Author Posts

November 2, 2015 at 12:51 pm

We're seeing a lot of this code in our automation scripts:


    if( -not (netsh http show urlacl url=$serviceUrl | Where-Object { $_ -match [regex]::Escape($serviceUrl) }) )
    {
        Write-Verbose -Message ('Granting {0} permission to listen on {1}.' -f $serviceUser,$serviceUrl) -Verbose
        netsh http add urlacl url=$serviceUrl user=$serviceUser delegate=yes | Write-Verbose -Verbose
    }

This works. Kind of. It will subtly fail if any user besides $serviceUser has permission to $serviceUrl. So far, this hasn't bitten us, but it might.

I'd like to create a function, Grant-HttpUrlPermission, that uses the HTTP Server API to handle and abstract this stuff out, but only if it doesn't already exist.

So, is there a PowerShell equivalent to the netsh http commands that will work on both Windows 7 and Windows 2012 R2?

November 2, 2015 at 1:07 pm

Haven't tested it myself, but searching for a .NET wrapper around the HTTP Server API turned this up: http://www.codeproject.com/Articles/437733/Demystify-http-sys-with-HttpSysManager

It would be much easier to start with a working .NET library and just wrap that in PowerShell, instead of having to go all the way down the Win32 rabbit hole yourself.