Execute a command with Powershell using Win32_Process


$cmd=“xcopy c:\1.txt c:\temp\1.txt /A”


$server=“.”


$user=“domain\userName”


$pass=“p@ssw0rd”


$process = [WMIClass]“\\$server\ROOT\cimv2:Win32_Process”


#$process.psbase.Scope.Options.userName=$user


#$process.psbase.Scope.Options.Password=$pass


#$process.psbase.Scope.Options.Impersonation = [System.Management.ImpersonationLevel]::Impersonate


#$process.psbase.Scope.Options.Authentication = [System.Management.AuthenticationLevel]::PacketPrivacy


$process.Create($cmd)


# get process id and returnValue


$process.ProcessId


$process.ReturnValue

How to use Security Configuration Wizard in Windows Server 2008 to lockdown a server with IIS

This article contains tips, tricks and steps to use Security Configuration wizard (SCW) included in Windows Server 2008.  I was recently working on locking down Windows Server 2008 with IIS.  By default, Windows Server 2008 is more locked down than any previous Microsoft server OS. (PS: So is IIS).  I wasn’t sure where to begin.  I have used SCW in previous operating systems; I figured that would be a good place to start.  I quickly discovered Microsoft has done an excellent job with SCW, it’s easy to use, creates xml files that can be edited for later use and / or turned into a GPO (Group Policy Object).   Probably the most flexible thing I discovered you can run SCW, save your settings and not apply the policy.  The GPO option really captured my attention!  You may wonder why the GPO option is so awesome?  You can setup your custom policy and then apply to OU’s containing targeted machines, such as internet-facing servers.  This technique provides a consistent policy across all your machines.  My post isn’t meant to cover group policy, for more information check out this article.

To get started, I created a model machine which included all the necessary IIS modules.  I executed the steps below, then used scwcmd (command line version of SCW) to ‘transform’ the XML file to a GPO.  One thing to be aware the user account that executes scwcmd needs to have permissions to create GPO’s, which are stored on an Active Directory (AD) domain controller.  I HIGHLY recommend doing this in a controlled / test environment before implementing in production.  Also, if you are not in control of your AD environment, get with your AD tech’s to have them grant permissions. 

A few tips I recommend, you perform this in a isolated environment using a virtual machine.  You can use Virtual PC, VMware Server or Hyper-V.  When I applied the policy, the Terminal Services service was disabled preventing me from accessing the machine remotely.  The first time I ran the process, “I said, what the heck”, I’ll apply the policy.  Luckily the machine was a VMware VM. 🙂  Other settings that were captured were firewall rules.  Things like the Server service (which was recently exploited and a patch was released) and blocking normal Microsoft ports (135,137,138,139,445).  For internet facing servers, I would think there aren’t too many reasons to have these ports open.  If you do need the ports open, you can set your Windows Firewall rules to only allow certain machines, for example your NAS / SAN connections where the content files reside.  In conclusion, Microsoft has provided a tool to help lockdown Windows Server 2008.  I hope you find this article useful.  Here are more articles that discuss using SCW. 

Here are the steps to run SCW.


 


























Cheers,


Steve Schofield
Microsoft MVP – IIS

IIS Powershell Provider info and articles

I’ve been recently trying to get more in-depth regarding Powershell and the IIS provider.   Here are some articles along with the download link. 


‘Over 10 articles on Powershell and the IIS Provider.
http://learn.iis.net/page.aspx/447/managing-iis-with-the-iis-70-powershell-provider/


‘Getting Started
http://learn.iis.net/page.aspx/428/getting-started-with-the-iis-70-powershell-provider/

‘Powershell Provider CTP 2


x64
http://www.iis.net/downloads/default.aspx?tabid=34&i=1665&g=6


x86
http://www.iis.net/downloads/default.aspx?tabid=34&i=1664&g=6


 “Accept it, Powershell is the WAY of the command line future for Windows, accept it and go forward!”


Cheers,


Steve

IISLogs added to Softpedia.com database.

I received an announcement from Softpedia.com.   IISLogs is certified to not have any adware and passed their strict security tests.  We are excited to receive this recognition.


“IISLogs, one of your products, has been added to Softpedia’s database of software programs for the Windows operating system. It is featured with adescription text, screenshots, download links and technical details on this page:


http://www.softpedia.com/get/Internet/Servers/Server-Tools/IISLogs.shtml


IISLogs” has been tested in the Softpedia labs using several industry-leading security solutions and found to be completely clean of adware/spyware components. We are impressed with the quality of your product and encourage you to keep these high standards in the future.  To assure our visitors that IISLogs is clean, we have  ted it with the “100% CLEAN” Softpedia award. To let your users know about this certification, you may display this award on your website, on software boxes or inside your product.


More information about your product’s certification and the award is available on this page:
http://www.softpedia.com/progClean/IISLogs-Clean-110029.html

More information about IISLogs is at www.iislogs.com


Cheers,


Steve Schofield
Microsoft MVP – IIS.

IIS MVP for 2009

Got some great news today!! “Congratulations! We are pleased to present you with the 2009 Microsoft® MVP Award!”


It’s been awesome to be part of the IIS community.  Since IIS 7.0 has come out, the IIS community continues to grow.   It’s fun sharing and learning over at http://forums.iis.net.  Have a IIS or related question, post away and someone should help out.


Cheers,


Steve