Enable-IISShared Config

Enables shared configuration.

Syntax

Enable-IISSharedConfig
      [-PhysicalPath] <String>
      [[-UserName] <String>]
      [[-Password] <SecureString>]
      [[-KeyEncryptionPassword] <SecureString>]
      [-DontCopyRemoteKeys]
      [-Force]
      [<CommonParameters>]

Description

The Enable-IISSharedConfig cmdlet enables the IIS shared configuration feature. Before enabling shared configuration, this operation backs up the keys.

You can disable shared configuration through IIS Manager or with the Disable-IISSharedConfig cmdlet.

Examples

Example 1: Enable shared configuration

PS C:\> $KeyEncryptionPassword = ConvertTo-SecureString -AsPlainText -String "SecurePa$$w0rd" -Force
#For automation scenarios
PS C:\> $KeyEncryptionPassword = Read-Host -AsSecureString
#For UI scenarios
PS C:\> $Password = Read-Host -AsSecureString
PS C:\> Enable-IISSharedConfig -PhysicalPath "C:\export" -KeyEncryptionPassword $KeyEncryptionPassword -UserName "administrator" -Password $Password

Passwords must be in SecureString format. The first command uses ConvertTo-SecureString to convert the specified password, and then stores it in the $KeyEncryptionPassword variable. Using ConvertTo-SecureString is useful in automation scenarios.

The second command uses Read-Host to read console input for the key encryption password, and then stores it in the $KeyEncryptionPassword variable. Using Read-Host is a more secure method for UI scenarios.

The third command uses Read-Host to get the password for the user account that has permission to perform the operation.

The fourth command enables shared configuration using the exported configuration and keys at C:\export.

Example 2: Enable shared configuration without importing the keys

PS C:\> Enable-IISSharedConfig -PhysicalPath "C:\export" -DontCopyRemoteKeys

This command enables shared configuration, but does not import the keys into the local key store.

Required Parameters

-PhysicalPath

Specifies the location of the exported configuration and keys.

Type: String
Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

Optional Parameters

-DontCopyRemoteKeys

Indicates that IIS uses the currently active keys, and will try to use the configuration specified by the PhysicalPath parameter. If this exported configuration has secrets encrypted with a different key, IIS will now be unable to decrypt these secrets.

Type: SwitchParameter
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Force

Forces the command to run without asking for user confirmation.

Type: SwitchParameter
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-KeyEncryptionPassword

Specifies the key encryption password for the exported keys. This value is initially specified with the Export-IISConfiguration cmdlet or through IIS Manager.

KeyEncryptionPassword is required if you don't specify a value for DontCopyRemoteKeys . If you specify a value for DontCopyRemoteKeys , you cannot use this parameter.

Type: SecureString
Position: 4
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-Password

Specifies the password of the account for accessing the physical location.

Type: SecureString
Position: 3
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
-UserName

Specifies the user name of the account to access the physical location.

Type: String
Position: 2
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False