I am trying to wrap Powershell around AppCmd to perform some security compliance checks. I have decided to do it this way rather than using powershell's Get-WebConfiguration commands because for all these checks, the corresponding AppCmd command is already provided by the Security policy. So, rather than spending too much time trying to workout the equivalent Get-WebConfiguration commands, I have decided to write a function that takes the provided AppCmd commands and arguments in form of variables, runs them in powershell and potentially passes the results to another function.
I am facing many issues passing variable values to AppCmd. The following code works:
$appCmd = "C:\Windows\system32\inetsrv\appcmd.exe"
& $appCmd list config /section:system.web/authentication /text:forms.requireSSL
So far so good. Now, the following code results in a error:
$appCmd = "C:\Windows\system32\inetsrv\appcmd.exe"
$appcmd_args = "list config /section:system.web/authentication /text:forms.requireSSL"
& $appCmd $appcmd_args
The error reads:
Object 'LIST CONFIG /SECTION:SYSTEM.WEB/AUTHENTICATION /TEXT:FORMS.REQUIRESSL' is not supported. Run 'appcmd.exe /?' to display supported objects.
I read a previous post that suggests using ${} when passing a variable to AppCmd. So, tried this:
$appCmd = "C:\Windows\system32\inetsrv\appcmd.exe"
$appcmd_args = "list config /section:system.web/authentication /text:forms.requireSSL"
& $appCmd ${appcmd_args}
I am probably doing it wrong so I get the same error as above. I also noticed I get the same error with the following code:
$appCmd = "C:\Windows\system32\inetsrv\appcmd.exe"
& $appCmd "list config /section:system.web/authentication /text:forms.requireSSL"
Maybe some type of conversion or triming needs to take place?
All the AppCmd commands and arguments will be provided through variables so, if this technique doesn't work, my plan falls appart. I am obviously missing something. Can you please advise on a solution?
Since appcmd.exe is expecting arguments separated by spaces, you can't send it all as one string. I'd take one of these approaches.
Separate each argument by a comma and then splat them
$appcmd_args = "list", "config", "/section:system.web/authentication", "/text:forms.requireSSL"
& $appCmd $appcmd_args
Or you can split the arguments inline like this
$appcmd_args = "list config /section:system.web/authentication /text:forms.requireSSL"
& $appCmd (-split $appcmd_args)