Modifying Configuration Redirection Settings using PowerShell
I have to admit right up front that I'm not a PowerShell expert. But having said that, I had a great question a few days ago from Chris Morrow at MaximumASP - Chris asked how I could use PowerShell to modify the Configuration Redirection settings for IIS 7. I had only written PowerShell scripts that accessed settings in the applicationHost.config file, so Chris' question piqued my curiosity. After a while my curiosity gave way to obsession when my first couple of attempts weren't successful, but I'll spare you the details and stick to describing what worked. ;-]
First of all, I wrote my scripts in the PowerShell Integrated Scripting Environment (ISE), which made testing a lot easier.
That being said, here is the PowerShell script that I wrote to modify the configuration redirection settings:
# NOTE: You might need to run the following: Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process
[System.Reflection.Assembly]::LoadFrom( "C:\windows\system32\inetsrv\Microsoft.Web.Administration.dll" )
$serverManager = New-Object Microsoft.Web.Administration.ServerManager
$config = $serverManager.GetRedirectionConfiguration()
$redirectionSection = $config.GetSection("configurationRedirection")
$redirectionSection.Attributes["enabled"].Value = "true"
$redirectionSection.Attributes["userName"].Value = "MyUser"
$redirectionSection.Attributes["path"].Value = "\\SeverName\ShareName"
$redirectionSection.Attributes["password"].Value = "P@ssw0rd"
$serverManager.CommitChanges()
This script accomplishes the following tasks:
- Loads Microsoft.Web.Administration
- Creates a ServerManager object
- Retrieves the configuration configuration
- Retrieves the <configurationRedirection> section
- Sets the following configuration redirection options:
- Enables configuration redirection
- Specifies the user name
- Specifies the server/share where the configuration redirection files are located
- Specifies the user password
- Commits the changes to configuration
The first line in the script contains a comment that refers to security settings for PowerShell; the default settings for PowerShell may prevent you from running this PowerShell script on your system. This is due to the built-in security that is designed to prevent malicious scripts from being run on your computer. So you might see the following error message when you try to run the script in the PowerShell ISE:
This can easily be remedied by running the following syntax in the command pane of the PowerShell ISE:
Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process
This command uses the Set-ExecutionPolicy cmdlet to set the execution policy for this instance of the PowerShell ISE to bypass security warnings and restrictions. (Note: Once you close the PowerShell ISE this execution policy will be cleared.)
When you run this command, PowerShell will prompt you about changing the execution policy:
If you click Yes, you will be able to run the script.
After you run the script, the contents of your "%SystemRoot%\System32\inetsrv\config\redirection.config" file should resemble something like the following:
<configuration>
<configSections>
<section name="configurationRedirection" />
</configSections>
<configProtectedData>
<providers>
<add name="IISRsaProvider"
type=""
description="Uses RsaCryptoServiceProvider to encrypt and decrypt"
keyContainerName="iisConfigurationKey"
cspProviderName=""
useMachineContainer="true"
useOAEP="false" />
</providers>
</configProtectedData>
<configurationRedirection
enabled="true"
path="\\SeverName\ShareName"
userName="MyUser"
password="[enc:IISRsaProvider:57686f6120447564652c2049495320526f636b73=:enc]" />
</configuration>
For more information about the configuration redirection settings in IIS 7, see the following topic:
https://www.iis.net/ConfigReference/configurationRedirection
I hope this helps!