Solved

Create Remote Powershell Process from ASP.NET C#

Posted on 2013-01-07
7
734 Views
Last Modified: 2013-01-14
Hi Experts,

We have a powershell script which we run manually once every few months to provide our users with an overview of who has access to who's mailbox & vice-versa:

Get-Mailbox -Server “[OUREXCHANGESERVER]” | Get-MailboxPermission | where { ($_.AccessRights -eq “FullAccess”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | export-csv h:\access1.csv

Open in new window


We then import the results to SQL and display them by user via a web page, so each individual accessing the web page sees their specific mailbox details.

What we would like to try and do now is somehow run the script from the web page so that the whole thing becomes dynamic rather than requiring a manual process every few months.

We use Citrix and would intend the Powershell script to run on the Citrix server using parameters to identify who's who.

Can anyone point us in the direction of where to begin, we have got as far as running a simple powershell cmdlet from within an ASP.NET page (locally in a test environment) following the example given here:
http://devinfra-us.blogspot.co.uk/2011/02/using-powershell-20-from-aspnet-part-1.html
But I think we are now starting to appreciate the complexity of what to do next...some general guidance at this stage would be appreaciated.
0
Comment
Question by:forsters
  • 3
  • 3
7 Comments
 
LVL 42

Expert Comment

by:sedgwick
ID: 38750612
>>But I think we are now starting to appreciate the complexity of what to do next...some general guidance at this stage would be appreciated.

I run the example from the link you've posted and it seems to work fine.
what problems you encounter applying this in your environment?
0
 

Author Comment

by:forsters
ID: 38750754
Hi sedgwick,

My apologies, there are no problems running the linked example locally on my machine, no that works fine...agreed, but that was merely to illustrate our first step in trying to understand the process of running powershell scripts via ASP.NET. It's getting from that fairly simple example to what we want to do that seems more complex.

As I said, we want the powershell script to run on our Citrix server not locally on an individuals PC, We will need the web page to trigger the running of the script and display the results, we don't neccessarily need to embed the script itself in the C# - we could just reference a ps1 file - it's trying to understand how we would be best to do this, any security / connection issues involved and how we can trigger the script to run remotely on a server but specific to the identity of the user who is logged in and requesting the webpage if that makes sense.
0
 
LVL 42

Accepted Solution

by:
sedgwick earned 334 total points
ID: 38750811
I've no general guideline of how to approach this requirement since it's not common one and i assume it is bonded to your specific needs and environment.
i'd break it down to bullet tasks and handle each one individually.
also it would easier to experts suggest solutions and help you achieving the final requirement.

1. the script get current logged user as parameter and output on a web page the mailbox permissions.
2. Citrix server which runs the powershell should have access to all pc's in order to get user's mailbox permissions (it can be run with admin credentials for instance).

what else?
i might not getting the whole scope of the requirement but if you will break it down for me i'd able (i'll try) to help you figure out one step at a time.

cheers
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:forsters
ID: 38751800
Many thanks, I will try and tackle one thing at a time:

I suppose the first thing that we would like to understand is the usings - in that example which works for both you and I the instructions say to add:
using System.Management.Automation;
but I note from googling the subject that most suggest the need for two further usings:
using System.Collections.ObjectModel;
using System.Management.Automation.Runspaces;


Some also seem to refer to the use of pipelines - for example:

runspace.Open();
Pipeline pipeline = runspace.CreatePipeline();
pipeline.Commands.AddScript("my script");
Collection<PSObject> output = pipeline.Invoke();

Open in new window


I'm not clear on the implications/ neccesity are you able to advise on those points at all?
0
 
LVL 42

Assisted Solution

by:sedgwick
sedgwick earned 334 total points
ID: 38754476
using those libraries (powershell api wrapper class basically) is nice to have but as you pointed out earlier you can run a PS script.
if you familiar with .NET, then i'd stick to that and have my code using those libraries.
this is really a minor technical issue, cause the PS is merely one line of code.

check this example here:
How to run PowerShell scripts from C#

also you might want to know if the PS code was running successfully and no error was triggered, so i'd use try/catch in the PS code and output in case of exception.

what is the next step?
0
 
LVL 23

Assisted Solution

by:Coralon
Coralon earned 166 total points
ID: 38757592
Do you intend to keep this avialable longer than the Citrix session?  If the answer is no, you don't need a special web page to do this.  

If I am understanding you needs correctly, you can publish the Powershell script with some modifications, and it should accomplish what you want.

you would publish:
powershell.exe -file <path to ps1 file>

You would add to your one-liner.

Here's a quick throw-together of where I would start:
Get-Mailbox -Server “[OUREXCHANGESERVER]” | Get-MailboxPermission | where { ($_.AccessRights -eq “FullAccess”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITY\SELF”) } | convertto-html | out-file -filepath "$env:temp\MyFileName.htm"

start-process -filepath "c:\program files (x86)\internet explorer\iexplore.exe" -argumentlist "$env:temp\myfilename" -Wait $true

Open in new window


I'm sure it will need some debugging, and you can highly customize the resulting web page with the convertto-html command.  

It's obviously the opposite direction of what you were asking originally, but if the end-result is what I think it is based on your description, this would be a lot easier to handle from a Citrix environment without having to worry about the SQL server.

Coralon
0
 

Author Closing Comment

by:forsters
ID: 38774692
Thanks to both experts, I have split points and will revisit this later, it was just something we were playing with but other projects are dominating.

Many thanks for your help so far
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Create and license users in Office 365 in bulk based on a CSV file. A step-by-step guide with PowerShell script examples.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now