Using powershell to search for files with date and owner criteria

I recently had a requirement to search some file servers for files that were modified between 2 date ranges and then filter that output by owner.

After some googleing I came up with the following script with a commented out line that would allow a copy of those files after indexing.

———————————————————————————-

$path = Read-Host “Please enter the top-level path (eg: C:\Temp)”

$user = Read-Host “Please enter the user to be searched for (eg: DOMAIN\User)”
$dst = Read-Host “Please enter the copy destination:”

$files = Get-childitem $path -recurse |
where {$_.lastwritetime.date -gt
[datetime]::parse(“01/01/2010″) -and
$_.lastwritetime.date -lt
[datetime]::parse(“01/01/2011″)}

foreach ($file in $files){
$owner = Get-Acl $file.FullName
if ($owner.Owner -eq $user){Write-output $file.FullName >> output}
#if ($owner.Owner -eq $user){copy-item -path $file.FullName -dest $dst -force}
else {}
}

Changing the user IIS runs as Windows 2008 IIS 7.5

Back in the (good?) old days, it was easy to change the user IIS ran as through the services console you could pick anyone you wanted.

You might need to do this for a variety of reasons, access to remote services, file systems or for other reasons.

However with windows 2008 and IIS 7 / 7.5 you can no longer run the World Wide Web service as a different user without a whole world of pain..

For most people there is a fairly simple way to resolve this – in IIS 7.5 now the ApplicationPools are what fire up the specific workers for the w3wp process, and as such its very simple to change the user that the w3wp process runs as.

Open IIS management console and expand your website tree.

Click on Application Pools, and in the right hand pane you should see the DefaultAppPool – you will also see the user or Identidy that this is currently running as.

To change this to a different user simply right click the DefaultAppPool and select Advanced settings, then under the process model section click the identity name and click the elipses (the 3 dots) you will then be prompted which user account you wish to use.

If you want to use IIS to pass authentication through to a non domain machine then still in advanced settings you will also need to change the option for LoadProfile to true – this allows you to pull the credentials that get cached in cmdkey should you need it (see my other post on cmdkey).

Once you have done this, right click the DefaultAppPool and choose recycle for good measure which restarts the w3wp process.

You should now see it in task manager process list running as your defined user, and hopefully have access to all the resources you needed.

Authenticating against a domain cifs share from a non domain server in IIS7.5 2008

Its generally good practice security wise if possible to keep public facing web servers either out of your AD domain, or have them in their own domain.

For me I encountered a problem where I have a non domain server running an .NET application which needed to write files to a cifs share which was using domain authentication.

This was a problem initially as the default application pool runs as a local builtin account and therefore has no permissions on the remote cifs share, however, I decided that I would be happy enough creating a user which mirrored a domain user by name and password, and hope that pass through authentication would work.

It didnt

So after lots of digging and gnashing of teeth, a colleague of mine found the perfect solution.

In windows 2008 there is a command called cmdkey which allows you to use a local account to cache domain user account credentials for a specific target domain / server.

So in my instance running a dos prompt as my new user, I did a cmdkey /add:cifsserver /user:domainname\username pass:domainuserpass

And bingo everything now works a treat!