PowerShell Equivalent to `netsh http (show|add) urlacl` Command?


This topic contains 1 reply, has 2 voices, and was last updated by Profile photo of Dave Wyatt Dave Wyatt 11 months, 3 weeks ago.

  • Author
  • #31605
    Profile photo of Aaron Jensen
    Aaron Jensen

    We're seeing a lot of this code in our automation scripts:

        if( -not (netsh http show urlacl url=$serviceUrl | Where-Object { $_ -match [regex]::Escape($serviceUrl) }) )
            Write-Verbose -Message ('Granting {0} permission to listen on {1}.' -f $serviceUser,$serviceUrl) -Verbose
            netsh http add urlacl url=$serviceUrl user=$serviceUser delegate=yes | Write-Verbose -Verbose

    This works. Kind of. It will subtly fail if any user besides $serviceUser has permission to $serviceUrl. So far, this hasn't bitten us, but it might.

    I'd like to create a function, Grant-HttpUrlPermission, that uses the HTTP Server API to handle and abstract this stuff out, but only if it doesn't already exist.

    So, is there a PowerShell equivalent to the netsh http commands that will work on both Windows 7 and Windows 2012 R2?

  • #31606
    Profile photo of Dave Wyatt
    Dave Wyatt

    Haven't tested it myself, but searching for a .NET wrapper around the HTTP Server API turned this up: http://www.codeproject.com/Articles/437733/Demystify-http-sys-with-HttpSysManager

    It would be much easier to start with a working .NET library and just wrap that in PowerShell, instead of having to go all the way down the Win32 rabbit hole yourself.

You must be logged in to reply to this topic.