IIS site and binding inventory

Good For

• IIS migration prep
• certificate renewal
• web outage triage
• server documentation
• binding drift review

How to Use It

1. Capture site names, states, physical paths, and application pools before migration or outage work.
2. Review bindings for protocol, IP, port, host header, and certificate hash so duplicate or missing bindings are visible.
3. Compare certificate hashes with the certificate scanner when renewal or TLS errors are involved.
4. If an app pool is stopped or using an unexpected identity, record it before changing state.
5. Export inventory to CSV when the server hosts multiple sites or when migration planning needs sign-off.
6. Use the inventory to identify missing owners, stale host headers, abandoned content paths, and certificate renewal scope.

Execution Modes

• local
• remote-single-host
• remote-host-list

Inputs and Outputs

Inputs

• computer name
• CSV or TXT server list
• IIS role access
• expected site owner list

Outputs

• verbose-console
• csv
• future-html-report

Command Starter

Safe to run: read-only

Import-Module WebAdministration
Get-Website | Select-Object Name, State, PhysicalPath, ApplicationPool
Get-WebBinding | Select-Object protocol, bindingInformation, certificateHash, certificateStoreName
Get-ChildItem IIS:\AppPools | Select-Object Name, State, managedRuntimeVersion, processModel

Validation

• Every IIS site has documented state, path, app pool, and binding information.
• TLS bindings can be mapped to certificate thumbprints and renewal owners.
• Migration or troubleshooting plans reference the captured before-state.

Reporting

• export site, binding, and app-pool inventory to CSV
• attach binding and certificate mapping to renewal or migration tickets
• promote repeated use into an IIS migration readiness report

Safety Notes

• This inventory is read-only and should not start, stop, remove, or rebind sites.
• Do not change app pool identity or certificate bindings from the inventory pass.