Enabling Windows Features (IIS)

The Toolkit General Discussion
1

I’m trying to enable a number of Windows Features for IIS.
To accomplish that, I have a PowerShell script that works when I run it manually.

in deploy-application.ps1, I try to run it by using the following command:

Execute-Process -Path ‘Powershell’ -Parameters “-Command & { & "$dirFiles\Support\EneableIIS.ps1”; Exit `$LastExitCode }" -Wait

The file is located in a subfolder “Support” that resides inside the folder “Files”.
I get no errors while running this command, however, the Windows features are not being enabled.

The ps1 script I want to run is the following:

==================================================================================
$Hostname = Hostname
$iisSite = “Default Web Site”
$iis = Get-WmiObject Win32_Service -ComputerName $hostname -Filter “name=‘IISADMIN’”

    ## Install IIS with features

    if ($iis.State -eq "Running") {
        Write-Host "IIS is running on $hostname"
    } 
    else {
        Write-Host "IIS is not running on $hostname"
        Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServerRole, IIS-WebServer, IIS-CommonHttpFeatures, IIS-HttpRedirect, NetFx4Extended-ASPNET45, IIS-NetFxExtensibility45, IIS-Security, IIS-WebServerManagementTools, IIS-ManagementConsole, IIS-BasicAuthentication, IIS-DefaultDocument, IIS-ASPNET45
    }

    ## Create certificate with expiration date 10 years from execution date and add certificate to local machinbe store ##
    ## Add certificate to trusted root ##

    $cert = New-SelfSignedCertificate -DnsName "$hostname" -CertStoreLocation "cert:\LocalMachine\My" -KeyAlgorithm RSA -KeyLength 2048 -NotAfter (Get-Date).AddMonths(120)
    $DestStore = new-object System.Security.Cryptography.X509Certificates.X509Store([System.Security.Cryptography.X509Certificates.StoreName]::Root,"localmachine")
    $DestStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)
    $DestStore.Add($cert)
    $DestStore.Close()

        dir cert:\localmachine\my
        $cert = (Get-ChildItem cert:\LocalMachine\My | where-object { $_.Subject -like "*$hostname*" } | Select-Object -First 1).Thumbprint
        $cert

    "Cert Hash: " + $cert

    # http.sys mapping of ip/hostheader to cert ##

    $guid = [guid]::NewGuid().ToString("B")
    netsh http add sslcert hostnameport="${hostname}:443" certhash=$cert certstorename=MY appid="$guid"

    # iis site mapping ip/hostheader/port to cert - also maps certificate if it exists ##
    # for the particular ip/port/hostheader combo ##

    New-WebBinding -name $iisSite -Protocol https  -HostHeader $hostname -Port 443 -SslFlags 1

==================================================================================

Is there a way to enable the needed Windows Features for IIS directly by using dism or something like that?

2

Copy the contents of your EneableIIS.ps1 file into the deploy-application.ps1 file.

Then change Write-host to Write-log

Then if you want to log errors in those non-PSADT commands, see this: Logging for non-PSADT commands - The Toolkit / Tips & Tricks - PSAppDeployToolkit Community

3

Thanks for your reply.
However, I was not looking for a way to log the possible errors… I was hoping there is a PSADT “native” way of enabling Windows Features.

I know the .ps1 script works great when I run it from an Admin powershell command box…
So I’m looking for either another way of running an external .ps1 file from the “Files” folder (or subfolder), or for another way of enabling Windows features with command lines from the PSADT script directly.

I found another command I’m going to try:

Execute-Process -Path ‘powershell.exe’ -Parameters ‘-ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -File “$dirFiles\Support\EnableIIS.ps1”’ -wait

Or could this command line result in problems as well?

4

I am not 100% sure what you are trying to achieve. This is what I use in my PSADT script to enable IIS. This works without any errors on our devices.

        #Enable Optional Windows Features
        $WindowsFeaturesList = @(
            "IIS-WebServerRole",
            "IIS-WebServer",
            "IIS-CommonHttpFeatures",
            "IIS-HttpErrors",
            "IIS-ApplicationDevelopment",
            "IIS-Security",
            "IIS-RequestFiltering",
            "IIS-NetFxExtensibility45",
            "IIS-HealthAndDiagnostics",
            "IIS-HttpLogging",
            "IIS-RequestMonitor",
            "IIS-Performance",
            "IIS-WebServerManagementTools",
            "IIS-StaticContent",
            "IIS-DefaultDocument",
            "IIS-DirectoryBrowsing",
            "IIS-ASPNET45",
            "IIS-ISAPIExtensions",
            "IIS-ISAPIFilter",
            "IIS-HttpCompressionStatic",
            "IIS-ManagementConsole",
            "NetFx4Extended-ASPNET45"
        )

        #Enable the Optional Windows Features using DISM Cmdlet
        Enable-WindowsOptionalFeature -FeatureName $WindowsFeaturesList -Online -LogPath 'C:\Windows\Logs\Software\IIS_EnableWindowsFeatures.log'

Once IIS is enabled we then load the WebAdministration Powershell module and use that to configure IIS (we only do a basic configuration, not the more complex one from your script). I did notice in your script that you don’t import the WebAdministration module. I wonder if this could be why you are getting errors?

1 Like
5

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.