0

Hi I have the following bit of code

 //set up exchange server name
        var Exchangesrv = "ex1.iah.ac.uk";


        // Initialize PowerShell engine
        var shell = PowerShell.Create();

        // Add the script to the PowerShell object
        shell.Commands.AddScript("Invoke-Command -Computername hostname.example.com -ScriptBlock{get-alias}");

        // Execute the script
        var results = shell.Invoke();


        Input.DataSource = results;
        Input.DataBind();

So very simply I want to invoke a power shell command and the "input" is a list box object I am populating

But When i run it on the IIS server it does not work, I think it is because the IIS application is not running with an account that is admin on the remote server I am trying to run the command against. Can any one help resolving this. How can I get the webpage to call this invoke command with the right credentials?

Edit
So i decided to create a profile on the web server that means when the account that I am using opens power-shell the exchange module is loaded. But I don't see this loading when using the following code 

using (var powershell = PowerShell.Create())
        {
            //powershell.Runspace = runspace;


            // Add the script to the PowerShell object
            //powershell.AddScript("Get-alias");
            powershell.AddScript("Get-DynamicDistributionGroup");


            // Execute the script
            var results = powershell.Invoke();


            Input.DataSource = results;
            Input.DataBind();

So What should be happening is power shell runs locally on the web server, but i need it to load the profile however I cant see why it is not doing it. Is there a command to force it to load the moduel.

Improve this question
5
  • Well, first things first - get proper logging in there so you know why it's failing, rather than just assuming. Secondly, if it is because of insufficient privileges (which is likely to be one issue, I agree), then you can impersonate as a different user for just that section of code. Alternatively, the Invoke-Command has a -Credential parameter that could also be used for for impersonation. Commented Nov 8, 2016 at 13:03
  • Hi, Sorry I have turned on logging in IIS but I don't see anything in the log files about it. Commented Nov 8, 2016 at 13:33
  • Sorry - I meant you should add logging messages to your application, typically by using a library like Log4Net, to ensure that you can accurately diagnose this and future problems. IIS logging is designed to tell you about the HTTP call, not the application processing. Commented Nov 8, 2016 at 14:08
  • Hi, this seems to be an issue loading the exchange power shell snap in remotely as it just keeps telling me it does not exist. Commented Nov 8, 2016 at 16:37
  • I think i need this "New-PSSession -ConfigurationName Microsoft. Exchange" but I dont know how I included that in my code Commented Nov 8, 2016 at 16:41

2 Answers 2

Reset to default
1

The property on the application pool is "Load User Profile". This must be set to True.

I can't tell anyone why this is, but it solved my Access denied issue.

More about the property here: https://blogs.msdn.microsoft.com/vijaysk/2009/03/08/iis-7-tip-3-you-can-now-load-the-user-profile-of-the-application-pool-identity/

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

In the end the impersonating and invoking did not do the trick (I could have used invoke but I did not want credentials in the code)

I found I had to change the properties on the application pool and then it worked fine.

Improve this answer

1 Comment

Change them to what?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.