Administering IIS with PowerShell: Creating an Application Pool

This article shows you how to use PowerShell to manage IIS (that is, Microsoft’s Internet Information Server) on a remote system. The power and flexibility that PowerShell offers us as administrators can really improve our overall service to our customers, allowing us to do more in less time and with fewer mistakes. I’m going to show you how to create three application pools, each with the same configuration and each running under a different application service account from active directory.

The overall process for doing this is as follows. I’ll further describe each step below.

  1. Open PowerShell and load the WebAdministration module.
  2. Create a hashtable for holding our data – the application pool names, the username and the password.
  3. Create the Application Pools.
  4. Set the Application Pool user identity.

Petri_PowerShell

1. Enable IIS Remote Management: Getting PowerShell Ready

Start an elevated PowerShell session

If you run as a standard user and you want to run PowerShell as your administrator account, start the shell as your admin account, then start the elevated process from inside PowerShell.

                  Start-Process PowerShell.exe –Verb Runas

The new shell will start in an elevated session.

Import the WebAdministration module

We’ll be using a special PowerShell drive only available when the webadministration module is available. You only need to add the module to your PowerShell session, and the IIS: drive will be made available.

Import-Module WebAdministration

Now that the WebAdministration module is loaded, you’ll find all of the application pools for the IIS server at the location IIS:\AppPools.

2. Create a Hashtable for Holding Configuration Data

We’re going to use a hashtable to keep all of our configuration data together. Using this method, you’ll be able to see exactly where to modify this to suit your needs.

$Pools = @{Name=”HRWebsite_AppPool”; User=”Domain\HRWeb”; Pass=”MWER#4s5@”},

@{Name=”LegalWebsite_AppPool”;User=”Domain\LegalWeb”;Pass=”12Hwer3@4”},

@{Name=”WWW_AppPool”;User=”Domain\WwwWeb”;Pass=”26G@%G%gfeh”}

Now that you’re $Pools variable is populated, you can iterate through the new application pools configuration data with a simple for-loop.

3. and 4. Creating the Application Pools and Setting the Identity

Now we’ll create the application pools and set the application pool identities. This is two operations, but since we’re going to iterate through the array of hashtables ($Pools) anyway, we’ll do both operations for each app pool instance as we go.

An easy way to do this is by using the Foreach-Object statement. Alternatively, a For statement could be used, which would accomplish the same tasks but would read a little differently. After looking at both options I thought this looked easiest to read.

Here’s what this part of the script does: You start by taking the list of application pools in the $Pools array, and then for each of those entries:

  • Create an application pool with the “Name” property of the entry.
  • Save that new application pool as a new variable called “AppPool.”
  • Stop the application pool.
  • Set the username and password for the application pool.
  • Save the changes to the App pool.
  • Start the application pool once again.

Here’s how it looks in PowerShell:

$Pools | Foreach-Object  {

New-WebAppPool –Name $_.Name $AppPool = Get-Item IIS:\AppPools\$($_.Name) $AppPool | Stop-WebAppPool $AppPool.ProcessModel.Username = $_.User $AppPool.ProcessModel.Password = $_.Pass # # SET EXTRA CONFIG ITEMS HERE

#---
$AppPool | Set-Item
$AppPool | Start-WebAppPool

}

Customizing the App Pools

There might be some things that you want to standardize on these app pools. Here’s where to do it!

How to add a config item to each app pool

If you’re making a configuration change that you want to be consistent among all of your app pools, you’d make that change in the Foreach-Object scriptblock. It’s probably best to do it while the app pool is stopped, so there’s a place to set that item right there inline.

Here’s an example that would set the idle timeout for the application pool from the default of 20 minutes to 60 minutes.

$AppPool.ProcessModel.IdleTimeout = “00:60:00”

How to add a configuration item that’s different for some app pools

Use the same example of setting an IdleTimeout, but make it different for each app pool means you’re going to add this configuration to the hashtables. Here’s how:

Customize the hashtables: All you have to do is add an extra item to each hashtable in the $Pools array. If you’re adding it to one, it’s easiest to just add it to each one. You’ll avoid errors later if it’s just consistent.

$Pools = @{

Name=”HRWebsite_AppPool” User=”Domain\HRWeb” Pass=”MWER#4s5@” Timeout=”00:30:00”

}, @{

Name=”LegalWebsite_AppPool” User=”Domain\LegalWeb” Pass=”12Hwer3@4” Timeout=”00:60:00”

}, @{

Name=”WWW_AppPool” User=”Domain\WwwWeb” Pass=”26G@%G%gfeh” Timeout=”00:25:00”

}

Note that now that I’m adding more items to the hashtable, it made it more readable to spread each item onto its own line. It doesn’t process any differently. The semicolons are gone, which is okay with PowerShell as long as the properties are on their own lines.

Now that the hashtables are populated with our new data, we can add this line to the Foreach-Object scriptblock:

​ $AppPool.ProcessModel.IdleTimeout = $_.TimeOut

Adding even more configuration items

If you find that you’re adding a lot of items into these hashtables, you’re probably going to start looking for a better way. That better way is saving all of your items into a CSV, and importing the items with the Import-CSV cmdlet. Just make sure that the column headings for your CSV match what you’re expecting in your script.

$Pools = Import-CSV <Path to your CSV file>

If your CSV file had the same information as was in your hashtables, then your $Pools array is now exactly as it was before and processing the array works just the same.

Putting It All Together

Using these simple methods for gathering all of your configuration items, and then creating and configuring your application pools, you’ll be able to script the process and make it more quickly and with less error.

Did this work for you?  What changes did you make to customize it for your environment? Have you had to create a bunch of application pools before and wished you’d done it this way? Let me know in the comments below, of find me on Facebook, Twitter, or my personal blog to startup a conversation about it.