Create Remote Powershell Process from ASP.NET C#

Posted on 2013-01-07
Medium Priority
Last Modified: 2013-01-14
Hi Experts,

We have a powershell script which we run manually once every few months to provide our users with an overview of who has access to who's mailbox & vice-versa:

Get-Mailbox -Server “[OUREXCHANGESERVER]” | Get-MailboxPermission | where { ($_.AccessRights -eq “FullAccess”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | export-csv h:\access1.csv

Open in new window

We then import the results to SQL and display them by user via a web page, so each individual accessing the web page sees their specific mailbox details.

What we would like to try and do now is somehow run the script from the web page so that the whole thing becomes dynamic rather than requiring a manual process every few months.

We use Citrix and would intend the Powershell script to run on the Citrix server using parameters to identify who's who.

Can anyone point us in the direction of where to begin, we have got as far as running a simple powershell cmdlet from within an ASP.NET page (locally in a test environment) following the example given here:
But I think we are now starting to appreciate the complexity of what to do next...some general guidance at this stage would be appreaciated.
Question by:forsters
  • 3
  • 3
LVL 42

Expert Comment

by:Meir Rivkin
ID: 38750612
>>But I think we are now starting to appreciate the complexity of what to do next...some general guidance at this stage would be appreciated.

I run the example from the link you've posted and it seems to work fine.
what problems you encounter applying this in your environment?

Author Comment

ID: 38750754
Hi sedgwick,

My apologies, there are no problems running the linked example locally on my machine, no that works fine...agreed, but that was merely to illustrate our first step in trying to understand the process of running powershell scripts via ASP.NET. It's getting from that fairly simple example to what we want to do that seems more complex.

As I said, we want the powershell script to run on our Citrix server not locally on an individuals PC, We will need the web page to trigger the running of the script and display the results, we don't neccessarily need to embed the script itself in the C# - we could just reference a ps1 file - it's trying to understand how we would be best to do this, any security / connection issues involved and how we can trigger the script to run remotely on a server but specific to the identity of the user who is logged in and requesting the webpage if that makes sense.
LVL 42

Accepted Solution

Meir Rivkin earned 1336 total points
ID: 38750811
I've no general guideline of how to approach this requirement since it's not common one and i assume it is bonded to your specific needs and environment.
i'd break it down to bullet tasks and handle each one individually.
also it would easier to experts suggest solutions and help you achieving the final requirement.

1. the script get current logged user as parameter and output on a web page the mailbox permissions.
2. Citrix server which runs the powershell should have access to all pc's in order to get user's mailbox permissions (it can be run with admin credentials for instance).

what else?
i might not getting the whole scope of the requirement but if you will break it down for me i'd able (i'll try) to help you figure out one step at a time.

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!


Author Comment

ID: 38751800
Many thanks, I will try and tackle one thing at a time:

I suppose the first thing that we would like to understand is the usings - in that example which works for both you and I the instructions say to add:
using System.Management.Automation;
but I note from googling the subject that most suggest the need for two further usings:
using System.Collections.ObjectModel;
using System.Management.Automation.Runspaces;

Some also seem to refer to the use of pipelines - for example:

Pipeline pipeline = runspace.CreatePipeline();
pipeline.Commands.AddScript("my script");
Collection<PSObject> output = pipeline.Invoke();

Open in new window

I'm not clear on the implications/ neccesity are you able to advise on those points at all?
LVL 42

Assisted Solution

by:Meir Rivkin
Meir Rivkin earned 1336 total points
ID: 38754476
using those libraries (powershell api wrapper class basically) is nice to have but as you pointed out earlier you can run a PS script.
if you familiar with .NET, then i'd stick to that and have my code using those libraries.
this is really a minor technical issue, cause the PS is merely one line of code.

check this example here:
How to run PowerShell scripts from C#

also you might want to know if the PS code was running successfully and no error was triggered, so i'd use try/catch in the PS code and output in case of exception.

what is the next step?
LVL 25

Assisted Solution

Coralon earned 664 total points
ID: 38757592
Do you intend to keep this avialable longer than the Citrix session?  If the answer is no, you don't need a special web page to do this.  

If I am understanding you needs correctly, you can publish the Powershell script with some modifications, and it should accomplish what you want.

you would publish:
powershell.exe -file <path to ps1 file>

You would add to your one-liner.

Here's a quick throw-together of where I would start:
Get-Mailbox -Server “[OUREXCHANGESERVER]” | Get-MailboxPermission | where { ($_.AccessRights -eq “FullAccess”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | convertto-html | out-file -filepath "$env:temp\MyFileName.htm"

start-process -filepath "c:\program files (x86)\internet explorer\iexplore.exe" -argumentlist "$env:temp\myfilename" -Wait $true

Open in new window

I'm sure it will need some debugging, and you can highly customize the resulting web page with the convertto-html command.  

It's obviously the opposite direction of what you were asking originally, but if the end-result is what I think it is based on your description, this would be a lot easier to handle from a Citrix environment without having to worry about the SQL server.


Author Closing Comment

ID: 38774692
Thanks to both experts, I have split points and will revisit this later, it was just something we were playing with but other projects are dominating.

Many thanks for your help so far

Featured Post

Managed Security Services Webinar - March 15

Selecting the right managed security services platform to grow your business can be a huge undertaking. Join WatchGuard and Frost & Sullivan in an upcoming webinar as we dive into the key elements of selecting a vendor platform and partnership to fuel a successful MSSP business.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

After a recent Outlook migration from a 2007 to 2010 environment, some issues with Distribution List owners were realized. In this article, I explain how that was rectified.
An ASP.NET Web Form User Control is not newly introduced in ASP.NET. In fact, it was an old technology yet still playing a role to generate web content, especially when we want to use it to have a better and easy way to control part of the web conte…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question