Invoke error - run pwershell script with webservice

All replies

• 

  

  0

  Sign in to vote

  Seems there is some error in "IISConfigPrepareDeploy.ps1" script. Can you post script over here for better understanding?

  ---

  Thanks & Regards
  Bhavik Solanki
  
  Please click “Mark as Answer” if this post answers your question and click "Vote as Helpful if this Post helps you.

  Friday, March 23, 2012 8:30 PM
• 

  

  0

  Sign in to vote

   

  Hello,

  thank you for your answer.

  The content fromthe batch file:

  REM FileName: IISConfigPrepareDeploy.bat

  REM ================================================================================

  REM Start the iis config preparation with a Powershell script

  REM ================================================================================

  if '%1' == '' (

    echo ERROR: logPath is not set, the script does not run. >>"IISConfigPrepareDeploy.log"

    echo *.bat logPath logFile dropLocation release location state [oldVersionDB] >>"IISConfigPrepareDeploy.log"

    exit 1

  )

  echo call IISConfigPrepareDeploy.bat >>"%1\IISConfigPrepareDeploy.log"

  echo  >>"%1\IISConfigPrepareDeploy.log"

  echo logPath: %1 >>"%1\IISConfigPrepareDeploy.log"

  echo logFile: %2 >>"%1\IISConfigPrepareDeploy.log"

  echo  >>"%1\IISConfigPrepareDeploy.log"

  if '%2' == '' (

    echo ERROR: logFile is not set, the script does not run. >>"%1\IISConfigPrepareDeploy.log"

    echo *.bat logPath logFile dropLocation release location state [oldVersionDB] >>"%1\IISConfigPrepareDeploy.log"

    exit 1

  )

  REM Script body

  REM echo  ERROR: not yet implemented - IISConfigPrepareDeploy is unsuccess >>"%1\IISConfigPrepareDeploy.log"

  echo call "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -file "C:\Program Files\BuildPackage\IISConfigPrepareDeploy.ps1" "%1" "%2" >> "%1\IISConfigPrepareDeploy.log"

  "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -file "C:\Program Files\BuildPackage\IISConfigPrepareDeploy.ps1" "%1" "%2" >> "%1\IISConfigPrepareDeploy.log"

  The content from the IISConfigPrepareDeploy.ps1:

  cls

  $strSvr = "server01"

  $script = {               

         Write-Host "Modify IIS Config Server"

  }

  Invoke-Command -ComputerName $strSvr -ScriptBlock $script -ErrorAction SilentlyContinue

  I hope, i get a solution!

  Horst

  ---

  Thanks Horst MOSS 2007 Farm, MOSS 2010 Farm, TFS 2010

  Sunday, March 25, 2012 8:26 AM
• 

  

  0

  Sign in to vote

  Hi,

  IIS would be the proper resource forum for your problem as below, thanks.

  http://forums.iis.net/

  Kevin Ni

  ---

  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

  Thursday, March 29, 2012 9:25 AM
• 

  

  0

  Sign in to vote

  Hello Kevin,

  thanks for the information, but i think it is no IIS Powershell Problem.

  When you see the content of the powershell script, there is no iis command included. I think, this is a powershell command.

  cls

  $strSvr = "server01"

  $script = {               

         Write-Host "Modify IIS Config Server"

  }

  Invoke-Command -ComputerName $strSvr -ScriptBlock $script -ErrorAction SilentlyContinue

  Horst

  ---

  Thanks Horst MOSS 2007 Farm, MOSS 2010 Farm, TFS 2010

  Thursday, March 29, 2012 9:28 AM
• 

  

  0

  Sign in to vote

  Wuwu,

  The issue looks like Invoke-Command is having problems...Can you try running your powershell code alone to see if this is a remote connectivity issue?

  Joe

  Thursday, March 29, 2012 2:30 PM
• 

  

  0

  Sign in to vote

  Hello,

  thanks for your answer!

  When i start this script with powershell ise or normal powershell window at server02 against server01 - with invoke, it runs without any problems.

  When i start the batch file, that starts the powershell, it also runs.

  cls

  $strSvr = "server01"

  $script = {               

         Write-Host "Modify IIS Config Server"

  }

  Invoke-Command -ComputerName $strSvr -ScriptBlock $script -ErrorAction SilentlyContinue

  The Output:

  Modify IIS Config Server

  -------------------------------------------------

  When the webservice call the batchfile and this batchfile start the powershell script then I have this error.

  I think also that is a problem with invoke.

  I hope somebody can help me,

  Horst

  ---

  Thanks Horst MOSS 2007 Farm, MOSS 2010 Farm, TFS 2010

  Thursday, March 29, 2012 6:11 PM
• 

  

  0

  Sign in to vote

  wuwu,

  Remote administration requires that the account be part of the administrators group on the remote machines and it uses Kerberos authentication by default.  Does the account have this level or permissions on the server?

  Joe

  Thursday, March 29, 2012 6:40 PM
• 

  

  0

  Sign in to vote

  Hello Joe,

  The domain user, which runs the iis website - webservice (start the batch file), is member at administration group at server01 - remote server. Is this correct?

  Kerberos: I doesn't have configure anyting with kerberos at server, where the webservice run and also nothing at remote server.

  Can you explain, how can i do this?

  Thanks,

  orst

  ---

  Thanks Horst MOSS 2007 Farm, MOSS 2010 Farm, TFS 2010

  Thursday, March 29, 2012 7:04 PM
• 

  

  0

  Sign in to vote

  Orst,

  As far a kerberos is concened you don't have to configure anything.  It's the default Authentication protocol on an AD domain.  Is the webservice account a local or domain account?  Setting up remoting on domain machines using domain accounts is a simple process but if the machine or account is not on the domain then it defaults to NTLM authentication and that requires more work.  Try using the webservice credentials  with the invoke-command and see if it works...

  invoke-command -computer server01 -script { ipconfig } -cred domain\webservice

  joe

  Thursday, March 29, 2012 7:59 PM
• 

  

  0

  Sign in to vote

  hello joe,

  I have treid this, to change the invoke command with -cred. The result, access denied error at log file.

  The setting for the authentication for the website, from the webservice is:

  Anonymous with App Pool Credentials.

  Did you have another idea?

  Horst

  ---

  Thanks Horst MOSS 2007 Farm, MOSS 2010 Farm, TFS 2010

  Friday, March 30, 2012 1:06 PM
• 

  

  0

  Sign in to vote

  Horst,

  Using the -credential parameter would require you manually input a password.  Have you tried testing just the example I provided earlier to see if the webservice could successfully execute the invoke-command?

  Joe

  Friday, March 30, 2012 1:55 PM
• 

  

  0

  Sign in to vote

  Hello,

  When I start the powershell script direct or over the batch with -cred, in booth test's the manually input for credentials are shown.

  When i type in the password, the script run without error's.

  The error - access denied at log file is only, when the webservice start the batch and then the ps1 script.

  I hope we get a solution for this problem,

  Thanks,

  Horst

  ---

  Thanks Horst MOSS 2007 Farm, MOSS 2010 Farm, TFS 2010

  Saturday, March 31, 2012 6:30 PM
• 

  

  0

  Sign in to vote

  Horst,

  It sounds like a permissions issue with the webservice account, considering that the code works when you run it with your credentials.  Does the script need to be run as the webservice account?  Would it be possible to schedule the task to run and use your credentials?

  Joe

  Monday, April 2, 2012 7:56 PM
• 

  

  0

  Sign in to vote

  Hello Joe,

  I have tried to run the webservice with my user account and now the whole script's are working fine.

  The webservice call the batch, the batch the powershell and the logs are fine.

  With my accounts, i am administrator at every system!

  Now, which permission is required for the other webservice user, did you have any idea?

  Horst

  ---

  Thanks Horst MOSS 2007 Farm, MOSS 2010 Farm, TFS 2010

  Tuesday, April 3, 2012 6:50 AM
• 

  

  0

  Sign in to vote

  Horst,

  So indeed it's a permissions issue. Not sure exactly what perm's are required but the following post on the forums.iis.net: http://forums.iis.net/t/1173892.aspx suggests that perhaps you should give the webservice account full control to the web.config file's ntfs perm's. 

  Joe

  Tuesday, April 3, 2012 11:51 AM
• 

  

  0

  Sign in to vote

  Joe,

  I found a solution!

  I add the domain account, which run the webservice, to the local administration group at server where the webservice is running.

  Horst

  ---

  Thanks Horst MOSS 2007 Farm, MOSS 2010 Farm, TFS 2010

  • Marked as answer by wuwu Wednesday, April 4, 2012 8:43 AM

  Wednesday, April 4, 2012 8:43 AM