Link to home
Start Free TrialLog in
Avatar of ravi doshi
ravi doshi

asked on

PowerShell script to collect information about IIS websites

I need a powershell script that will capture the following details about websites residing in IIS:

.NET CLR version
Authentication method
Enable 32bit application flag
Connections strings

I'd like to be able to run it against a group of servers and output the server OS version and server name as well but that is a "nice to have"
Avatar of Sam Jacobs
Sam Jacobs
Flag of United States of America image

What OS? The IIS PowerShell cmdlets are different for Windows Server 2012 and 2016.
Avatar of ravi doshi
ravi doshi

ASKER

Windows server 2012
Have a go with this ... you will need to run it in an elevated PowerShell session.
Let me know if you have any questions.

$serverFile = "c:\temp\IISServers.txt"
$outputCSV  = "c:\temp\WebSiteInfo.csv"

# make sure script is running elevated
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
    Write-Warning "This script needs to be run elevated.`nPlease re-run this script as an Administrator!"
    Break
}

$servers = Get-Content $serverFile

$allSiteInfo = @()
$servers | foreach{
	$webSiteInfo = Invoke-Command -ComputerName $_ -ScriptBlock {
		$osInfo = Get-WMIObject Win32_OperatingSystem
		Import-Module WebAdministration
		$sites = @(Get-ChildItem -Path IIS:\Sites)
		$pools = @(Get-ChildItem -Path IIS:\AppPools)

		$siteInfo = @()
		foreach ($site in $sites) {
		   $name = $site.name
		   $pool =  $pools | ? name -eq $site.applicationpool
		   $netVer = $pool.managedRuntimeVersion
		   $authMethod = $pool.managedPipelineMode
		   $enable32bit = $pool.enable32bitAppOnWin64
		   $connStrings = (Get-WebConfiguration "IIS:\Sites\$($site.name)" -filter "connectionstrings/add").ConnectionString
		   $siteInfo += New-Object -Type PSObject -Property @{
				'server'=$env:ComputerName
				'OSname'=$osInfo.Caption
				'OSver'=$osInfo.Version
				'OSbits'=$osInfo.OSArchitecture
				'siteName'=$name
				'netVer'=$netVer
				'auth'=$authMethod
				'32bit'=$enable32bit
				'connStrings'=$connStrings
				}
		}
		$siteInfo | Select server, OSname, OSver, OSbits, siteName, auth, 32bit, connStrings
	}
	$allSiteInfo += $webSiteInfo
}
$allSiteInfo | Select server, OSname, OSver, OSbits, siteName, auth, 32bit, connStrings | Export-Csv $outputCSV -NoTypeInformation

Open in new window

This is very close but a couple items are missing/incorrect.  I need all the authentication methods for a site.  Some of them are Anonymous and Windows authentication.  Others are Forms and Windows, etc.  I need all the authentication methods for each site listed.  

For the application pools, I need the .NET CLR Version which is either v4.0 or v2.0.  That information is the first listing on the Advanced setting section, right above Enable 32-Bit Applications setting.
Let me double - check it...
And how do I specify multiple servers names in the IISServers.txt file?  Comma, semicolon, quotes doen't work.  What is the separator?
Just put each server name on a separate line ...
I'm working on updating the code ...
Ravi ... still working on the authentication filters for forms authentication and impersonation, but please check this out in the meantime:
$serverFile = "c:\temp\IISServers.txt"
$outputCSV  = "c:\temp\WebSiteInfo.csv"

# make sure script is running elevated
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
    Write-Warning "This script needs to be run elevated.`nPlease re-run this script as an Administrator!"
    Break
}

$servers = Get-Content $serverFile

$allSiteInfo = @()
$servers | foreach{
	$webSiteInfo = Invoke-Command -ComputerName $_ -ScriptBlock {
		$anonAuthFilter  = "/system.WebServer/security/authentication/anonymousAuthentication"
		$winAuthFilter   = "/system.WebServer/security/authentication/windowsAuthentication"
		$basicAuthFilter = "/system.WebServer/security/authentication/basicAuthentication"

		$osInfo = Get-WMIObject Win32_OperatingSystem
		Import-Module WebAdministration
		$sites = @(Get-ChildItem -Path IIS:\Sites)
		$pools = @(Get-ChildItem -Path IIS:\AppPools)

		$siteInfo = @()
		foreach ($site in $sites) {
		   $name = $site.name
		   $pool =  $pools | ? name -eq $site.applicationpool
		   $netVer = $pool.managedRuntimeVersion
		   $enable32bit = $pool.enable32bitAppOnWin64
		   $connStrings = (Get-WebConfiguration "IIS:\Sites\$($site.name)" -filter "connectionstrings/add").ConnectionString
		   $authMethods = @()
		   if ((Get-WebConfigurationProperty -filter $anonAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Anonymous" } 
		   if ((Get-WebConfigurationProperty -filter $winAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Windows" } 
		   if ((Get-WebConfigurationProperty -filter $basicAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Basic" } 
		   $strMethods = $authMethods -join ","

		   $siteInfo += New-Object -Type PSObject -Property @{
				'server'=$env:ComputerName
				'OSname'=$osInfo.Caption
				'OSver'=$osInfo.Version
				'OSbits'=$osInfo.OSArchitecture
				'siteName'=$name
				'netVer'=$netVer
				'auth'=$strMethods
				'32bit'=$enable32bit
				'connStrings'=$connStrings
				}
		}
		$siteInfo | Select server, OSname, OSver, OSbits, siteName, netVer, auth, 32bit, connStrings
	}
	$allSiteInfo += $webSiteInfo
}
$allSiteInfo | Select server, OSname, OSver, OSbits, siteName, netVer, auth, 32bit, connStrings | Export-Csv $outputCSV -NoTypeInformation

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Sam Jacobs
Sam Jacobs
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
You are a god among men and saved me countless hours of manual data entry.  I very much appreciate your assistance!!
You are most welcome ... Sorry it took so long ... It was a learning experience for me as well!
There were a lot of pieces to pull together (especially with the authentication methods), and it was not very intuitive.
The Microsoft documentation was pretty sparse and not very helpful.