALAPPDATA\Microsoft\Web Tools\Publish\package-downloader-$publishModuleVersion\",
$pkgDownloaderDownloadUrl = 'http://go.microsoft.com/fwlink/?LinkId=524325') # package-downloader.psm1
process{
if(get-module package-downloader){
remove-module package-downloader | Out-Null
}
if(!(get-module package-downloader)){
if(!(Test-Path $toolsDir)){ New-Item -Path $toolsDir -ItemType Directory -WhatIf:$false }
$expectedPath = (Join-Path ($toolsDir) 'package-downloader.psm1')
if(!(Test-Path $expectedPath)){
'Downloading [{0}] to [{1}]' -f $pkgDownloaderDownloadUrl,$expectedPath | Write-Verbose
(New-Object System.Net.WebClient).DownloadFile($pkgDownloaderDownloadUrl, $expectedPath)
}
if(!$expectedPath){throw ('Unable to download package-downloader.psm1')}
'importing module [{0}]' -f $expectedPath | Write-Output
Import-Module $expectedPath -DisableNameChecking -Force
}
}
}
function Enable-PublishModule{
[cmdletbinding()]
param()
process{
if(get-module publish-module){
remove-module publish-module | Out-Null
}
if(!(get-module publish-module)){
$localpublishmodulepath = Join-Path $defaultPublishSettings.LocalInstallDir 'publish-module.psm1'
if(Test-Path $localpublishmodulepath){
'importing module [publish-module="{0}"] from local install dir' -f $localpublishmodulepath | Write-Verbose
Import-Module $localpublishmodulepath -DisableNameChecking -Force
$true
}
}
}
}
try{
if (!(Enable-PublishModule)){
Enable-PackageDownloader
Enable-NuGetModule -name 'publish-module' -version $publishModuleVersion -nugetUrl $nugetUrl
}
'Calling Publish-AspNet' | Write-Verbose
# call Publish-AspNet to perform the publish operation
Publish-AspNet -publishProperties $publishProperties -packOutput $packOutput
}
catch{
"An error occurred during publish.`n{0}" -f $_.Exception.Message | Write-Error
}' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
at System.Management.Automation.Runspaces.AsyncResult.EndInvoke()
at System.Management.Automation.PowerShell.EndInvoke(IAsyncResult asyncResult)
at Microsoft.Web.Publishing.Tasks.InvokePowerShell.Execute()
at Microsoft.Build.BackEnd.TaskExecutionHost.Microsoft.Build.BackEnd.ITaskExecutionHost.Execute()
at Microsoft.Build.BackEnd.TaskBuilder.<ExecuteInstantiatedTask>d__26.MoveNext() WebApplication1 0
I am assuming I missed something in my install? Anyone know what this error is or how to get passed it?
I upvoted this in the past, then apparently found the answer somewhere else, then forgot the answer again and ended up here again.
Adding <AutoParameterizationWebConfigConnectionStrings>False</AutoParameterizationWebConfigConnectionStrings>
in the csproj on the right PropertyGroup fixed the problem for me.

Problems when configuring Advance IIS logs with Powershell

The objectives of this script:
Create a new folder for each site
Create one log per site per day
A second script to backup/arhive scripts within a certain format
Stop all normal logging
# Ensure cmdlets are available
Import-Module WebAdministration
$Websites = (Get-Website).Name
foreach($site in $websites)
{
Stop-Website $site
}
# Disables http logging module
Set-WebConfigurationProperty -Filter system.webServer/httpLogging -PSPath
machine/webroot/apphost -Name dontlog -Value true
# Disables the default advanced logging config
Set-WebConfigurationProperty -Filter "system.webServer/advancedLogging/server
/logDefinitions/logDefinition[#baseFileName='%COMPUTERNAME%-Server']" -name
enabled -value false
# Enable Advanced Logging
Set-WebConfigurationProperty -Filter system.webServer/advancedLogging/server
-PSPath machine/webroot/apphost -Name enabled -Value true
# Move to location to store iis logs
cd C:\inetpub\Logs\Advancedlogs
# Create Folders if required
Foreach($site in $websites)
{
$FoldersPresent = Test-Path "C:\inetpub\logs\AdvancedLogs\$site"
if($FoldersPresent -eq $true)
{
Write-host "Folder exsists"
}
else
{
New-Item -ItemType directory $site
}
}
# Create hash table
$list = #{'Win32Status'='sc-win32-status';'URI-Stem'='cs-uri-stem';
'URI-Querystring'='cs-uri-query';'Time-UTC'='time';'Time-Local'='time-
local';'Take Taken'='TimeTakenMS';'Substatus'='sc-substatus';'Status'='sc-
status';'Site Name'='s-sitename';'Server-IP'='s-ip';'Server Port'='s-port';
'Server Name'='s-computername';'Protocol Version'='cs-version';'Protocol'='c-
protocol';'Method'='cs-method';'Date-UTC'='date';'Date-Local'='date-local';
'ContentPath'='s-contentpath';'Client-IP'='c-ip';'EndRequest-UTC'='EndRequest-
UTC';'Bytes Sent'='sc-bytes';'Bytes Received'='cs-bytes';'BeginRequest-
UTC'='BeginRequest-UTC';'UserName'='cs-username';'User Agent'='cs(User-
Agent)';'Referer'='cs(Referer)';'Proxy'='s-proxy';'Host'='cs(Host)';
'Cookie'='cs(Cookie)'}
# Set the log file fields
foreach($site in $Websites)
{
$AppName = $site
$appdrive = "C:\inetpub\logs\AdvancedLogs\$site"
$LogRotateFreq = "Daily"
Add-WebConfiguration /system.webServer/advancedLogging/Server
/logDefinitions IIS:\ -Location $AppName -value
#{baseFileName="%COMPUTERNAME%-$AppName";enabled="true";
logRollOption="Schedule";schedule=$LogRotateFreq;publishLogEvent="false"}
$list.GetEnumerator() | foreach {
Add-WebConfiguration "/system.webServer/advancedLogging/Server/logDefinitions/logDefinition[#baseFileName=""%COMPUTERNAME%-$AppName""]/selectedFields" IIS:\ -Location $AppName -value #{defaultValue="";required="false";logHeaderName=$_.Name;id=$_.Value;}
Set-WebConfiguration "/system.applicationHost/Sites/Site[#name=""$AppName""]/advancedLogging" -value #{directory="$appdrive"}
}
}
# Start the websites
foreach($site in $websites)
{
Start-Website $site
}
Links used for guidance:
http://forums.iis.net/t/1185802.aspx?No+log+files+created+by+Advanced+Logging
http://forums.iis.net/t/1193633.aspx?Configure+Advanced+Logging+through+powershellhttp://www.antonyfrancis.net/2014/01/automated-installation-and.html

How to use an enum type in powershell when configuring IIS using the powershell snapin

I am using the IIS Powershell snapin to configure a new web application from scratch. I am new to PS. The following script will not workl as PS is not recognising the ManagedPipelineMode enum. If I change the value to 0 it will work. How can I get PS to understand th enum. I tried the Add-Type cmdlet and also load the Microsoft.Web.Administration assembly without any scuccess, these lines are now commented.
How can I get this PS script working with the enum ?
#Add-Type -AssemblyName Microsoft.Web.Administration
#[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.Web.Administration")
Import-Module WebAdministration
$AppPoolName = 'Test AppPool'
if ((Test-Path IIS:\apppools\$AppPoolName) -eq $false) {
Write-Output 'Creating new app pool ...'
New-WebAppPool -Name $AppPoolName
$AppPool = Get-ChildItem iis:\apppools | where { $_.Name -eq $AppPoolName}
$AppPool.Stop()
$AppPool | Set-ItemProperty -Name "managedRuntimeVersion" -Value "v4.0"
$AppPool | Set-ItemProperty -Name "managedPipelineMode" -Value [Microsoft.Web.Administration.ManagedPipelineMode]::Integrated
$AppPool.Start()
}
The error message is:
Set-ItemProperty : [Microsoft.Web.Administration.ManagedPipelineMode]::Integrated is not a valid value for Int32.
It is expecting an integer, even though the underlying property is of type ManagaedPipelineMode. You can do below however:
$AppPool | Set-ItemProperty -Name "managedPipelineMode" -Value ([int] [Microsoft.Web.Administration.ManagedPipelineMode]::Classic)
PS:
Instead of
$AppPool = Get-ChildItem iis:\apppools | where { $_.Name -eq $AppPoolName}
you can do:
$AppPool = Get-Item iis:\apppools\$AppPoolName
Regarding: Add-Type -AssemblyName - this will only work for a canned set of assemblies that PowwerShell knows about. You have to find the assembly in your file system and use the -Path parameter. This worked on my system in a 64-bit PowerShell console:
Add-Type -Path C:\Windows\System32\inetsrv\Microsoft.Web.Administration.dll
Instead of using:
$AppPool | Set-ItemProperty -Name "managedPipelineMode" `
-Value [Microsoft.Web.Administration.ManagedPipelineMode]::Integrated
use:
$AppPool | Set-ItemProperty -Name "managedPipelineMode" `
-Value ([Microsoft.Web.Administration.ManagedPipelineMode]::Integrated)
or the even more succinct:
$AppPool | Set-ItemProperty -Name "managedPipelineMode" -Value Integrated
Why? The reason you need brackets in the first answer is because the parameter binder is treating the entire [Microsoft.Web.Administration.ManagedPipelineMode]::Integrated in your attempt as a string, which cannot be cast to that enumerated type. However, Integrated can be to that enum. By wrapping it in brackets, it is evaluated again as an expression and is treated as a full type literal.

Equivalent of *Nix 'which' command in PowerShell?

How do I ask PowerShell where something is?
For instance, "which notepad" and it returns the directory where the notepad.exe is run from according to the current paths.
The very first alias I made once I started customizing my profile in PowerShell was 'which'.
New-Alias which get-command
To add this to your profile, type this:
"`nNew-Alias which get-command" | add-content $profile
The `n at the start of the last line is to ensure it will start as a new line.
Here is an actual *nix equivalent, i.e. it gives *nix-style output.
Get-Command <your command> | Select-Object -ExpandProperty Definition
Just replace with whatever you're looking for.
PS C:\> Get-Command notepad.exe | Select-Object -ExpandProperty Definition
C:\Windows\system32\notepad.exe
When you add it to your profile, you will want to use a function rather than an alias because you can't use aliases with pipes:
function which($name)
{
Get-Command $name | Select-Object -ExpandProperty Definition
}
Now, when you reload your profile you can do this:
PS C:\> which notepad
C:\Windows\system32\notepad.exe
I usually just type:
gcm notepad
or
gcm note*
gcm is the default alias for Get-Command.
On my system, gcm note* outputs:
[27] » gcm note*
CommandType Name Definition
----------- ---- ----------
Application notepad.exe C:\WINDOWS\notepad.exe
Application notepad.exe C:\WINDOWS\system32\notepad.exe
Application Notepad2.exe C:\Utils\Notepad2.exe
Application Notepad2.ini C:\Utils\Notepad2.ini
You get the directory and the command that matches what you're looking for.
Try this example:
(Get-Command notepad.exe).Path
My proposition for the Which function:
function which($cmd) { get-command $cmd | % { $_.Path } }
PS C:\> which devcon
C:\local\code\bin\devcon.exe
A quick-and-dirty match to Unix which is
New-Alias which where.exe
But it returns multiple lines if they exist so then it becomes
function which {where.exe command | select -first 1}
I like Get-Command | Format-List, or shorter, using aliases for the two and only for powershell.exe:
gcm powershell | fl
You can find aliases like this:
alias -definition Format-List
Tab completion works with gcm.
To have tab list all options at once:
set-psreadlineoption -editmode emacs
This seems to do what you want (I found it on http://huddledmasses.org/powershell-find-path/):
Function Find-Path($Path, [switch]$All = $false, [Microsoft.PowerShell.Commands.TestPathType]$type = "Any")
## You could comment out the function stuff and use it as a script instead, with this line:
#param($Path, [switch]$All = $false, [Microsoft.PowerShell.Commands.TestPathType]$type = "Any")
if($(Test-Path $Path -Type $type)) {
return $path
} else {
[string[]]$paths = #($pwd);
$paths += "$pwd;$env:path".split(";")
$paths = Join-Path $paths $(Split-Path $Path -leaf) | ? { Test-Path $_ -Type $type }
if($paths.Length -gt 0) {
if($All) {
return $paths;
} else {
return $paths[0]
}
}
}
throw "Couldn't find a matching path of type $type"
}
Set-Alias find Find-Path
Check this PowerShell Which.
The code provided there suggests this:
($Env:Path).Split(";") | Get-ChildItem -filter notepad.exe
Try the where command on Windows 2003 or later (or Windows 2000/XP if you've installed a Resource Kit).
BTW, this received more answers in other questions:
Is there an equivalent of 'which' on Windows?
PowerShell equivalent to Unix which command?
If you want a comamnd that both accepts input from pipeline or as paramater, you should try this:
function which($name) {
if ($name) { $input = $name }
Get-Command $input | Select-Object -ExpandProperty Path
}
copy-paste the command to your profile (notepad $profile).
Examples:
❯ echo clang.exe | which
C:\Program Files\LLVM\bin\clang.exe
❯ which clang.exe
C:\Program Files\LLVM\bin\clang.exe
I have this which advanced function in my PowerShell profile:
function which {
<#
.SYNOPSIS
Identifies the source of a PowerShell command.
.DESCRIPTION
Identifies the source of a PowerShell command. External commands (Applications) are identified by the path to the executable
(which must be in the system PATH); cmdlets and functions are identified as such and the name of the module they are defined in
provided; aliases are expanded and the source of the alias definition is returned.
.INPUTS
No inputs; you cannot pipe data to this function.
.OUTPUTS
.PARAMETER Name
The name of the command to be identified.
.EXAMPLE
PS C:\Users\Smith\Documents> which Get-Command
Get-Command: Cmdlet in module Microsoft.PowerShell.Core
(Identifies type and source of command)
.EXAMPLE
PS C:\Users\Smith\Documents> which notepad
C:\WINDOWS\SYSTEM32\notepad.exe
(Indicates the full path of the executable)
#>
param(
[String]$name
)
$cmd = Get-Command $name
$redirect = $null
switch ($cmd.CommandType) {
"Alias" { "{0}: Alias for ({1})" -f $cmd.Name, (. { which $cmd.Definition } ) }
"Application" { $cmd.Source }
"Cmdlet" { "{0}: {1} {2}" -f $cmd.Name, $cmd.CommandType, (. { if ($cmd.Source.Length) { "in module {0}" -f $cmd.Source} else { "from unspecified source" } } ) }
"Function" { "{0}: {1} {2}" -f $cmd.Name, $cmd.CommandType, (. { if ($cmd.Source.Length) { "in module {0}" -f $cmd.Source} else { "from unspecified source" } } ) }
"Workflow" { "{0}: {1} {2}" -f $cmd.Name, $cmd.CommandType, (. { if ($cmd.Source.Length) { "in module {0}" -f $cmd.Source} else { "from unspecified source" } } ) }
"ExternalScript" { $cmd.Source }
default { $cmd }
}
}
Use:
function Which([string] $cmd) {
$path = (($Env:Path).Split(";") | Select -uniq | Where { $_.Length } | Where { Test-Path $_ } | Get-ChildItem -filter $cmd).FullName
if ($path) { $path.ToString() }
}
# Check if Chocolatey is installed
if (Which('cinst.bat')) {
Write-Host "yes"
} else {
Write-Host "no"
}
Or this version, calling the original where command.
This version also works better, because it is not limited to bat files:
function which([string] $cmd) {
$where = iex $(Join-Path $env:SystemRoot "System32\where.exe $cmd 2>&1")
$first = $($where -split '[\r\n]')
if ($first.getType().BaseType.Name -eq 'Array') {
$first = $first[0]
}
if (Test-Path $first) {
$first
}
}
# Check if Curl is installed
if (which('curl')) {
echo 'yes'
} else {
echo 'no'
}
You can install the which command from https://goprogram.co.uk/software/commands, along with all of the other UNIX commands.
If you have scoop you can install a direct clone of which:
scoop install which
which notepad
There also always the option of using which. there are actually three ways to access which from Windows powershell, the first (not necessarily the best) wsl -e which command (this requires installation of windows subsystem for Linux and a running distro). B. gnuwin32 which is a port of several gnu binaries in .exe format as standle alone bundled lanunchers option three, install msys2 (cross compiler platform) if you go where it installed in /usr/bin you'll find many many gnu utils that are more up-to-date. most of them work as stand alone exe and can be copied from the bin folder to your home drive somewhere amd added to your PATH.
There also always the option of using which. there are actually three ways to access which from Windows powershell
The first, (though not the best) is wsl(windows subsystem for linux)
wsl -e which command
This requires installation of windows subsystem for Linux and a running distro.
Next is gnuwin32 which is a port of several gnu binaries in .exe format as standle alone bundled lanunchers
Third, install msys2 (cross compiler platform) if you go where it installed in /usr/bin you'll find many many gnu utils that are more up-to-date. most of them work as stand alone exe and can be copied from the bin folder to your home drive somewhere amd added to your PATH.

Resources