Powershell – IIS Administration using PowerShell 2 and Modules on Windows 2008 R1

iis-7powershellwindows-server-2008

I have a PowerShell 2 script to automatically register managed modules with IIS7. With PowerShell 2 I used import-module webadministration rather than the snap-in.

Is it possible to install the IIS7 web administration module (rather than the snap-in) on Window Server 2008 R1 when PowerShell 2 is installed? If so, how?

This would have the benefit of simplifying my script, otherwise, I will need to attempt to target two different server platforms.

Best Answer

Unfortunately, it isn't possible to load the IIS provider as the same thing on both 2008 and 2008R2. On 2008 the IIS provider is provided as only a snapin, and on 2008R2 it is provided as only a module.

With a little bit of coding, you can actually determine which to use, and dynamically load the module or snapin in your script, depending on which is necessary. I took this code from http://forums.iis.net/t/1166784.aspx when I was having a similar problem.

$ModuleName = "WebAdministration"
$ModuleLoaded = $false
$LoadAsSnapin = $false

if ($PSVersionTable.PSVersion.Major -ge 2) {
    if ((Get-Module -ListAvailable | ForEach-Object {$_.Name}) -contains $ModuleName) {
        Import-Module $ModuleName
        if ((Get-Module | ForEach-Object {$_.Name}) -contains $ModuleName) {
            $ModuleLoaded = $true
        } else {
            $LoadAsSnapin = $true
        }
    } elseif ((Get-Module | ForEach-Object {$_.Name}) -contains $ModuleName) {
        $ModuleLoaded = $true
    } else {
        $LoadAsSnapin = $true
    }
} else {
    $LoadAsSnapin = $true
}

if ($LoadAsSnapin) {
    if ((Get-PSSnapin -Registered | ForEach-Object {$_.Name}) -contains $ModuleName) {
        Add-PSSnapin $ModuleName
        if ((Get-PSSnapin | ForEach-Object {$_.Name}) -contains $ModuleName) {
            $ModuleLoaded = $true
        }
    } elseif ((Get-PSSnapin | ForEach-Object {$_.Name}) -contains $ModuleName) {
        $ModuleLoaded = $true
    }
}

Before attempting to do anything with the IIS provider, check to ensure that $ModuleLoaded is true, and you should be good to go.

Related Solutions

How to generate a certificate request on Windows Server 2008 for SqlServer 2008 w/o IIS installed

Use OpenSSL. It's a command line based utility that'll generate your CSR for you. It's a 2 liner, literally! Creating your key, and then creating the CSR with that key.

1. Key Generation

openssl genrsa -des3 -out filename.key 2048

This command should create a file with name filename.key in the directory from which the > command is ran. The output will be similar to:

Generating RSA private key, 2048 bit long modulus

Enter pass phrase for filename.key: 
Verifying - Enter pass phrase for filename.key:

Choose and enter a passphrase for filename.key and remember it because it will be needed later. Successful outcome of this use case is the key file generation. File filename.key can be viewed by using Notepad on Windows or text editor on Unix/Linux.

2. CSR Generation

openssl req -new -key filename.key -out filename.csr

where filename.key is the file generated previously. This command should create a file filename.csr that contains Certificate Signing Request. The output will look similar to:

Enter pass phrase for filename.key:

You are about to be asked to enter information that will be incorporated into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank.

This procedure should create file filename.csr that contains CSR in PKCS#10 format. This CSR needs to be delivered to the CA administrator.

Successful outcome of this use case is CSR file generation. File filename.csr can be viewed by using Notepad on Windows or text editor on Unix/Linux. The content of the file should be similar to:

-----BEGIN CERTIFICATE REQUEST-----

MIIB/TCCAWYCAQAwgYExCzAJBgNVBAYTAkNBMRkwFwYDVQQIExBCcml0aXNoIENv
bHVtYmlhMRIwEAYDVQQHEwlWYW5jb3V2ZXIxETAPBgNVBAoTCFRlc3QgT3JnMRUw
...snip...

Powershell – How to create a Managed Service Account in Windows 7

2008R2 domains would have Active Directory Web Services by default. In a 2003/2008 domain, you will need to install Active Directory Management Gateway Service before you can use the ActiveDirectory Powershell modules.

You cannot, in any supporting documentation I have read, use Managed Service Accounts without an AD domain.

Best Answer

Related Solutions

How to generate a certificate request on Windows Server 2008 for SqlServer 2008 w/o IIS installed

Powershell – How to create a Managed Service Account in Windows 7

Related Topic