I hope someone can help, I am trying to enable enable "ASP.Net Impersonation" under the Authenticatuin section in IIS7, I have enabled other sections using the following command:
Set-WebConfigurationProperty `
-filter /system.WebServer/security/authentication/windowsAuthentication `
-name enabled `
-value true `
-location $SiteName
But I cannot find a similar command for setting up ASP.net Impersonation, I am guessing it has something to do with being ASP.net not IIS.
Any insight would be appreciated.
Try this:
Set-WebConfigurationProperty `
-Filter system.web/identity `
-Name impersonate `
-Value True `
-Location $SiteName
Use -PSPath instead of -Location.
Set-WebConfigurationProperty -filter /system.web/identity -name impersonate -value true -PSPath 'IIS:\Sites\Default Web Site\WebApp'
Related
I have a script file in a VM that I want to reach from the azure portal in a Powershell runbook but it can't find the file. The file is manually saved in c:\ of the VM.
Code snippet in azure runbook:
IF ($VmAction -eq "Shutdown") {
try
{
Invoke-AzVMRunCommand -ResourceGroupName $ResourceGroupName -VMName $VmName -CommandId 'RunPowerShellScript' -ScriptPath 'C:\\stopservice.ps1' -ErrorVariable result
Stop-AzVM -Name $VmName -ResourceGroupName $ResourceGroupName -Force
}
catch
{
throw "Error: $($_.Exception.Message)"
}
The command "Invoke-AzVMRunCommand -ResourceGroupName $ResourceGroupName -VMName $VmName -CommandId 'RunPowerShellScript' -ScriptPath 'C:\stopservice.ps1' -ErrorVariable result" can be used on powershell on my computer so I think the issue is somewhere in Azure possibly.
script file (c:\stopservice.ps1):
try
{
Stop-Service -Name SSASTELEMETRY
}
catch
{
throw "Error: $($_.Exception.Message)"
}
(ps. the service name is for testing purposes, will stop different service when this works)
Have your Azure Automation runbook something like shown below. It should accomplish your requirement.
$ServicePrincipalConnection = Get-AutomationConnection -Name 'AzureRunAsConnection'
Add-AzAccount -ServicePrincipal -TenantId $ServicePrincipalConnection.TenantId -ApplicationId $ServicePrincipalConnection.ApplicationId -CertificateThumbprint $ServicePrincipalConnection.CertificateThumbprint
$rgname ="rrrrrrrrrrrrrr"
$vmname ="vvvvvvvvvvvvvv"
$ScriptToRun = "c:\test.ps1"
Out-File -InputObject $ScriptToRun -FilePath ScriptToRun.ps1
Invoke-AzVMRunCommand -ResourceGroupName $rgname -Name $vmname -CommandId 'RunPowerShellScript' -ScriptPath ScriptToRun.ps1
Remove-Item -Path ScriptToRun.ps1
Note: Before you run your runbook, make sure you update "rrrrrrrrrrrrrr" with your resource group name and "vvvvvvvvvvvvvv" with your VM name and also make sure you have the PowerShell named test.ps1 in C:\ drive of the VM.
Is there a way to set the UrlSegmentMaxLength value for Http.sys using appcmd/netsh or any other commandline utility?
I realize this is an old question, but in case someone stumbles upon this, here's PowerShell one-liner that either creates the key and sets the value or updates existing value.
if ((Get-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters -Name UrlSegmentMaxLength -ErrorAction SilentlyContinue) -eq $null) { New-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters -Name UrlSegmentMaxLength -Value 2048 -PropertyType DWord } else { Set-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters -Name UrlSegmentMaxLength -Value 2048 }
`
As for restarting, I found that this works well (no need to restart the server):
Stop-Service http -Force
Start-Service http
Start-Service IISADMIN
Start-Service W3SVC
I change this for my deployment in powershell
Set-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters -Name UrlSegmentMaxLength -Value 500
Restart-Service W3SVC -Force
I am writing a powershell script that deploys a website to IIS 7. I would like to do the following command to remove a custom header using the Web-Administration module in powershell rather than with appcmd. How do I do this command in powershell not using appcmd?
appcmd set config /section:httpProtocol /-customHeaders.[name='X-Powered-By']
To remove the header on iis level:
Remove-WebConfigurationProperty -PSPath MACHINE/WEBROOT/APPHOST
-Filter system.webServer/httpProtocol/customHeaders
-Name .
-AtElement #{name='X-Powered-By'}
And for a specific site:
Remove-WebConfigurationProperty -PSPath 'MACHINE/WEBROOT/APPHOST/Default Web Site'
-Filter system.webServer/httpProtocol/customHeaders
-Name .
-AtElement #{name='X-Powered-By'}
Adding a new custom field eg. xff-ip to have remote client ip from x-forwarded-for request header
Add-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.applicationHost/sites/siteDefaults/logFile/customFields" -name "." -value #{logFieldName='xff-ip';sourceName='X-FORWARDED-FOR';sourceType='RequestHeader'}
Or for a specific site:
Add-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.applicationHost/sites/site[#name='My Super Site']/logFile/customFields" -name "." -value #{logFieldName='xff-ip';sourceName='X-FORWARDED-FOR';sourceType='RequestHeader'}
Removing your added custom logging field eg.xff-ip
Remove-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.applicationHost/sites/siteDefaults/logFile/customFields" -name "." -AtElement #{logFieldName='xff-ip'}
Or from your site only
Remove-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.applicationHost/sites/site[#name='My Super Site']/logFile/customFields" -name "." -AtElement #{logFieldName='xff-ip'}
I am writing a Powershell script to add/remove/edit IP restrictions for websites using Powershell. So far I am able to add restrictions, however wondering the best way to edit an existing ip restriction.
Add
Add-WebConfiguration -Filter /system.webserver/security/ipsecurity -Value #{ipAddress=$ipAddress;subnetMask="255.255.255.255";allowed=$allowed} -Location $websiteName -PSPath "IIS:\"
Edit
I have tried various combinations of:
Set-WebConfiguration -Filter system.webServer/security/ipSecurity/add[#ipAddress='192.123.123.123'] -Name "ipAddress" -Value $ipAddress -Location $websiteName -PSPath "IIS:\"
Set-WebConfigurationProperty -Filter system.webServer/security/ipSecurity/add[#ipAddress='192.123.123.123'] -Value = #{ipAddress=$ipAddress;subnetMask="255.255.255.255";allowed=$allowed} -Location $websiteName -PSPath "IIS:\"
Is the best way essentially to clear all, and recreate each time?
I had the same problem and fixed it like this -
# Compose new entry
$value = #{allowed="true";ipAddress="192.168.0.1"}
# Add new entry to restrictions
Add-WebConfigurationProperty -Filter 'system.webServer/security/ipSecurity' -PSPath "IIS:\Sites\MySite\" -Location "MyService" -Name "." -Value $value -ErrorAction Stop
Automating some IIS stuff with Powershell. I needed to add an net.msmq binding using the approach listed here:
Why Powershell's New-WebBinding commandlet creates incorrect HostHeader?
Where I add using something like
New-ItemProperty -Path 'IIS:\Sites\Default Web Site' -Name Bindings -value #{protocol="net.msmq"; bindingInformation="server.domain.com"}
So now I need to automate removal of that binding (say the queue server changes). I have messed around with all the Collection cmdlets, and I cannot figure out a way to remove an item.
Get-ItemProperty -Path 'IIS\Sites\Default Web Site' -Name bindings
will return a collection. I can iterate through with ForEach, but I cannot seem to find the magic command to remove an item once I find it.
Any thoughts?
This worked for me:
$prop = (get-ItemProperty -Path 'IIS:\Sites\Default Web Site' -Name bindings).Collection | ? {$_.Protocol -ne "net.msmq"}
Set-ItemProperty "IIS:\sites\Default Web Site" -name bindings -value $prop
Remove-ItemProperty 'IIS:\Sites\DemoSite' -Name bindings -AtElement #{protocol="http";bindingInformation="*:80:DemoSite2"}
straight off the technet......