Installing the IIS 7.0 PowerShell Snap-in

by Thomas Deml


In the following walkthrough you will learn how to install the IIS PowerShell Snap-in and how to start the IIS PowerShell Management Console.


The IIS PowerShell Snap-in requires the following prerequisites:

  • Windows Server 2008, Windows Server 2008 R2, Windows Vista Service Pack 1, or Windows 7
  • Microsoft PowerShell 1.0 or 2.0

To install IIS PowerShell Snap-in:

  1. Download IIS PowerShell Snap-in x86 or x64 version.
  2. Run the MSI file to install the IIS PowerShell Snap-in.

To use the IIS PowerShell Snap-in

PowerShell snap-ins like the IIS PowerShell Snap-in have to be registered with PowerShell. There are two ways to do this:

Automatic Registration by using the IIS PowerShell Management Console

The IIS PowerShell Snap-in setup will create a new Program Menu shortcut. By starting this shortcut the IIS PowerShell Snap-in will be registered automatically. Click on the Start Menu - select "All Programs" - "IIS 7.0 Extensions" - "IIS PowerShell Management Console". The prompt of the new PowerShell command window is set to "IIS:" - the root of the IIS Snap-in namespace.

Manual Registration

If you want to use the IIS PowerShell Snap-in in an existing PowerShell command window you have to register the IIS snap-in manually. You can do this by simply executing the IISConsole.PSC1 file located in the "$env:programfiles\IIS\PowerShellProvider" directory:

PS C:\> & "$env:programfiles\IIS\PowerShellSnapin\iisConsole.psc1"

A Word About Security

User Access Control

You need Administrator privileges to manage IIS configuration. This means that you have to run PowerShell command windows elevated. Make sure you always start PowerShell via the "Run as Administrator" menu item.

PowerShell Execution Policies

You might see the following error depending on the PowerShell Execution Permissions.

Windows PowerShell
Copyright (C) 2006 Microsoft Corporation. All rights reserved.
Do you want to run software from this untrusted publisher?
File C:\Program Files\IIS\PowerShellProvider\iisprovider.types.ps1xml is published by CN=Microsoft
Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US and is not trusted on your
system. Only run scripts from trusted publishers.
[V] Never run  [D] Do not run  [R] Run once  [A] Always run  [?] Help (default is "D"):

Although the IIS PowerShell Provider files are all signed, PowerShell only trusts scripts that are signed by a 'Trusted Publisher' when it's execution policy is set to "Restricted". There are two ways you can fix this problem.

Relax the Execution Policy

If you see the error above your execution policy is probably set to "Restricted". To trust other code you can set the execution policy to "RemoteSigned" which allows local scripts to run without requiring a digital signature. Execute the following command in an elevated PowerShell window:

PS C:\> Set-ExecutionPolicy RemoteSigned

Execute the following command if you want to know more about signing and execution policies.

help about_signing

Trust Microsoft Code Signing Certificate to Trusted Publishers List

To trust the IIS Provider scripts and binaries you can hit "A" in the above dialog and it will add the code signing certificate used by the IIS Snap-in to the list of Trusted Publishers. You can get a list of "Trusted Publishers" with the following command:

dir cert:\CurrentUser\TrustedPublisher | fl


In this walkthrough you learned how to automatically or manually install the IIS PowerShell Snap-in.