3

Is it to possible to get IIS settings using Power Shell Script?

I am looking to get/check below information using a a script:

  1. Check if Windows Authentication Providers are listed correctly (Negotiate, NTLM)
  2. Check if Windows Authentication is enabled
  3. Windows Authentication Advanced Settings -> enable kernel-mode is on
Improve this question

2 Answers 2

Reset to default
6

Yes, that is all easily possible with PowerShell. There are lots of samples and examples online.

Look at the (IIS) Administration Cmdlets in Windows PowerShell and especially Get-WebConfiguration and Get-WebConfigurationProperty.

To get information about the Windows Authentication Advanced Settings use:

$windowsAuthFilter = "/system.WebServer/security/authentication/windowsAuthentication"
$winKernel = (Get-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -location 'Default Web Site' -filter "$windowsAuthFilter" -name "useKernelMode").Value
$winKernel 
$winProviders = Get-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -location 'Default Web Site' -filter "$windowsAuthFilter/providers" -name "." 
$winProviders.Collection | Format-Table value
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Tried: Import-Module WebAdministration cd IIS: IIS:\>Get-WebConfiguration -Filter "System.WebServer/Security/Authentication/* /*" -Recurse | where {$_.enabled -eq $True} | Format-List ' But get an error as below: IIS:\>Get-WebConfiguration : The term 'IIS:\>Get-WebConfiguration' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
Run Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServerManagementTools to install the IIS cmdlets, if you have an older Windows version, installed them via the GUI.
The below code runs fine but in the output it doesn't shows if Windows Authentication is enabled or not for IIS: Get-WebConfiguration system.webServer/security/authentication/windowsAuthentication/* 'IIS:\sites\Default Web Site' -Recurse | format-list
1

Below is the answer to read anonymous and windows authentication:

$anonAuthFilter =    "/system.WebServer/security/authentication/AnonymousAuthentication"
$windowsAuthFilter = "/system.WebServer/security/authentication/windowsAuthentication"

$value = 'false'
$AppName = "test"

$anonAuth = Get-WebConfigurationProperty -filter $anonAuthFilter -name Enabled -location $AppName
Write-Host  $anonAuth.Value


$winAuth = Get-WebConfigurationProperty -filter $windowsAuthFilter -name Enabled -location $AppName
Write-Host  $winAuth.Value

@Peter Hahndorf Still didn't find any clue for

Check Windows Authentication Advanced Settings -> enable kernel-mode is on and

Check check Enabled Providers like NTLM and Negotiate

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.