In a DSC configuration script for IIS, I am trying to remove the defaultPath lock from the httpErrors section but the way in which the feature delegation works does not apply to this section. Hence to do the following:
appcmd set config /section:httpErrors /lockAttributes:
I've tried using the xWebConfigProperty as follows:
xWebConfigProperty httpErrors_lockAttributes
{
WebsitePath = "MACHINE/WEBROOT/APPHOST"
Filter = "system.webServer/httpErrors"
PropertyName = "lockAttributes"
Value = ""
Ensure = "Absent"
}
However this fails with an error saying the lockAttributes attributes does not exist. And yet it is definitely in the ApplicationHost.config
My only remaining workaround is to run the appcmd as Script in the DSC (a little ugly). Any ideas?
You could use below PowerShell command to remove lock from the default path:
Remove-WebConfigurationLock -pspath 'MACHINE/WEBROOT/APPHOST' -filter "system.webServer/httpErrors/#defaultPath"
I know this is old as all heck. But what I've found is a lot of these modules and resources were built for specific tasks and are less modular than other DSC tools. You may have to create a custom resource that handles Remove-WebConfigurationLock in its set/get/test functions if you want a "pure" DSC solution. If not, a DSC script resource will do what you need.
Related
I'm trying to create a pool of applications with specific parameters using this code:
$currentAppPool = New-WebAppPool -Name myNeyAppPool
# Set pool specifications
$currentAppPool.AutoStart = "true"
$currentAppPool.ManagedRuntimeVersion = "No Managed Code"
$currentAppPool | Set-Item
I have several errors because setitem asks me for a path variable that it doesn't recognize. Set-Item: The input object cannot be bound because it did not contain the information required to bind all mandatory parameters: Path
I tried to give it the parameter -path IIS:\AppPools\myNeyAppPool but I get the message
Set-Item: Cannot find drive. A drive with the name 'IIS' does not exist
There are quite a few changes concerning the management of IIS in w10 via powershell 7, but little documentation seems to exist on the subject.
Is there anything help ?
Thks,
The provider "IIS:" is loaded when importing the webadministration module.
Providers before and after to load webadministration module
Do you have IIS role enabled in windows 10?
You can check the following link:
https://community.lansweeper.com/t5/installation/how-to-install-iis-internet-information-services/ta-p/64422
Which providers appear if you run the "Get-PSProvider" command?
First try running PowerShell as an administrator, and then the drive is provided by the WebAdministration module, so you need make sure install that module, you can install the module with the following PowerShell commands:
Import-Module ServerManager
Add-WindowsFeature Web-Scripting-Tools
I can't seem to find a good hint on accessing the root web.config, currently in C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config. In my situation, I want to apply a few security settings to cascade down to apps (ex: disable sessionstate/compression) where ideally I'd do this in PowerShell DSC using xWebConfigProperty, or possibly raw PowerShell. If anyone has a means to retrieve this (have to use the older WebAdministration module), I'd appreciate it (or just verifying I need something more organic like gci path into xml for manipulation).
Changes applied to root web.config using 'MACHINE/WEBROOT'.
You can test with something like:
Get-WebConfigurationProperty -pspath 'MACHINE/WEBROOT' -name "mode" -filter "system.web/sessionState"
What is the difference between WebCommitDelay and IISCommitDelay?
MS docs says the same for both:
Instructs the IIS configuration system to delay the commitment of changes.
So what should I prefer and why? It looks like they have some differences indeed, because if I use WebCommitDelay, I can't use New-WebApplication ... -Force if the same application is exists, but I can do this if I use IISCommitDelay.
As far as I know, the IISAdministration PowerShell module which was a new way to manage IIS.
This module included numerous improvements over the existing WebAdministration cmdlets.
So the IISCommitDelay is the new method which is used to management the IIS.
Detials, you could refer to this article.
How can I modify various settings inside either a new or exisitng App Pool using Powershell?
I am interesting in some of the "Advanced" settings such as Enable 32-Bit Applications, Managed Pipeline Mode, Process Model Identity, etc. Any ideas on how I can do this? I tried using the xWebAdministration module but that seems to have very basic settings.
Yes, a custom DSC resource is the only way to do this with DSC. If you are able to use PowerShell scripting without DSC, you can use the WebAdministration module module to create the pool, and then modify it from there.
$appPoolName = "MyAppPool"
New-WebAppPool -Name $appPoolName
$appPool = Get-Item "IIS:\AppPools\$appPoolName"
$appPool.processModel.identityType = 3
$appPool.processModel.username = "someUser"
$appPool.processModel.password = "somePassword"
$appPool.managedRuntimeVersion = "v4.0"
$appPool.managedPipeLineMode = "Integrated"
Update 1/31/2015
In the PowerShell.org community DSC modules, someone made a cWebAdministration pull request that apparently includes "37 app pool config options". Might be a great solution.
You need to write your own custom DSC resource for doing that.
This is a good starting point.
However, I recommend that you take a look at Script resource to build the logic required for all three functions in a DSC resource and experiment before writing a resource.
I am debugging PowerShell DSC resources that come with v4.0.
More specifically, I am testing MSFT_ProcessResource by adding a diagnostic log.
After I make change to the resource, and run my configuration that exercise the resource, I don't see the logging I just added. Eventually after several minutes, PowerShell seems to refresh whatever cache of resource it has.
I've tried
Get-DscResource, and
Import-Module MSFT_ProcessResource
None of which worked.
Is there a way to force re-loading the resource?
DSC engine caches resources to increase performance.
There are two ways to reload the resource:
1) Restart process hosting DSC engine (kill WMI Provider Host and re-run the configuration)
2) Use debug mode which will cause DSC to reload resources automatically (useful when developing resources, but not recommended for regular work):
LocalConfigurationManager
{
DebugMode = $true
}
You can read more about debug mode here:
http://blogs.msdn.com/b/powershell/archive/2014/04/22/debug-mode-in-desired-state-configuration.aspx
DSC has a caching model which frankly seems buggy and poorlyl designed as of Sep 2016
The blog entries indicating the mechanisms to get around the caching don't always work
In your configuration include the following configuration line
Also perform a full restart of the winmgt service. Simply killing the dsctimer process doesn't appear to always work.
{
LocalConfigurationManager
{
DebugMode = "All"
}
}
A PowerShell script to clear the cache is:
$dscProcessID = Get-WmiObject msft_providers |
Where-Object {$_.provider -like 'dsctimer'} |
Select-Object -ExpandProperty HostProcessIdentifier
if ($dscProcessID -eq $null) {
Write-Host "DSC timer is not running."
return
}
Write-Host "Process ID: $dscProcessID"
Get-Process -Id $dscProcessID | Stop-Process -Force
Restart-Service -Name winmgmt -Force -Verbose
This has now changed with WMF 5, instead of $true debug mode has the following options.
None - Signifies that DebugMode is False and not applicable.
ForceModuleImport - Enforce the resource module to be reloaded instead of using the cache. This is similar to "true" value in
previous versions.
ResourceScriptBrealAll - Helps in debugging DSC resources when Local configuration manager tries to execute their functions. More on
it in subsequent blog posts!
All - Signifies that debugging as well as reloading of modules are both enabled.
Using this in an example DSC config would look like this:
Configuration myChocoConfig2
{
Import-DscResource -Module cChoco
Node "localhost"
{
LocalConfigurationManager
{
DebugMode = 'All'
}
cChocoInstaller installChoco
{
InstallDir = "c:\choco"
}
cChocoPackageInstaller installChrome
{
Name = "sysinternals"
DependsOn = "[cChocoInstaller]installChoco"
}
}
}
https://techstronghold.com/blogs/scripting/how-to-setup-debug-mode-in-windows-powershell-desired-state-configuration-dsc
I have a set of scripts that load on start of PowerShell and I often needed the same. I would edit one of my scripts and need it to be updated in the current session.
Because I have these scripts loading via a series of scripts in the $profile I am able to use one command to refresh for any of the scripts that I load on init.
C:> powershell
This command will refresh your session and keep you in the same folder you are currently in. If you are not loading your module on startup, you will need to use the answer from Karol.