PowerShell script to collect information about IIS websites

I need a powershell script that will capture the following details about websites residing in IIS:

.NET CLR version
Authentication method
Enable 32bit application flag
Connections strings

I'd like to be able to run it against a group of servers and output the server OS version and server name as well but that is a "nice to have"
ravi doshiAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Sam JacobsDirector of Technology Development, IPMCommented:
What OS? The IIS PowerShell cmdlets are different for Windows Server 2012 and 2016.
ravi doshiAuthor Commented:
Windows server 2012
Sam JacobsDirector of Technology Development, IPMCommented:
Have a go with this ... you will need to run it in an elevated PowerShell session.
Let me know if you have any questions.

$serverFile = "c:\temp\IISServers.txt"
$outputCSV  = "c:\temp\WebSiteInfo.csv"

# make sure script is running elevated
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
    Write-Warning "This script needs to be run elevated.`nPlease re-run this script as an Administrator!"
    Break
}

$servers = Get-Content $serverFile

$allSiteInfo = @()
$servers | foreach{
	$webSiteInfo = Invoke-Command -ComputerName $_ -ScriptBlock {
		$osInfo = Get-WMIObject Win32_OperatingSystem
		Import-Module WebAdministration
		$sites = @(Get-ChildItem -Path IIS:\Sites)
		$pools = @(Get-ChildItem -Path IIS:\AppPools)

		$siteInfo = @()
		foreach ($site in $sites) {
		   $name = $site.name
		   $pool =  $pools | ? name -eq $site.applicationpool
		   $netVer = $pool.managedRuntimeVersion
		   $authMethod = $pool.managedPipelineMode
		   $enable32bit = $pool.enable32bitAppOnWin64
		   $connStrings = (Get-WebConfiguration "IIS:\Sites\$($site.name)" -filter "connectionstrings/add").ConnectionString
		   $siteInfo += New-Object -Type PSObject -Property @{
				'server'=$env:ComputerName
				'OSname'=$osInfo.Caption
				'OSver'=$osInfo.Version
				'OSbits'=$osInfo.OSArchitecture
				'siteName'=$name
				'netVer'=$netVer
				'auth'=$authMethod
				'32bit'=$enable32bit
				'connStrings'=$connStrings
				}
		}
		$siteInfo | Select server, OSname, OSver, OSbits, siteName, auth, 32bit, connStrings
	}
	$allSiteInfo += $webSiteInfo
}
$allSiteInfo | Select server, OSname, OSver, OSbits, siteName, auth, 32bit, connStrings | Export-Csv $outputCSV -NoTypeInformation

Open in new window

5 Ways Acronis Skyrockets Your Data Protection

Risks to data security are risks to business continuity. Businesses need to know what these risks look like – and where they can turn for help.
Check our newest E-Book and learn how you can differentiate your data protection business with advanced cloud solutions Acronis delivers

ravi doshiAuthor Commented:
This is very close but a couple items are missing/incorrect.  I need all the authentication methods for a site.  Some of them are Anonymous and Windows authentication.  Others are Forms and Windows, etc.  I need all the authentication methods for each site listed.  

For the application pools, I need the .NET CLR Version which is either v4.0 or v2.0.  That information is the first listing on the Advanced setting section, right above Enable 32-Bit Applications setting.
Sam JacobsDirector of Technology Development, IPMCommented:
Let me double - check it...
ravi doshiAuthor Commented:
And how do I specify multiple servers names in the IISServers.txt file?  Comma, semicolon, quotes doen't work.  What is the separator?
Sam JacobsDirector of Technology Development, IPMCommented:
Just put each server name on a separate line ...
Sam JacobsDirector of Technology Development, IPMCommented:
I'm working on updating the code ...
Sam JacobsDirector of Technology Development, IPMCommented:
Ravi ... still working on the authentication filters for forms authentication and impersonation, but please check this out in the meantime:
$serverFile = "c:\temp\IISServers.txt"
$outputCSV  = "c:\temp\WebSiteInfo.csv"

# make sure script is running elevated
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
    Write-Warning "This script needs to be run elevated.`nPlease re-run this script as an Administrator!"
    Break
}

$servers = Get-Content $serverFile

$allSiteInfo = @()
$servers | foreach{
	$webSiteInfo = Invoke-Command -ComputerName $_ -ScriptBlock {
		$anonAuthFilter  = "/system.WebServer/security/authentication/anonymousAuthentication"
		$winAuthFilter   = "/system.WebServer/security/authentication/windowsAuthentication"
		$basicAuthFilter = "/system.WebServer/security/authentication/basicAuthentication"

		$osInfo = Get-WMIObject Win32_OperatingSystem
		Import-Module WebAdministration
		$sites = @(Get-ChildItem -Path IIS:\Sites)
		$pools = @(Get-ChildItem -Path IIS:\AppPools)

		$siteInfo = @()
		foreach ($site in $sites) {
		   $name = $site.name
		   $pool =  $pools | ? name -eq $site.applicationpool
		   $netVer = $pool.managedRuntimeVersion
		   $enable32bit = $pool.enable32bitAppOnWin64
		   $connStrings = (Get-WebConfiguration "IIS:\Sites\$($site.name)" -filter "connectionstrings/add").ConnectionString
		   $authMethods = @()
		   if ((Get-WebConfigurationProperty -filter $anonAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Anonymous" } 
		   if ((Get-WebConfigurationProperty -filter $winAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Windows" } 
		   if ((Get-WebConfigurationProperty -filter $basicAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Basic" } 
		   $strMethods = $authMethods -join ","

		   $siteInfo += New-Object -Type PSObject -Property @{
				'server'=$env:ComputerName
				'OSname'=$osInfo.Caption
				'OSver'=$osInfo.Version
				'OSbits'=$osInfo.OSArchitecture
				'siteName'=$name
				'netVer'=$netVer
				'auth'=$strMethods
				'32bit'=$enable32bit
				'connStrings'=$connStrings
				}
		}
		$siteInfo | Select server, OSname, OSver, OSbits, siteName, netVer, auth, 32bit, connStrings
	}
	$allSiteInfo += $webSiteInfo
}
$allSiteInfo | Select server, OSname, OSver, OSbits, siteName, netVer, auth, 32bit, connStrings | Export-Csv $outputCSV -NoTypeInformation

Open in new window

Sam JacobsDirector of Technology Development, IPMCommented:
Yikes! That was not easy ... I believe this should do it ... Please let me know if anything is missing ...
$serverFile = "c:\temp\IISServers.txt"
$outputCSV  = "c:\temp\WebSiteInfo.csv"

# make sure script is running elevated
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
    Write-Warning "This script needs to be run elevated.`nPlease re-run this script as an Administrator!"
    Break
}

$servers = Get-Content $serverFile

$allSiteInfo = @()
$servers | foreach{
	$webSiteInfo = Invoke-Command -ComputerName $_ -ScriptBlock {
		$anonAuthFilter  = "/system.WebServer/security/authentication/anonymousAuthentication"
		$winAuthFilter   = "/system.WebServer/security/authentication/windowsAuthentication"
		$basicAuthFilter = "/system.WebServer/security/authentication/basicAuthentication"
		$imperAuthFilter = "/system.Web/identity"

		$osInfo = Get-WMIObject Win32_OperatingSystem
		Import-Module WebAdministration
		$sites = @(Get-ChildItem -Path IIS:\Sites)
		$pools = @(Get-ChildItem -Path IIS:\AppPools)

		$siteInfo = @()
		foreach ($site in $sites) {
		   $name = $site.name
		   $pool =  $pools | ? name -eq $site.applicationpool
		   $netVer = $pool.managedRuntimeVersion
		   $enable32bit = $pool.enable32bitAppOnWin64
		   $connStrings = (Get-WebConfiguration "IIS:\Sites\$($site.name)" -filter "connectionstrings/add").ConnectionString
		   $authMethods = @()
		   if ((Get-WebConfigurationProperty -filter $anonAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Anonymous" } 
		   if ((Get-WebConfigurationProperty -filter $winAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Windows" } 
		   if ((Get-WebConfigurationProperty -filter $basicAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Basic" } 
		   if ((Get-WebConfiguration -Filter system.web/authentication -PSPath "IIS:\sites\$($site.name)").mode -eq "Forms")
			{ $authMethods += "Forms" } 
		   if (((Get-WebConfiguration -Filter system.web/identity -PSPath "IIS:\sites\$($site.name)").Attributes | ? name -eq impersonate).Value -eq $True)
			{ $authMethods += "ASP.NET impersonation" } 

		   $strMethods = $authMethods -join ","

		   $siteInfo += New-Object -Type PSObject -Property @{
				'server'=$env:ComputerName
				'OSname'=$osInfo.Caption
				'OSver'=$osInfo.Version
				'OSbits'=$osInfo.OSArchitecture
				'siteName'=$name
				'netVer'=$netVer
				'auth'=$strMethods
				'32bit'=$enable32bit
				'connStrings'=$connStrings
				}
		}
		$siteInfo | Select server, OSname, OSver, OSbits, siteName, netVer, auth, 32bit, connStrings
	}
	$allSiteInfo += $webSiteInfo
}
$allSiteInfo | Select server, OSname, OSver, OSbits, siteName, netVer, auth, 32bit, connStrings | Export-Csv $outputCSV -NoTypeInformation

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ravi doshiAuthor Commented:
You are a god among men and saved me countless hours of manual data entry.  I very much appreciate your assistance!!
Sam JacobsDirector of Technology Development, IPMCommented:
You are most welcome ... Sorry it took so long ... It was a learning experience for me as well!
There were a lot of pieces to pull together (especially with the authentication methods), and it was not very intuitive.
The Microsoft documentation was pretty sparse and not very helpful.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.