Följande script använder en specifierad CSV-fil som indata för att skapa upp kataloger, apppooler, samt identitet på appoolen och hostheaders.
# Script that setups several websites with apppools and directories from a configuration stored in a csv file.
# Created by: Lars Gustavsson
# Version: 1.1
# Changelog: 1.0 Created.
# 1.1 Added creation of hostheaders and some handling of empty values in CSV.
#
# Instructions:
# If you are running the script manually, copy all the files and subfolders to c:\temp and set the current directory to c:\temp.
# Make sure to set the execution policy to unrestricted with "set-execution policy unrestricted"
# Editing of local policy is done with a function done by Kyle Neier http://www.sqlservercentral.com/blogs/kyle-neier/2012/03/27/powershell-adding-accounts-to-local-security-policy/
#Setting variables
#Path to CSV-File.
$ACLfolder = "Folders.csv"
#Importing the module for IIS administration.
Import-Module webadministration
#Importing function for editing local policy
. .\SetLocalPrivilege.ps1
#Creating an object with the content of the CSV-file.
$CreateConfig = import-csv $ACLfolder
#Looping through each line in the CSV-file.
ForEach ($item in $CreateConfig){
#Creating the folder specified.
if ( ![string]::IsNullOrEmpty($item.FullName)){
New-Item $item.FullName -type Directory
}
#Creating the Application Pool and IIS-Website
if ( ![string]::IsNullOrEmpty($item.AppPool)){
$apppool = "IIS:\\AppPools\" + $item.AppPool
New-Item $apppool
New-Item $item.VirtualDirectory -bindings $item.Binding -physicalPath $item.FullName
#Modifying the site to use the Application Pool
Set-ItemProperty $item.VirtualDirectory -name applicationPool -value $item.AppPool
#Checking if the Application Pool should be run with a user account or with Application Pool Identity
if($item.AuthType -eq "User"){
#Giving the user the right to start services
Add-LoginToLocalPrivilege $item.UserName "SeServiceLogonRight"
#Setting the Application Pool Identity and Settings
$ChangeAppPoolUser = Get-item $apppool
$ChangeAppPoolUser.processmodel.identityType = 3
$ChangeAppPoolUser.processmodel.username = $item.Username
$ChangeAppPoolUser.processmodel.password = $item.AppPoolPassword
$ChangeAppPoolUser.processmodel.loadUserProfile = "True"
$ChangeAppPoolUser | set-item
}
else {
Set-ItemProperty -Path $apppool -Name processmodel.identityType -Value 4
}
}
#Giving the application pool user modify rights to the folders.
if ( ![string]::IsNullOrEmpty($item.FullName)){
$acl = Get-Acl $item.FullName
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($item.UserName, "Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)
Set-Acl $item.FullName $acl
}
#Add more host headers to Website if specified in CSV
if ( ![string]::IsNullOrEmpty($item.HostHeader)){
$hostheader = $item.HostHeader
$binding = @{protocol="http";bindingInformation="*:80:$hostheader"}
New-ItemProperty $item.VirtualDirectory -Name Bindings -Value $binding
}
}
Skapa en CSV fil enligt följande exempel:
"FullName","UserName","AppPool","VirtualDirectory","Binding","AuthType","AppPoolPassword","HostHeader"
"C:\Site1","DOMAIN\AppPoolUser","Site1","IIS:\Sites\Site1","@{protocol="http";bindingInformation=":80:hostheader.domain.suffix"},"User","Password" "E:\Site2","DOMAIN\AppPoolUser2","Site2","IIS:\Sites\Site2","@{protocol="http";bindingInformation=":80:"},"Identity" "E:\Logdirectory","DOMAIN\AppPoolUser2" "","","","IIS:\Sites\Site2","","","","another.hostheader.com"
För att skriptet ska fungera behöver du scriptet SetLocalPrivilege från Kyle Neier
Ändra rad 101 från:
[ValidateSet("SeManageVolumePrivilege", "SeLockMemoryPrivilege")
till:
[ValidateSet("SeManageVolumePrivilege", "SeLockMemoryPrivilege","SeServiceLogonRight")]
Tack Oscar Virotför lite hjälp med variabelhanteringen.