Unable to find type System.Windows.MessageBox error PowerShell

If you’re using a Message Box in your PowerShell script, chances are you’re running into this error while running the script in a PowerShell window.
But this error does not occur in PowerShell ISE.

If you generally run the command in PowerShell as below and you get the error:

[System.Windows.MessageBox]::Show("Test box")

Then try adding the Type using the below command and run the above command again:

Add-Type -AssemblyName PresentationFramework
[System.Windows.MessageBox]::Show("Test box")

The above type is part of the PresentationFramework.dll that was added with WPF.

The other type is the System.Windows.Forms which was added with Windows Forms, and exists within the Windows Forms assemblies.

So, add the type as below:

Add-Type -AssemblyName System.Windows.Forms
[System.Windows.Forms.MessageBox]::Show("Test box")

You can add these types in your script as per your need. If you’re script uses Params, just add the Add-Type line below it.

Debug classic asp application hosted on IIS with Visual Studio

Some non .Net Applications like the ones written in classic ASP are required to be debugged in Visual Studio. Since these are not hosted on IIS Express, but on IIS, you need to identify the worker process running your machine or the Server and attach the w3wp.exe with the Debug tool in Visual Studio.

Enable Debugging under IIS classic ASP section as shown below:

Under the Debug menu in Visual Studio, select “Attach to Process”:

There may be multiple worker processes running on the machine depending on how many applications are running under IIS. Match the right one with the correct ProcessID.

Add the debug points in your Asp file and hit the required Page in the browser.

Test emails on Server with SMTP

You can check whether the port is open on a Server by using tcping.exe which you can download online. Tcping can also be similarly used to check other ports on a Server.

Open Powershell or Command prompt in Admin mode and then type the following command:

tcping smtp.some.domain 25

Port 25 is usually the default port for SMTP communication between mail servers.

You can also telnet to test out this port. Telnet should be enabled on your machine.

telnet smtp.some.domain 25

You can send a test email using Powershell using the below command:

Send-MailMessage -From 'Test User1 <test.user1@test.com>' -To 'Test User <test.user2@test.com>' -Subject 'Test mail' -SmtpServer 'smtp.some.domain'

App Pool set idle time out IIS Server

When it comes to managing your website traffic, one of the things to consider is the availability of your website.

IIS has a idle time-out property that is by default set to 20 minutes. This means that if no request comes for your site for 20 minutes of inactivity, IIS would kill the worker process to free-up resources. This means the memory utilised by loading of classes, session etc. This can be helpful when multiple websites may be hosted on the Server and is resource crunched.

You’ll find the below settings under the AppPool advanced settings:

So, when the next request comes to your site to access something e.g. Login page, IIS Server would again need to initialize the Worker process and load the required resources to serve that request. The first request will be slow to respond to the user because of all the initialization time required. You need to think in these terms that how much traffic usually comes to your site. If your website requires high availability, then you should consider setting the idle time-out to 0 in the App Pool settings. Or if high availability isn’t a concern, you can think for how many minutes you’d usually require your application to be available depending on the traffic.

There have been studies regarding the make or break for websites because of their initial load time. So, please be careful about this setting. Internet facing websites usually require high availability. For Intranet websites, you can think of some number of minutes based on the usage.

Customize Logging fields in IIS for hosted website

Open IIS Manager on your Web Server and Select the Website for which you want to customize your logging fields. The changes can also be done at the Server level but that depends on the requirement.

Double-click on Logging icon.

Click on Select fields to select or remove any fields that you want in your IIS logs.

To add any custom field, click on the Add Field button as shown below and add the required header. The below example shows how you can get the Client IP information from the X-Forwarded-For Header (XFF) when the Website is hosted on a Server in a Load Balanced environment. The source of this information is in the Request header. The new log file will have an “_x” suffix to it’s name after modification.

The Logs directory shown above is where your Log files are saved. To identify the file name, check the Website ID under Sites on the left pane.
The Log file name format will be “W3SVC<ID>”.

Click on Apply on the Actions Pane on the right to apply the changes.

TELNET to test connection to POP3/IMAP

First, make sure TELNET is installed on your machine else you’ll get error. You can install TELNET through Add or Remove feature on Windows.
You can use TELNET via a command prompt to confirm.

For IMAP check port 143 and if using SSL then check port 993.

For POP3 check port 110 and if using SSL then check port 995.

Test POP3 connection:

  • Start a command prompt
  • Enter TELNET {webserver} port e.g. TELNET exchangesrvr01 995
  • Enter USER {login} e.g. USER testemail@mycomp.com
  • Enter PASS {password} e.g. PASS secret
  • Enter LIST to show the mailbox
  • Enter QUIT to Exit

At each stage you should receive an OK message. If there is an issue at any stage you will receive an error

Test IMAP connection:

  • Start a command prompt
  • Enter TELNET {webserver} port e.g. TELNET exchangesrvr01 143
  • Enter . LOGIN {login} {password} e.g. LOGIN testemail@mycomp.com secret
  • Enter . LIST “” “*” to show the mailbox
  • Press CTRL + ] and then QUIT to Exit

At each stage you should receive an OK message. If there is an issue at any stage you will receive an error.

Add Strict-Transport-Security (HSTS) response header to IIS hosted site

The HTTP protocol by itself is clear text, meaning that any data that is
transmitted via HTTP can be captured and the contents viewed. To keep data private and prevent it from being intercepted, HTTP is often tunnelled through either Secure Sockets Layer (SSL) or Transport Layer Security (TLS). When either of these encryption standards are used, it is referred to as HTTPS.

HTTP Strict Transport Security (HSTS) is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. This will be enforced by the browser even if the user requests a HTTP resource on the same server.

Cyber-criminals will often attempt to compromise sensitive information passed from the client to the server using HTTP. This can be conducted via various Man-in-The-Middle (MiTM) attacks or through network packet captures.

Security Scanners would recommend to using adding a response header HTTP Strict-Transport-Security or HSTS when the application is using Https.

Depending on the framework being used the implementation methods will vary, however it is advised that the Strict-Transport-Security header be configured on the server. One of the options for this header is max-age, which is a representation (in milliseconds) determining the time in which the client’s browser will adhere to the header policy. The browser will memorize the HSTS policy for the period specified in max-age directive.
Within this period, if an user tries to visit the same website but types http:// or omits the scheme at all, the browser will automatically turn the insecure link to the secure one (https://) and make an HTTPS connection to the server. Depending on the environment and the application this time period could be from as low as minutes to as long as days.

Enabling includeSubDomains attribute of the element of the root domain further enhances the coverage of the HSTS policy to all its subdomains.
HSTS has a separate mechanism to preload a list of registered domains to the browser out of the box.

It is also usually recommended to redirect all http traffic to https. I’ve written another post on how to do that.

To add the HSTS Header, follow the steps below:

  1. Open IIS manager.
  2. Select your site.
  3. Open HTTP Response Headers option.
  4. Click on Add in the Actions section.
  5. In the Add Custom HTTP Response Header dialog, add the following values:
    Name: Strict-Transport-Security
    Value: max-age=31536000; includeSubDomains; preload

Or directly in web.config as below under system.webServer:

<httpProtocol>
	<customHeaders>
		<add name="Strict-Transport-Security" value="max-age=31536000; includeSubDomains; preload" />
	</customHeaders>
</httpProtocol>