We have a requirement to change our application’s IIS app pool password everytime it expires. Currently, we have to manually login to each server and run a snippet of PowerShell code which changes the password.
Here is the code we run on each server on PS:
Import-Module WebAdministration
$applicationPools = Get-ChildItem IIS:AppPools | where { $_.processModel.userName -eq "DomainXXXXX12345" }
foreach($pool in $applicationPools)
{
$pool.processModel.userName = "DomaXXXXX12345"
$pool.processModel.password = "XXXXXXXXXXXXXXXXX"
$pool | Set-Item
}
Write-Host "Application pool passwords updated..." -ForegroundColor Magenta
Write-Host ""
Read-Host -Prompt "Press Enter to exit"
But is there a way we can do the same for a list of servers/VMs at once instead of having to login to each server, open PowerShell or IIS and manually change it on each server?
Any help would be greatly appreciated!
2
Answers
You could try to create an Azure DSC Configuration for this. This way you could provide a new configuration state every time the password expires.
https://learn.microsoft.com/en-us/azure/automation/quickstarts/dsc-configuration
https://writeabout.net/2015/04/15/use-the-dsc-script-resource-to-change-the-application-pool-identity/
could you try this below script:
$computerName = ‘MyServerName’
$appPoolName = ‘DefaultAppPool’
Invoke-Command -ComputerName $computerName -args $appPoolName -ScriptBlock {
param($appPoolName)
$appPoolName.Stop()
$appPoolName | Set-ItemProperty -Name "processModel.username" -Value "DomaXXXXX12345"
$appPoolName | Set-ItemProperty -Name "processModel.password" -Value "XXXXXXXXXXXXXXXXX"
$targetpool.Start()
}
Write-Host "Application pool passwords updated…"