Microsoft.Web.Administration; IIS Security; Enable default authentication methods


I needed to set up IIS 7 for a whole bunch of servers.
Part of the requiremants was to Enable default authentication methods
The manual way was like this:

In IIS Manager, click on Server Name again
Scroll down and double click Authentication
Right Click the Windows Authentication and select Enable
Right Click the Windows Authentication and select Advanced Settings
Uncheck the box for “Enable kernel-mode authentication”
Right click ASP.NET Impersonation and select Enable
Right click on Basic Authentication and select Enable (for F5 monitoring)
So the powershell way is like this:
I never did figure out how to Uncheck the box for “Enable kernel-mode authentication”
So i did it with appcmd.exe
#>

If ((Get-Module "WebAdministration" -ErrorAction SilentlyContinue) -eq $null){
Import-Module WebAdministration
}

if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null) {
    Add-PSSnapin "Microsoft.SharePoint.PowerShell"
}

if ((Get-Module "ServerManager" -ErrorAction SilentlyContinue) -eq $null) {
    Import-Module "ServerManager"
}


Set-WebConfigurationProperty -filter /system.webServer/security/authentication/anonymousAuthentication -name enabled -value False -PSPath IIS:\
Set-WebConfigurationProperty -filter /system.webServer/security/authentication/basicAuthentication -name enabled -value True -PSPath IIS:\
Set-WebConfigurationProperty -filter /system.webServer/security/authentication/windowsAuthentication -name enabled -value True -PSPath IIS:\
cd $env:windir\system32\inetsrv
.\appcmd.exe set config "Default Web Site" -section:system.webServer/security/authentication/windowsAuthentication /useKernelMode:"False"  /commit:apphost

Set-WebConfigurationProperty -Name impersonate -Filter system.web/identity -Value True
Advertisements

Automating a Synchronization


I wanted to sync our Dev Web site with our Prod Web site.
The idea was to move new files into the Prod site and delete any old or extra files.
Rather than write a POSH script I decided to use Beyond Compare 3. Great product, I highly recommend it.
http://www.scootersoftware.com/moreinfo.php
With some help from the folks at Scooter Software, I came up with this:


###### Start Posh Script ########

Function Show-Inputbox {
 Param([string]$message=$(Throw "You must enter a prompt message"),
       [string]$title="Input",
       [string]$default
       )

 [reflection.assembly]::loadwithpartialname("microsoft.visualbasic") | Out-Null
 [microsoft.visualbasic.interaction]::InputBox($message,$title,$default)

}

$Dev = Show-Inputbox -message "The New Web files location" `
-title "Path" -default "E:\DevSite\0000\"

$Prod = Show-Inputbox -message "The Prod Web files location" `
-title "Path" -default "E:\inetpub\0000\"

$left = $Dev
$right = $Prod

$exe = "E:\Tools\BEYOND~1\BCompare.exe"
$p = [diagnostics.process]::Start("cmd.exe", "/c start /wait " + $exe + " @E:\Scripts\PS1\IISProject\SyncWebSite.txt $left $right")

############# End POSH Script ###############


You also need to write a simple text file up that includes the parameters for BeyondCompare like this:

# Keeping a web site in sync
# This script keeps a web site in sync with development files.
######
# Turn verbose logging on.
log verbose append: “E:\WebSyncLog\%date%.txt”

# be carefull with the Quote marks, You may need to change them
# Set the comparison criteria.
criteria binary size
# Load source and target folders.
load %1 %2
# Filter to only include source files, ignore CVS subfolders.
# filter “*.htm;*.html;*.php;*.jpg;*.gif;-CVS\”
# Sync the local files to the web site, creating empty folders.
sync create-empty mirror:left->right
#######
I called it SyncWebSite.txt

Be very carefull with your left and right directories.
Once it’s synced there is no going back.

Some Great pictures of RIO

Randle's Photo Blog

Wander near any of the beaches in Rio de Janeiro and you’ll be quickly reminded why expats recently voted their favourite aspects of Rio 1) the beaches, 2) the people, 3) the weather, and 4) the quality of life.

The beaches personify Rio – sun, fun and sport abound at every turn. Whilst the beach promenades are dotted with numerous outdoor multi-gyms, home to rippling muscles, and palm trees form improvised pegs to a network of tightropes. The adjourning cycle path acts like some mass conveyor belt of joggers, skate boarders, skaters, cyclists and walkers.

Spot Capoeira

20120709-181005.jpg

20120709-181023.jpg

20120709-181040.jpg

20120709-181058.jpg

Beach promenades bustle with sporting activities

20120709-181308.jpg

Improvised tumbling entertains the more sedentary

20120709-181430.jpg

20120709-181449.jpg

20120709-181503.jpg

20120709-181519.jpg

20120709-181550.jpg

Whilst on the water

20120709-181653.jpg

Local colour abounds

20120709-181746.jpg

20120709-181825.jpg

Fut volley raises the bar on more traditional beach volleyball

20120709-181951.jpg

20120709-182011.jpg

Beach volleyball dominates

20120709-182125.jpg

20120709-182138.jpg

From the early morning work-out

20120709-182930.jpg

To a mid-week play in the sea

20120709-183249.jpg

Making sand castles

20120709-183834.jpg

To a more crowded affair

20120709-184025.jpg

Or…

View original post 5 more words

Powershell, IIS and driving myself nuts


I was asked to come up with a script to recycle the appPools on a variety of Web Servers
with a large number of Web Sites. Some of these servers are IIS6 and some are IIS7 or IIS7.5.
I had to come up with two separate functions because the names of things changed between IIS6 and IIS7.

IIS 6

function Recycle6 {  $strServer = “MyServer”
  $pool= “MyAppPool”
  $appPool = get-wmiobject -namespace "root\MicrosoftIISv2 -class "IIsApplicationPool" -computername $strServer -authentication pktPrivacy |
  where-object {$_.Name -eq "W3SVC/AppPools/$Pool"}
$appPool.Recycle()
Start-Sleep 2
$appPoolState = ([ADSI] "IIS://$strServert/W3SVC/AppPools/$Pool").AppPoolState
switch($appPoolState) {
	1 { $strState = "starting" }
	2 { $strState = "started" }
	3 { $strState = "stopping" }
	4 { $strState = "stopped"	}
	default { $strState = "Unknown"	}
}
	$strDate = Get-Date
	Write-Host "$strServer $pool $strState on $strDate"
If ($error) {
	Write-Host $Error }
	}

How about IIS 7 ?

function Recycle7 {
	$strServer = “MyServer”
	$pool= $combobox1.Text
	$namespace = "root\WebAdministration"
   Write-Host  "$strServer $pool $Namespace"
$strFile ="\\myServer\E$\scripts\ps1\RestartAppPool.log"
Get-WmiObject -Namespace 'root\webadministration' -Class ApplicationPool -ComputerName  $strServer -Authentication 6 -Filter "Name= $pool" |
Invoke-WmiMethod -Name Recycle
$a = Get-WmiObject -class ApplicationPool -computername $strServer -namespace $namespace -authentication 6 -Filter "Name = $pool"
$appPoolState = $a.GetState().ReturnValue
switch($appPoolState) {
	1 { $strState = "starting" }
	2 { $strState = "started" }
	3 { $strState = "stopping" }
	4 { $strState = "stopped"	}
	default { $strState = "Unknown"	}
		}
	$strDate = Get-Date
	Write-Host "$strServer $pool $strState on $strDate"
}

Three things jump out at you when you study these functions:

IIS 6 vs. IIS7

1. $namespace = root\MicrosoftIISv2 vs. -namespace “root\WebAdministration
2. -class IIsApplicationPool vs. –class ApplicationPool
3. -authentication pktPrivacy vs. -authentication 6 ( 6 is PacketPrivacy )