I hope someone can help me with the following :
I’ve created a script to install a web site based on an existing site.
The script performs several steps - copy dirs, restore a DB, create website and application pool etc. It runs fine from the Powershell CLI under an Administrator account.
I created a WinForms frontend for this script that references Powershell and also executes that script just fine.
Now I want to create a web frontend for it. (as explained here : http://devinfra-us.blogspot.com/2011/02/using-powershell-20-from-aspnet-part-1.html)
However I can’t get the ‘new-website’ cmdlet to work via the web frontend. All the other steps in the script work, including ‘new-WebappPool’ (I can see the new appPool in IIS manager). I don’t get any errors..
I’ve made sure the script runs with Administrator rights (security is not a concern at this point)
Below is some output from the Powershell transcript :
**********************
Windows PowerShell transcript start
Start time: 20200106164117
Username: NNN-WEB\adminArr <-- Administrator account
RunAs User: NNN-WEB\adminArr
Machine: NNN-WEB (Microsoft Windows NT 10.0.14393.0)
Host Application: c:\windows\system32\inetsrv\w3wp.exe -ap DefaultAppPool -v v4.0 -l webengine4.dll -a \\.\pipe\iisipmd4bdced8-d455-428b-b9ef-8b3e2bfb38dd -h C:\inetpub\temp\apppools\DefaultAppPool\DefaultAppPool.config -w -m 0 -t 20 -ta 0
Process ID: 8448
PSVersion: 5.1.14393.3383
PSEdition: Desktop
PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.14393.3383
BuildVersion: 10.0.14393.3383
CLRVersion: 4.0.30319.42000
WSManStackVersion: 3.0
PSRemotingProtocolVersion: 2.3
SerializationVersion: 1.1.0.1
You could use the below PowerShell command to create a site in iis:
Import-Module WebAdministration
New-WebAppPool NewAppPool
New-Website -Name "mike" -Port 8086 -PhysicalPath c:\casp -ApplicationPool NewAppPool
Do not forget to refresh the iis after running the command.
Although in my script I also used the commands mentioned in Jalpa's example, I tried his example script anyway. I got the error 'Cannot add duplicate collection entry of type 'site' with unique key attributes 'name, id' respectively set to 'mike3, 2' - which I didn't get using my own script...
Thanks to this error, I figured out that if there are already some existing sites, you also have to specify the 'ID' parameter of the new-website command - so like 'new-website -Name "testsite" -Id 4 etc.'. The ID has to be a number not in use by any other sites.
This made it work :-)
Related
I ran the following commands as per some other posts:
Install-Module -Name AzureAD
Import-Module AzureAD -UseWindowsPowerShell
When I try to execute Connect-AzureAD, the standard error comes up:
Connect-AzureAd: The term 'Connect-AzureAd' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
Any ideas on how to get Connect-AzureAD to work on powershell for Mac?
"AzureAD" and "AzureADPReview" modules are only supported with Windows PowerShell 5.1 (https://learn.microsoft.com/en-us/powershell/azure/active-directory/install-adv2?view=azureadps-2.0).
if you want to access Azure AD using PowerShell 7 (e.g. from MacOS), you need to use different modules:
"Az" modules
"Microsoft.Graph.*" modules (e.g. "Microsoft.Graph.Users", "Microsoft.Graph.Groups")
ref:
https://learn.microsoft.com/powershell/azure/install-az-ps
https://learn.microsoft.com/graph/powershell/installation
In automating Windows (2012R2 and 2016) builds, I found that even though I set a system-wide proxy via netsh, I still had to set the HKCU values for IE because some commands would not work without those values set. I would have to open IE and visit a site, any site, to initialize those settings, which was annoying.
I was able to find some PowerShell code that could "initialize" the IE proxy settings so I did not have to open IE and visit a site, shown below:
$Source=#"
[DllImport("wininet.dll")]
public static extern bool InternetSetOption(int hInternet, int dwOption, int lpBuffer, int dwBufferLength);
"#
$wininet = Add-Type -memberDefinition $Source -passthru -name InternetSettings
$wininet::InternetSetOption([IntPtr]::Zero, 95, [IntPtr]::Zero, 0)|out-null
$wininet::InternetSetOption([IntPtr]::Zero, 37, [IntPtr]::Zero, 0)|out-null
The above code is from https://vanderpaal.com.au/2016/09/30/live-proxy-setting-change/ (thanks!)
The above code works great when executed manually via RDP session. I set the IE proxy values correctly, I run the above code, and I can then do whatever I want - it all works. The commands that require the IE settings work fine.
I have been trying to run more code via remote WinRM using things like Ansible and SSM (in AWS). When I do, weird things happen.
Specifically, the IE proxy registry entries get deleted and reset back to defaults. So, the order of doing things via script is:
Write IE proxy values to the registry via script called by Ansible or SSM.
Run the initialize proxy code listed above.
IE values from #1 are gone...
I am at a loss as to why the registry values get deleted. I am 100% sure they get deleted - I can script a reg query before and after the initialize proxy commands - before the commands they exist, and after the commands they do not. This does not happen when I run the same scripts manually on the server in an RDP session - that is, the proxy command does NOT delete the entries.
I have replicated this in both Ansible and SSM, both of which use PowerShell and WinRM to run commands. The scripts reside on the actual server, and Ansible/SSM tell the system to execute the scripts.
I have verified that HKCU actually exists during Ansible execution of the scripts.
Because the IE values get deleted, the initialize command does me no good when the following commands that require the IE values execute. Those commands fail with errors like so:
PackageManagement\Install-Package : No match was found for the specified
search criteria and module name ''
The commands I am running (which fail) are just install module commands, like so:
Install-Module -Name PSWindowsUpdate -Proxy http://proxy.foo.com:80 -Confirm:$false -Force
Install-Module -Name PowerShellGet -Proxy http://proxy.foo.com:80 -Confirm:$false -Force
Anyone know why the IE proxy registry values get deleted when I run the code above via Ansible or SSM? The proxy values in question are:
"HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable" - this gets reset to 0
"HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer" - this gets deleted
"HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride" - this gets deleted
had the same problem. and found out that the damned ie wizard was the root cause.
u have to add following key to registry before u can access ie components...:
desc: "Remove IE 11 first run Wizard"
path: "HKLM:\\Software\\Policies\\Microsoft\\Internet Explorer\\Main"
name: "DisableFirstRunCustomize"
data: "1"
type: "dword"
I am attempting to setup an LDAP server.
I installed ApacheDS and I was going through the user guide. I am trying to change the default admin password. I know I can use the Apache Directory Studio to do this, but I am required to use the command line to setup and maintain the LDAP server I create.
I found this
and it helped by showing how to use an ldif file to modify the default password.
However when I run
ldapmodify -h localhost -p 10389 -D "uid=admin,ou=system" -f conf-modify.ldif
I get the message:
'ldapmodify' is not recognized as an internal or external command, operable program or batch file.
Is there an LDAP package for windows command line tools or is there a specific directory that the ldap command must be executed from in ApacheDS
I am currently running the command from the ApacheDS install directory C:\Program Files\ApacheDS
I have been using OpenDJ and their tools. You do not need to run the LDAP server to be able to run their LDAP tools.
Runs on any(?) Java 7 or greater platform.
Open any cmd prompt and add add this command
set path=%path%;E:\Softwares\OpenLDAP\bin
and after that run your command
ldapmodify -h localhost -p 10389 -D "uid=admin,ou=system" -f conf-modify.ldif
I Hope it helps you.,
An old article, perhaps still useful for ApacheDS users.
if you have found your bin folder with dsadm.exe usw.,
then you will find your ldapsearch.exe in a parallel folder.
dsee7:
*---bin
| dsadm.exe
|
*---dsrk
+---bin
ldapsearch.exe
ldapmodify.exe
WARNING:
call pls.
ldapmodify -h
In order to see the difference between openldap and ApacheDS.
It is not working with openldap syntax.
Have a fun with experimenting. (rulez Shadows)
Hint you will see the same syntax in suchlogs in your Apache Directory Browser
I am creating Windows VMs from the azure xplat cli, using the following command:
azure network vnet create --location "East US" testnet
azure vm create --vm-name xplattest3 --location "East US" --virtual-network-name testnet --rdp 3389 xplattest3 ad072bd3082149369c449ba5832401ae__Windows-Server-Remote-Desktop-Session-Host-on-Windows-Server-2012-R2-20150828-0350 username SAFEpassword!
After the Windows VM is created I would like to execute a powershell script to configure the server. As far I understand, this is done by executing a CustomScriptExtension.
I found several examples for PowerShell but no examples for Xplat cli.
I would like, for example, to run the following HelloWorld PowerShell script:
New-Item -ItemType directory -Path C:\HelloWorld
After reading documentation I should be able to run a CustomExtensionScript by executing something like this (the following command does not work):
azure vm extension set xplattest3 CustomScriptExtension Microsoft.Compute 1.4 -i '{"URI":["https://gist.githubusercontent.com/tk421/8b7dd37145eaa8f82e2f/raw/36c11aafd3f5d6b4af97aab9ef5303d80e8ab29b/azureCustomScriptExtensionTest"] }'
I think that the problem is the parameter -i. I have not been able to find an example on Internet. There are some references and documentation such as MSDN and Github, but no examples.
Therefore, my question: How to execute a PowerShell script after creating a Windows VM in Azure using the xplat cli ?
Please note that the my current approach is a CustomScriptExtension, but anything that allows to bootstrap a configuration script will be considered!
EDIT How do I know it is failing ?
After I run the command azure vm extension ...:
xplat cli confirms that the command has been executed properly.
As per MSDN documentation, the folder C:\Packages\Plugins\Microsoft.Compute.CustomScriptExtension\ is created, but there is no script downloaded to C:\Packages\Plugins\Microsoft.Compute.CustomScriptExtension\{version-number}\Downloads\{iteration}
The folder C:\HelloWorld is not created, which means that the contents of the script has not been executed.
I cannot find any sort of logs or a trace to know what happened. Does anyone knows where can I find this information ?
The parameters (The Json) that I used after reading the MSDN documentation were not correct. However, you can get clues of the correct parameters by reading the C# code.
And the final command is:
azure vm extension set xplattest3 CustomScriptExtension Microsoft.Compute 1.4 -i '{"fileUris":["https://macstoragetest.blob.core.windows.net/testcontainername/createFolder.ps1"], "commandToExecute": "powershell -ExecutionPolicy Unrestricted -file createFolder.ps1" }'
This command successfully creates the C:\HelloWorld directory.
NOTE: I decided to upload the script to Azure as I read in a post and in the documentation that is mandatory. However I just made a test to download the original script from Github and it is working fine, so I guess that the documentation is a bit outdated.
EDIT: I created an detailed article that explains how to provision windows servers with xplat-cli in Azure.
I am writing a windows service which takes an uploaded file, runs signtool.exe on it to do the signing and timestamping and then serves the signed file back.
The code for this works when run as a standalone server using twisted however if I try and run it as a service it fails with the error "Signing succeeded, but an error occurred while attempting to timestamp".
If I replace the signcode subprocess call with a curl.exe call which explicitly uses the proxy then this succeeds.
I have set the proxy in internet explorer and running the command manually works. Is there another way of setting an http proxy for signtool/signcode or another way of doing this (I am keen for it to be a service for ease of integration in to some other monitoring systems)?
I have the same issue but running signtool via cygwin ssh (using a password). The timestamping only works via the proxy and over ssh if I login at least once through the gui (e.g. via rdesktop). I don't even have to be logged in to the gui after that for it to work via ssh, I just have to make sure I login at least once via the gui. Whatever it's doing upon graphical login survives a reboot too. One difference however is that I'm setting the proxy settings dynamically using the same powershell that I'm launching via ssh :
$reg_key = "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
Set-ItemProperty -path $reg_key ProxyServer -value 192.168.0.3:8888
Set-ItemProperty -path $reg_key ProxyOverride -value "<local>"
Set-ItemProperty -path $reg_key ProxyEnable -value 1
I tried launching explorer.exe &, notepad &, and iexplorer.exe & from ssh but it didn't help. I'll see about hard coding the proxy settings and also if its possible to have the signing user be logged into the gui after boot. Also will check to make sure ssh is launched with cygrunsrv -i or that it's allowed to interact with the desktop is checked in services.
The system reverts its image if it's halted (vmware delta image) (that's how I'm able to duplicate the problem), but I can always change it, which it looks like I might have to do to figure out this problem.
Finally figured it out with some help from the comment here :
http://blogs.msdn.com/b/askie/archive/2013/05/09/user-proxy-settings-showing-up-in-local-system-account-correct-way-to-apply-proxy-settings.aspx#10606266
Looks like the setting actually has to be set in the binary file :
HKEY_Current_User\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
This binary file doesn't get created in the registry until after graphical login even with the powershell settings I made above. Easiest way is to login (assuming you have the registry settings I made with powershell above, or set it manually through the internet options ui in the gui), export the HKEY_Current_User\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections path, and the import it with :
regedit /s path_to_proxy_settings.reg
If you want it to apply for all users you need to apply the same file under:
HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
as mentioned in the post. There may be other ways as mentioned here https://serverfault.com/questions/34940/how-do-i-configure-proxy-settings-for-local-system , but the above was the easiest for me.