Table of Contents


Getting a list of IIS components

Import-Module ServerManager
Get-WindowsFeature –Name *web*

Installing IIS

PS> Import-Module ServerManager #only required for PowerShell v2
PS> Add-WindowsFeature Web-Server

Testing a default installation

PS> Start iexplore http://

Importing and viewing cmdlets for IIS

PS> Import-Module WebAdministration
PS> Get-Command –Module WebAdministration
PS> Get-Command –noun web*
PS> Get-Help *web*

Viewing a website

PS> Get-WebSite –Name Default*
PS> Get-Childitem –Path iis:\sites
PS> Get-Childitem –Path c:\inetPub\wwwroot

Navigating to application pools

PS> Set-location IIS:\appPools
PS> Get-Childitem

Getting information about application pools

PS> Get-Item –Path IIS:\appPools\defaultAppPool
PS> Get-Item –Path IIS:\appPools\defaultAppPool | Format-List –Property *

Creating application pools

PS> New-WebAppPool –Name BikeTestPool

Changing a website to a new application pool

PS> Set-ItemProperty –Path ‘IIS:\Sites\Default Web Site’ –Name ApplicationPool –Value BikeTestPool

Getting a list of worker processes

PS> Get-WmiObject Win32_Process –filter ‘name=”w3wp.exe”’
PS> Get-WmiObject Win32_process -filter 'name="w3wp.exe"' | Select-Object Name, ProcessId, @{n='AppPool';e={$_.GetOwner().user}}

Restarting an application pool

PS> Restart-WebAppPool –Name BikeTestPool

Setting application pool settings (managed runtime)

PS> Set-ItemProperty –Path IIS:\appPools\TestBikePool –Name ManagedRuntimeVersion –Value v4.0

Setting application pool recycling settings (recycle time)

PS> Get-ItemProperty -Path IIS:\AppPools\DefaultAppPool –Name recycling.periodicRestart.time
PS> Set-ItemProperty -Path IIS:\AppPools\DefaultAppPool -Name recycling.periodicRestart.time -Value 3.00:00:00

Setting application pool recycling settings (schedule)

PS> Get-ItemProperty -Path IIS:\AppPools\DefaultAppPool -Namerecycling.PeriodicRestart.schedule.collection
PS> clear-ItemProperty -Path IIS:\AppPools\DefaultAppPool -Name recycling.PeriodicRestart.schedule.collection
PS C:\> set-ItemProperty -Path IIS:\AppPools\DefaultAppPool -Name recycling.PeriodicRestart.schedule.collection -Value @{value='06:00:00'}

Viewing events for application pools

PS> Get-Eventlog –LogName System –Source WAS

Getting the application pool identity

PS> Get-ItemProperty -Path IIS:\AppPools\MyTest –Name ProcessModel.IdentityType

Setting an application pool identity (example for NetworkService)

PS> Set-ItemProperty -Path IIS:\AppPools\MyTest –Name ProcessModel.IdentityType -value 2

Setting your own custom application pool user account as the identity

PS> Set-ItemProperty -Path IIS:\AppPools\MyTest -Name processmodel.identityType -Value 3
PS> Set-ItemProperty -Path IIS:\AppPools\MyTest -Name processmodel.username -Value Administrator
PS> Set-ItemProperty -Path IIS:\AppPools\MyTest -Name processmodel.password -Value P@ssw0rd

Listing all log files for every website

Creating websites

PS> New-Item –ItemType Directory –Path c:\PoshTestSite
PS> New-WebAppPool –Name PoshTestSitePool
PS> New-Website –Name PoshTestSite –Hostheader Posh.Widget.Com –PhysicalPath c:\PoshTestSite –ApplicationPool PoshTestSitePool

Setting static compression for a server

PS> Get-WebConfiguration -filter system.webserver/urlcompression -PSPath iis:\ | fl *
PS> Get-WebConfigurationProperty -filter system.webserver/urlcompression -PSPath iis:\ -name doStaticCompression
PS> set-WebConfigurationProperty -filter system.webserver/urlcompression -PSPath iis:\ -name doStaticCompression -value True

Getting and setting static compression for a site

PS> Get-WebConfiguration -filter system.webserver/httpcompression -PSPath iis:\ | fl *
PS> set-WebConfigurationProperty -filter system.webserver/urlcompression -PSPath 'IIS:\Sites\Default Web Site' -name doStaticCompression -value true
PS> Get-WebConfigurationProperty -filter system.webserver/httpcompression -PSPath iis:\ -Name maxDiskSpaceUsage | fl *
PS> set-WebConfigurationProperty -filter system.webserver/httpcompression -PSPath iis:\ -Name maxDiskSpaceUsage -Value 100

Adding dynamic compression

PS> Add-WindowsFeature –Name Web-Dyn-Compression

Changing directory browsing

PS> Get-WebConfigurationProperty -filter system.webserver/directorybrowse –PSPath iis:\ -Name enabled
PS> Set-WebConfigurationProperty -filter system.webserver/directorybrowse -PSPath iis:\ -Name enabled -Value true

Getting and setting the Default Documents

PS> Get-WebConfiguration -Filter system.webserver/defaultdocument/files/add -PSPath iis:\ | select value
PS> Add-WebConfiguration -Filter system.webserver/defaultdocument/files -PSPath iis:\ -Value 'jason.php' -AtIndex 3 #If no index specified it places it at the top

Adding IIS 6 compatability mode

PS> Add-WindowsFeature web-mgmt-compat –IncludeAllSubFeature

Adding ASP and ASP.Net

PS> Add-WindowsFeature –Name Web-ASP
PS> Add-WindowsFeature –Name Web-ASP-Net
PS C:\> Get-WebConfiguration -filter system.webserver/asp -PSPath iis:\ | format-List *

Adding CGI

PS> Add-WindowsFeature –Name Web-CGI

Listing all log files for every website

PS> Get-childitem -Path C:\inetpub\logs -filter *.log –recurse

Listing all HTTP requests that occurred at 9:00 p.m.

PS> Get-childitem -Path C:\inetpub\logs -filter *.log -recurse | Select-String -SimpleMatch "21:00”

Listing all requests from clients to a particular URL

PS> Get-childitem -Path C:\inetpub\logs -filter *.log -recurse | Select-String -SimpleMatch "MySite/TestPage.asp"

Listing all requests to/from a particular IP address

PS> Get-childitem -Path C:\inetpub\logs -filter *.log -recurse | Select-String -SimpleMatch ""

Adding Failed Request Tracing

PS> Add-WindowsFeature web-http-tracing

Getting a list of authentication mechanisms

PS> Get-WebConfiguration -Filter /system.WebServer/Security/authentication | foreach-Object{$_.sections}

Getting anonymous authentication settings

PS> Get-WebConfigurationProperty -Filter system.WebServer/security/authentication/anonymousAuthentication -PSPath IIS:\ -name enabled | select-Object value

Disabling/enabling anonymous authentication for the entire web server

PS> Set-WebConfigurationProperty -Filter system.WebServer/security/authentication/anonymousAuthentication -PSPath IIS:\ -name enabled -Value false

Enabling/disabling anonymous authentication for a website or application

PS> Get-WebConfigurationProperty -Filter system.WebServer/security/authentication/anonymousAuthentication -PSPath IIS:\ -name enabled -Location mysite
PS> Set-WebConfigurationProperty -Filter system.WebServer/security/authentication/anonymousAuthentication -PSPath IIS:\ -name enabled -Value False -Location MySite

Adding Windows authentication

PS> Add-WindowsFeature Web-Windows-Auth

Getting information about Windows authentication settings

PS> Get-WebConfiguration -Filter system.WebServer/security/authentication/windowsAuthentication | Format-List *
PS> Get-WebConfigurationProperty -Filter system.WebServer/security/authentication/windowsAuthentication -name enabled | select-Object value

Enabling/disabling Windows authentication

PS> Set-WebConfigurationProperty -Filter system.WebServer/security/authentication/windowsAuthentication -name enabled -Value true

Enabling/disabling Windows authentication per site or application

PS> Get-WebConfigurationProperty -Filter system.WebServer/security/authentication/windowsAuthentication -name enabled -Location mysite |select-Object value

Adding basic authentication

PS> Add-WindowsFeature Web-Basic-Auth

Installing a new certificate for Remote Management 325

Getting configuration information about basic authentication

PS> Get-WebConfiguration -Filter system.WebServer/security/authentication/BasicAuthentication | Format-List *
PS> Get-WebConfigurationProperty -Filter system.WebServer/security/authentication/BasicAuthentication -name enabled | select value

Enabling/disabling basic authentication

PS> Set-WebConfigurationProperty -Filter system.WebServer/security/ authentication/BasicAuthentication -name enabled -Value true

Enabling/disabling basic authentication per site or application

PS> Set-WebConfigurationProperty -Filter system.WebServer/security/ authentication/BasicAuthentication -name enabled -Location mysite | select-Object value

Installing certificates

PS> certutil -p P@ssw0rd -importpfx c:\shop.Company.com.pfx

Adding an SSL binding

PS> New-WebBinding -name shop -Protocol https -Port 443 -IPAddress -SslFlags 0}

Binding a certificate to a website

PS> $Cert=Get-ChildItem -Path Cert:\LocalMachine\My | where-Object {$_.subject -like "*shop*"} | Select-Object -ExpandProperty Thumbprint
PS> Get-Item -Path "cert:\localmachine\my\$cert" | New-Item -path IIS:\SslBindings\!443

Installing Remote Management to multiple computers

Using PowerShell Remoting

PS> $Session=New-PsSession –ComputerName web1,web2
PS> Invoke-Command –Session $Session –ScriptBlock {Add-WindowsFeature Web-Mgmt-Service}
PS> Invoke-command –Session $Session -FilterScript{Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WebManagement\Server -Name EnableRemoteManagement -Value 1}
PS> Invoke-command –Session $Session -FilterScript {Set-Service -name WMSVC -StartupType Automatic}
PS> Invoke-command –Session $Session -FilterScript {Start-service WMSVC}

Installing a new certificate for Remote Management

PS> Invoke-Command -session $session {$cert=Get-ChildItem -Path Cert:\LocalMachine\My | where {$_.subject -like "*company*"} | Select-Object -ExpandProperty Thumbprint}
PS> Invoke-Command -session $session {Import-Module WebAdministration}
PS> Invoke-command -Session $session {remove-item -Path!8172}
PS> Invoke-Command -Session $session {get-item -Path "cert:\localmachine\my\$cert" | new-item -path IIS:\SslBindings\!8172}

Installing Microsoft NLB to multiple servers

PS> $Sessions=New-PSSession –ComputerName Web1, Web2
PS> Invoke-Command –Session $Session {Install-WindowsFeature Web-server, NLB}
PS> New-NLBCluster –Hostname Web1 InterfaceName Ehternet –ClusterName web ClusterPrimaryIP –SubnetMask –OperationMode Multicast
PS> Get-NlbCluster -HostName Web1 | Add-NlbClusterNode -NewNodeName Web2 -NewNodeInterface Ethernet

Adding DNS records for websites

PS> Add-DnsServerResourceRecordA -name www -ZoneName company.loc -IPv4Address -ComputerName DC.company.loc

Deploying simple websites to a web farm

PS> $Servers= ‘Web1’, ‘Web2’
PS> $servers | foreach{copy-item -Path c:\sites\*.* -Destination \\$_\c$ -recurse}

Making new sites on a web farm

PS> $Sessions=New-PSSession –ComputerName Web1, Web2
PS> Invoke-Command -Session $Session {New-WebAppPool -Name BikeShop-pool}
PS> Invoke-Command -Session $Session {New-Website -Name BikeShop -HostHeader www.BikeShop.loc -PhysicalPath C:\sites\BikeShop -ApplicationPool BikeShop-pool}

Installing the central certificate store

PS> Install-WindowsFeature Web-CertProvider
PS> Enable-WebCentralCertProvider -CertStoreLocation \\dc\cert -UserName company\IIScert -Password P@ssw0rd -PrivateKeyPassword P@ssw0rd
PS> Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\IIS\CentralCertProvider\ -Name Enabled -Value 1
PS> Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\IIS\CentralCertProvider\ -Name CertStoreLocation -Value \\ServerDC\CertStore
PS> Set-WebCentralCertProvider -Password P@ssw0rd -UserName Company\certuser -PrivateKeyPassword P@ssw0rd