Avatar of ravi doshi
ravi doshi
 asked on

PowerShell script to collect information about IIS websites

I need a powershell script that will capture the following details about websites residing in IIS:

.NET CLR version
Authentication method
Enable 32bit application flag
Connections strings

I'd like to be able to run it against a group of servers and output the server OS version and server name as well but that is a "nice to have"
PowershellMicrosoft IIS Web Server

Avatar of undefined
Last Comment
Sam Jacobs

8/22/2022 - Mon
Sam Jacobs

What OS? The IIS PowerShell cmdlets are different for Windows Server 2012 and 2016.
ravi doshi

ASKER
Windows server 2012
Sam Jacobs

Have a go with this ... you will need to run it in an elevated PowerShell session.
Let me know if you have any questions.

$serverFile = "c:\temp\IISServers.txt"
$outputCSV  = "c:\temp\WebSiteInfo.csv"

# make sure script is running elevated
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
    Write-Warning "This script needs to be run elevated.`nPlease re-run this script as an Administrator!"
    Break
}

$servers = Get-Content $serverFile

$allSiteInfo = @()
$servers | foreach{
	$webSiteInfo = Invoke-Command -ComputerName $_ -ScriptBlock {
		$osInfo = Get-WMIObject Win32_OperatingSystem
		Import-Module WebAdministration
		$sites = @(Get-ChildItem -Path IIS:\Sites)
		$pools = @(Get-ChildItem -Path IIS:\AppPools)

		$siteInfo = @()
		foreach ($site in $sites) {
		   $name = $site.name
		   $pool =  $pools | ? name -eq $site.applicationpool
		   $netVer = $pool.managedRuntimeVersion
		   $authMethod = $pool.managedPipelineMode
		   $enable32bit = $pool.enable32bitAppOnWin64
		   $connStrings = (Get-WebConfiguration "IIS:\Sites\$($site.name)" -filter "connectionstrings/add").ConnectionString
		   $siteInfo += New-Object -Type PSObject -Property @{
				'server'=$env:ComputerName
				'OSname'=$osInfo.Caption
				'OSver'=$osInfo.Version
				'OSbits'=$osInfo.OSArchitecture
				'siteName'=$name
				'netVer'=$netVer
				'auth'=$authMethod
				'32bit'=$enable32bit
				'connStrings'=$connStrings
				}
		}
		$siteInfo | Select server, OSname, OSver, OSbits, siteName, auth, 32bit, connStrings
	}
	$allSiteInfo += $webSiteInfo
}
$allSiteInfo | Select server, OSname, OSver, OSbits, siteName, auth, 32bit, connStrings | Export-Csv $outputCSV -NoTypeInformation

Open in new window

Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
ravi doshi

ASKER
This is very close but a couple items are missing/incorrect.  I need all the authentication methods for a site.  Some of them are Anonymous and Windows authentication.  Others are Forms and Windows, etc.  I need all the authentication methods for each site listed.  

For the application pools, I need the .NET CLR Version which is either v4.0 or v2.0.  That information is the first listing on the Advanced setting section, right above Enable 32-Bit Applications setting.
Sam Jacobs

Let me double - check it...
ravi doshi

ASKER
And how do I specify multiple servers names in the IISServers.txt file?  Comma, semicolon, quotes doen't work.  What is the separator?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Sam Jacobs

Just put each server name on a separate line ...
Sam Jacobs

I'm working on updating the code ...
Sam Jacobs

Ravi ... still working on the authentication filters for forms authentication and impersonation, but please check this out in the meantime:
$serverFile = "c:\temp\IISServers.txt"
$outputCSV  = "c:\temp\WebSiteInfo.csv"

# make sure script is running elevated
If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
    Write-Warning "This script needs to be run elevated.`nPlease re-run this script as an Administrator!"
    Break
}

$servers = Get-Content $serverFile

$allSiteInfo = @()
$servers | foreach{
	$webSiteInfo = Invoke-Command -ComputerName $_ -ScriptBlock {
		$anonAuthFilter  = "/system.WebServer/security/authentication/anonymousAuthentication"
		$winAuthFilter   = "/system.WebServer/security/authentication/windowsAuthentication"
		$basicAuthFilter = "/system.WebServer/security/authentication/basicAuthentication"

		$osInfo = Get-WMIObject Win32_OperatingSystem
		Import-Module WebAdministration
		$sites = @(Get-ChildItem -Path IIS:\Sites)
		$pools = @(Get-ChildItem -Path IIS:\AppPools)

		$siteInfo = @()
		foreach ($site in $sites) {
		   $name = $site.name
		   $pool =  $pools | ? name -eq $site.applicationpool
		   $netVer = $pool.managedRuntimeVersion
		   $enable32bit = $pool.enable32bitAppOnWin64
		   $connStrings = (Get-WebConfiguration "IIS:\Sites\$($site.name)" -filter "connectionstrings/add").ConnectionString
		   $authMethods = @()
		   if ((Get-WebConfigurationProperty -filter $anonAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Anonymous" } 
		   if ((Get-WebConfigurationProperty -filter $winAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Windows" } 
		   if ((Get-WebConfigurationProperty -filter $basicAuthFilter -PSPath "IIS:\Sites\$($site.name)" -name Enabled).Value -eq $True)
			{ $authMethods += "Basic" } 
		   $strMethods = $authMethods -join ","

		   $siteInfo += New-Object -Type PSObject -Property @{
				'server'=$env:ComputerName
				'OSname'=$osInfo.Caption
				'OSver'=$osInfo.Version
				'OSbits'=$osInfo.OSArchitecture
				'siteName'=$name
				'netVer'=$netVer
				'auth'=$strMethods
				'32bit'=$enable32bit
				'connStrings'=$connStrings
				}
		}
		$siteInfo | Select server, OSname, OSver, OSbits, siteName, netVer, auth, 32bit, connStrings
	}
	$allSiteInfo += $webSiteInfo
}
$allSiteInfo | Select server, OSname, OSver, OSbits, siteName, netVer, auth, 32bit, connStrings | Export-Csv $outputCSV -NoTypeInformation

Open in new window

Your help has saved me hundreds of hours of internet surfing.
fblack61
ASKER CERTIFIED SOLUTION
Sam Jacobs

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ravi doshi

ASKER
You are a god among men and saved me countless hours of manual data entry.  I very much appreciate your assistance!!
Sam Jacobs

You are most welcome ... Sorry it took so long ... It was a learning experience for me as well!
There were a lot of pieces to pull together (especially with the authentication methods), and it was not very intuitive.
The Microsoft documentation was pretty sparse and not very helpful.