Your SlideShare is downloading. ×
0
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
IIS 7: The Administrator’s Guide
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

IIS 7: The Administrator’s Guide

17,837

Published on

Published in: Technology
1 Comment
3 Likes
Statistics
Notes
No Downloads
Views
Total Views
17,837
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
550
Comments
1
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • 05/14/10 14:23 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
  • 05/14/10 14:23 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
  • Themes of IIS7 was merger with ASP.NET
  • 05/14/10 14:23 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
  • 05/14/10 14:23 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
  • 05/14/10 14:23 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
  • IIS.net slide
  • Upcoming sessions slide
  • 05/14/10 14:23 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
  • 05/14/10 14:23 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
  • Transcript

    • 1. IIS 7: The Administrator’s Guide Alexis Eller Program Manager Microsoft Corporation
    • 2. Scripting… WMI C#, VB.NET… Microsoft.Web.Administration Command Line… appcmd Server Modules ASP.NET on IIS7 Centralization Detailed Errors Failed Request Tracing IIS Manager Deploy... Manage... Troubleshoot...
    • 3. IIS6 Request Processing Send Response Log Compress NTLM Basic Determine Handler CGI Static File Authentication Anon Monolithic implementation Install all or nothing … Extend server functionality only through ISAPI … ASP.NET PHP ISAPI … … Deploy...
    • 4. IIS7 Request Processing Send Response Log Compress NTLM Basic Determine Handler CGI Static File ISAPI Authentication Anon SendResponse Authentication Authorization ResolveCache ExecuteHandler UpdateCache … … Server functionality is split into ~ 40 modules ... Modules plug into a generic request pipeline… Modules extend server functionality through a public module API. … … Deploy...
    • 5. Many, Many Modules <ul><li>Install, manage, and patch only the modules you use… </li></ul><ul><li>Reduces attack surface </li></ul><ul><li>Reduces in-memory footprint </li></ul><ul><li>Provides fine grained control </li></ul><ul><li>… replace core server components with custom components … </li></ul>Deploy...
    • 6. Installing IIS7 Deploy...
    • 7. <ul><li>Consistently install the same set of modules … </li></ul><ul><li>Avoid: </li></ul><ul><ul><li>503 “Service Unavailable” </li></ul></ul><ul><ul><li>[module is enabled but not installed] </li></ul></ul><ul><ul><li>Application doesn’t work as expected </li></ul></ul><ul><ul><li>[web.config references a module that isn’t installed] </li></ul></ul><ul><ul><li>[unexpected module conflicts with custom module] </li></ul></ul>TIP Deploy...
    • 8. IIS6 ASP.NET Integration <ul><li>Runtime limitations </li></ul><ul><li>Only sees ASP.NET requests </li></ul><ul><li>Feature duplication </li></ul>Send Response Log Compress NTLM Basic Determine Handler CGI Static File ISAPI Authentication Anon … … Deploy... Authentication Forms Windows Map Handler ASPX Trace … … … aspnet_isapi.dll
    • 9. IIS7 ASP.NET Integration <ul><li>Two Modes </li></ul><ul><ul><li>Classic (runs as ISAPI) </li></ul></ul><ul><ul><li>Integrated </li></ul></ul><ul><li>Integrated Mode </li></ul><ul><ul><li>.NET modules / handlers plug directly into pipeline </li></ul></ul><ul><ul><li>Process all requests </li></ul></ul><ul><ul><li>Full runtime fidelity </li></ul></ul>Log Compress Basic Static File ISAPI Anon SendResponse Authentication Authorization ResolveCache ExecuteHandler UpdateCache … … Authentication Forms Windows Map Handler ASPX Trace … … … aspnet_isapi.dll Deploy...
    • 10. Migrating to Integrated ASP.NET Deploy...
    • 11. Replicate Content and Config <ul><li>Main IIS configuration file (applicationHost.config) </li></ul><ul><ul><li>Built-in “IUSR” account, no more machine specific SID’s </li></ul></ul><ul><ul><li>Simple file copy , no command line tools required </li></ul></ul><ul><ul><li>… watch for machine specific data like IP’s and drive letters </li></ul></ul><ul><li>IIS config  web.config, XCOPY with application </li></ul>Deploy...
    • 12. Centralize Content and Config <ul><li>IIS config  web.config, centralize on file server </li></ul><ul><li>File System: </li></ul><ul><ul><li>Client Side Caching (CSC) </li></ul></ul><ul><ul><ul><li>provides a local disk cache </li></ul></ul></ul><ul><ul><li>Distributed File System Replication (DFSR) </li></ul></ul><ul><ul><ul><li>abstracts multiple file servers to one share name </li></ul></ul></ul><ul><ul><ul><li>provides content replication </li></ul></ul></ul>Deploy...
    • 13. Configuration moves to .config files… <ul><li>Configure IIS and ASP.NET properties in the same file </li></ul><ul><li>Use locking to provide delegation </li></ul><ul><li>Built for simple, schema-based extensibility </li></ul><ul><li>… welcome to a world of xcopy deployment … </li></ul>Manage...
    • 14. Configuration Layout root configuration files machine.config root web.config applicationHost.config web.config .NET Framework ASP.NET IIS IIS + ASP.NET + .NET Framework web.config files WindowsMicrosoft.NETFrameworkv2.0.50727configweb.config Windowssystem32inetsrvapplicationHost.config WindowsMicrosoft.NETFrameworkv2.0.50727configmachine.config Inheritance… Manage...
    • 15. Configuration Delegation <ul><li>Delegation is: </li></ul><ul><ul><li>Configuration locking, “overrideMode” </li></ul></ul><ul><ul><li>ACL’s on configuration files </li></ul></ul><ul><li>By default… </li></ul><ul><ul><li>All IIS sections locked except: </li></ul></ul><ul><ul><ul><li>Default Document </li></ul></ul></ul><ul><ul><ul><li>Directory Browsing </li></ul></ul></ul><ul><ul><ul><li>HTTP Header </li></ul></ul></ul><ul><ul><ul><li>HTTP Redirects </li></ul></ul></ul><ul><ul><li>All .NET Framework / ASP.NET sections are unlocked </li></ul></ul>Manage...
    • 16. <ul><li>Determine your configuration lockdown policy… </li></ul><ul><ul><li>Be conservative at first </li></ul></ul><ul><ul><li>Unlock as necessary (locking later could break apps) </li></ul></ul>TIP Manage...
    • 17. Compatibility: ABO Mapper <ul><li>Provides compatibility for: </li></ul><ul><ul><li>scripts </li></ul></ul><ul><ul><li>command line tools </li></ul></ul><ul><ul><li>native calls into ABO </li></ul></ul><ul><li>Not installed by default </li></ul><ul><li>Can only do what IIS6 could do… </li></ul><ul><ul><li>Can’t read/write new IIS properties </li></ul></ul><ul><ul><ul><li>Application Pools: managedPipelineMode, managedRuntimeVersion </li></ul></ul></ul><ul><ul><ul><li>Request Filtering </li></ul></ul></ul><ul><ul><ul><li>Failed Request Tracing </li></ul></ul></ul><ul><ul><li>Can’t read/write ASP.NET properties </li></ul></ul><ul><ul><li>Can’t read/write web.config files </li></ul></ul><ul><ul><li>Can’t access new runtime data, e.g. worker processes, executing requests </li></ul></ul>applicationHost.config IISADMIN ABOMapper IIS6 ADSI Script Manage...
    • 18. Management Tools <ul><li>Manage IIS and ASP.NET </li></ul><ul><li>View enhanced runtime data </li></ul><ul><ul><li>worker processes, appdomains, executing requests </li></ul></ul><ul><li>Manage delegation </li></ul><ul><li>Use whichever management tool suits your needs… </li></ul>GUI Command Line Script Managed Code IIS Manager appcmd WMI (rootWebAdministration) Microsoft.Web.Administration Manage...
    • 19. IIS Manager <ul><li>Remotes over HTTP, making it firewall friendly </li></ul><ul><ul><li>(remoting is not installed by default) </li></ul></ul><ul><li>Provides managed extensibility </li></ul><ul><li>Supports non-admin management of sites and applications </li></ul>Manage...
    • 20. <ul><li>Educate end users who publish their application and use IIS Manager configure it… </li></ul><ul><li>Scenario: </li></ul><ul><ul><li>User publishes application </li></ul></ul><ul><ul><li>User changes app’s web.config using IIS Manager </li></ul></ul><ul><ul><li>User copies updated web.config to his local version of the application </li></ul></ul><ul><ul><li>Several days later, user re-publishes application </li></ul></ul><ul><ul><li>** modifications make to the app’s web.config using IIS Manager have just been blown away** </li></ul></ul>TIP Manage...
    • 21. Appcmd – Listing and Filtering C:&gt; appcmd list sites SITE &amp;quot;Default Web Site&amp;quot; (id:1,bindings:HTTP/*:80:,state:Started) SITE &amp;quot;Site1&amp;quot; (id:2,bindings:http/*:81:,state:Started) SITE &amp;quot;Site2&amp;quot; (id:3,bindings:http/*:82:,state:Stopped) C:&gt; appcmd list requests REQUEST &amp;quot;fb0000008000000e&amp;quot; (url:GET /wait.aspx?time=10000,time:4276 msec,client:localhost) C:&gt; appcmd list requests /apppool.name:DefaultAppPool C:&gt; appcmd list requests /wp.name:3567 C:&gt; appcmd list requests /site.id:1 C:&gt; C:&gt; Filter results by application pool, worker process, or site C:&gt; Manage...
    • 22. appcmd Manage...
    • 23. Scripting: IIS6 WMI Provider Set oIIS = GetObject(&amp;quot;winmgmts:rootMicrosoftIISv2&amp;quot;) &apos; Create binding for new site Set oBinding = oIIS.Get(&amp;quot;ServerBinding&amp;quot;).SpawnInstance_ oBinding.IP = &amp;quot;&amp;quot; oBinding.Port = &amp;quot;80&amp;quot; oBinding.Hostname = &amp;quot;www.site.com&amp;quot; &apos; Create site and extract site name from return value Set oService = oIIS.Get(&amp;quot;IIsWebService.Name=&apos;W3SVC&apos;&amp;quot;) strSiteName = oService. CreateNewSite (&amp;quot;NewSite&amp;quot;, array (oBinding), &amp;quot;C:inetpubwwwroot&amp;quot;) Set objPath = CreateObject(&amp;quot;WbemScripting.SWbemObjectPath&amp;quot;) objPath.Path = strSiteName strSitePath = objPath.Keys.Item(&amp;quot;&amp;quot;) Set oSite = oIIS.Get(&amp;quot;IIsWebServer.Name=&apos;&amp;quot; &amp; strSitePath &amp; &amp;quot;&apos;&amp;quot;) oSite.Start &apos; Create the vdir for our application Set oVDirSetting = oIIS.Get(&amp;quot;IIsWebVirtualDirSetting&amp;quot;). SpawnInstance_ oVDirSetting.Name = strSitePath &amp; &amp;quot;/ROOT/bar&amp;quot; oVDirSetting.Path = &amp;quot;C:inetpubar&amp;quot; oVDirSetting.Put_ &apos; Make the VDir an application Set oVDir = oIIS.Get(&amp;quot;IIsWebVirtualDir.Name=&apos;&amp;quot; &amp; strSitePath &amp; &amp;quot;/ROOT/bar&apos;&amp;quot;) oVDir. AppCreate2 1 Create Site Create Virtual Directory Create Application NOT CONSISTENT Manage...
    • 24. Scripting: new WMI Provider Set oService = GetObject(&amp;quot;winmgmts:rootWebAdministration&amp;quot;) &apos; Create binding for site Set oBinding = oService.Get(&amp;quot;BindingElement&amp;quot;).SpawnInstance_ oBinding.BindingInformation = &amp;quot;*:80:www.site.com&amp;quot; oBinding.Protocol = &amp;quot;http&amp;quot; &apos; Create site oService.Get(&amp;quot;Site&amp;quot;).Create _ &amp;quot;NewSite&amp;quot;, array (oBinding), &amp;quot;C:inetpubwwwroot&amp;quot; &apos; Create application oService.Get(&amp;quot;Application&amp;quot;).Create _ &amp;quot;/foo&amp;quot;, &amp;quot;NewSite&amp;quot;, &amp;quot;C:inetpubwwwrootfoo&amp;quot; Static Create methods CONSISTENT Manage...
    • 25. WMI – Unloading AppDomains …through script …through PowerShell Manage...
    • 26. Coding: Microsoft.Web.Administration ServerManager iisManager =  new  ServerManager(); foreach (WorkerProcess w3wp  in   iisManager.WorkerProcesses ) {     Console.WriteLine(&amp;quot;W3WP ({0})&amp;quot;, w3wp.ProcessId);                   foreach (Request request  in   w3wp.GetRequests (0)) {         Console.WriteLine(&amp;quot;{0} - {1},{2},{3}&amp;quot;,                     request.Url,                     request.ClientIPAddr,                     request.TimeElapsed,                     request.TimeInState);     } } Manage...
    • 27. New Troubleshooting Features <ul><li>Detailed custom errors, just like ASP.NET </li></ul><ul><li>Failed Request Tracing </li></ul><ul><ul><li>No more ETW tracing and waiting for a repro… </li></ul></ul><ul><li>New runtime data: </li></ul><ul><ul><li>worker processes </li></ul></ul><ul><ul><li>appdomains </li></ul></ul><ul><ul><li>currently executing requests </li></ul></ul>Troubleshoot...
    • 28. Failed Request Tracing <ul><li>No-repro tracing for “failed requests” </li></ul><ul><li>Configure custom failure definitions per URL </li></ul><ul><ul><li>Time taken </li></ul></ul><ul><ul><li>Status/substatus codes </li></ul></ul><ul><ul><li>Error level </li></ul></ul><ul><li>Persist failure log files </li></ul><ul><li>Will it tell me what’s wrong? </li></ul><ul><ul><li>Sometimes… for example, ACL issues </li></ul></ul><ul><ul><li>Look for clues </li></ul></ul><ul><li>Can use for all requests to see what’s going on </li></ul>Troubleshoot...
    • 29. Failed Request Tracing Troubleshoot...
    • 30. Summary <ul><li>Troubleshoot… </li></ul><ul><ul><li>Use: Detailed Errors, Failed Request Tracing, Currently Executing requests </li></ul></ul><ul><li>Manage… </li></ul><ul><ul><li>Manage IIS and ASP.NET through the same tools </li></ul></ul><ul><ul><li>Use ABO Mapper compatibility (not installed by default) </li></ul></ul><ul><ul><li>Determine configuration lockdown policy </li></ul></ul><ul><li>Deploy… </li></ul><ul><ul><li>~ 40 modules, install only what you need </li></ul></ul><ul><ul><li>Migrate to ASP.NET Integrated Mode </li></ul></ul><ul><ul><li>Easier centralization/replication </li></ul></ul>
    • 31. [email_address]
    • 32. <ul><li>TechCenter to easily find the info you need </li></ul><ul><li>Advice and assistance in Forums </li></ul><ul><li>Insider info on new technology (IIS7!) </li></ul><ul><ul><li>Online labs, play with IIS7 in your browser </li></ul></ul>New home for IIS Community!
    • 33. Some upcoming IIS sessions… Today 3:15 – 4:30 Chalktalk: Configuration Management of Web Platform Tomorrow 8:30 – 9:45 IIS 7: Under the Hood for Web Request Tracing 10:15 – 11:30 Chalktalk: Using Managed Code to Administer IIS 7 1:00 – 2:15 Chalktalk: Introducing the New and Improved IIS Manager in IIS 7 2:45 – 4:00 IIS 6: Effective Management of Web Farms 4:30 – 5:45 IIS 6: Everything the Web Administrator Needs to Know about MOM Wednesday 8:30 – 9:45 Chalktalk: Extending the IIS Manager Tool in IIS 7 2:00 – 3:15 Chalktalk: IIS 6.0 Security: Setting the Record Straight 4:45 – 5:00 Chalktalk: IIS and Microsoft.com Operations: Migrating IIS 6.0 to 64 bit 5:30 – 6:45 Chalktalk: IIS 7 Q&amp;A
    • 34. Fill out a session evaluation on CommNet and Win an XBOX 360!
    • 35. © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
    • 36. Additional Information
    • 37. Installation Options Server Manager Package Manager Server Manager <ul><li>Lots of components </li></ul><ul><li>Static server by default </li></ul><ul><li>[client] Use Windows </li></ul><ul><li>Features </li></ul>Package Manager <ul><li>Replaces sysocmgr </li></ul>Unattend <ul><li>File format is </li></ul><ul><li>completely different </li></ul><ul><li>[client] Pick components, </li></ul><ul><li>cannot set configuration </li></ul>Deploy...
    • 38. Install, Migration, Upgrade <ul><li>Install log: WindowsIIS7.log </li></ul><ul><li>Uninstall </li></ul><ul><ul><li>Stop services to avoid a reboot </li></ul></ul><ul><ul><li>Deletes configuration files, backup before uninstall </li></ul></ul><ul><li>Migration: none for Vista, LH Server TBD… </li></ul><ul><li>Upgrade </li></ul><ul><ul><li>All web and/or FTP components are installed, uninstall unnecessary components afterwards… </li></ul></ul><ul><ul><li>Application pools will be ISAPI mode, configured for no managed code =&gt; all ASP.NET requests will fail </li></ul></ul>Deploy...
    • 39. ASP.NET: Migration <ul><li>Application Pools </li></ul><ul><ul><li>ASP.NET Integrated mode by default </li></ul></ul><ul><ul><li>Configure to load a specific version of the .NET Framework </li></ul></ul><ul><li>Integrated Mode </li></ul><ul><ul><li>Different server environment for some pipeline notifications </li></ul></ul><ul><ul><ul><li>e.g. request is not authenticated for BeginRequest </li></ul></ul></ul><ul><ul><li>Handler and module configuration integrated with IIS </li></ul></ul><ul><ul><ul><li>system.webServer/handlers, system.webServer/modules </li></ul></ul></ul><ul><ul><li>Validation warns on httpHandlers, httpModules, or identity config </li></ul></ul><ul><ul><li>Remove “managedHandler” precondition on an ASP.NET module to have it execute for all content </li></ul></ul><ul><li>ISAPI Mode </li></ul><ul><ul><li>Can’t configure HTTP handlers and modules from the UI </li></ul></ul>Deploy...
    • 40. Replicating applicationHost.config <ul><li>Will cause all application pools to recycle: </li></ul><ul><ul><li>changes to default settings for all application pools </li></ul></ul><ul><ul><li>changes to the &lt;globalModules&gt; list </li></ul></ul><ul><li>Will cause one application pool to recycle: </li></ul><ul><ul><li>application pool settings </li></ul></ul><ul><li>Use only RSA machine-encryption (default), replicate RSA machine key </li></ul><ul><ul><li>http://msdn2.microsoft.com/en-us/library/yxw286t2(VS.80).aspx </li></ul></ul><ul><li>Gotcha&apos;s: </li></ul><ul><ul><li>Machine specific data, like IP addresses or drive letters </li></ul></ul><ul><ul><li>Servers must have same set of modules installed (reference to non-existent module in &lt;globalModules&gt; causes 503&apos;s) </li></ul></ul>Deploy...
    • 41. Configuration Delegation <ul><li>Two kinds of configuration locking: </li></ul><ul><ul><li>overrideMode (similar to &amp;quot;allowOverride&amp;quot;) </li></ul></ul><ul><ul><li>granular locking, e.g. lockItem, lockElements </li></ul></ul><ul><li>By default… </li></ul><ul><ul><li>All IIS sections locked (overrideMode=“Deny”) except: </li></ul></ul><ul><ul><ul><li>Default Document, Directory Browsing, HTTP Header, HTTP Redirects, Validation </li></ul></ul></ul><ul><ul><li>All .NET Framework / ASP.NET sections are unlocked </li></ul></ul><ul><li>Determine your configuration lockdown policy </li></ul><ul><ul><li>be conservative at first </li></ul></ul><ul><ul><li>unlock as necessary (locking later could break apps) </li></ul></ul>Manage...
    • 42. Configuration Schema <ul><li>Use the schema file to see all config settings: </li></ul><ul><li>%windir%system32inetsrvconfigschemaIIS_schema.xml </li></ul><ul><li>Schema describes: </li></ul><ul><ul><li>property types </li></ul></ul><ul><ul><li>default values </li></ul></ul><ul><ul><li>validation </li></ul></ul><ul><ul><li>encrypted by default? </li></ul></ul><ul><li>note: config is case sensitive </li></ul>Manage...
    • 43. Appcmd – Viewing Config Schema C:&gt; appcmd list config /section:? | findstr system.webServer system.webServer/globalModules system.webServer/serverSideInclude system.webServer/httpTracing ... C:&gt; appcmd list config /section:directoryBrowse &lt;system.webServer&gt;   &lt;directoryBrowse enabled=&amp;quot;true&amp;quot; /&gt; &lt;/system.webServer&gt; C:&gt; appcmd list config /section:directoryBrowse /config:* &lt;system.webServer&gt;   &lt;directoryBrowse enabled=&amp;quot;true&amp;quot; showFlags=&amp;quot;Extension, Size, Time, Date&amp;quot; /&gt; &lt;/system.webServer&gt; C:&gt; appcmd list config /section:directoryBrowse /text:* CONFIG   CONFIG.SECTION: system.webServer/directoryBrowse   path: MACHINE/WEBROOT/APPHOST   overrideMode: Inherit   [system.webServer/directoryBrowse]     enabled:&amp;quot;true&amp;quot;     showFlags:&amp;quot;Extension, Size, Time, Date&amp;quot; C:&gt; C:&gt; IIS sections – also try “system.web” and “system.applicationHost” C:&gt; C:&gt; Shows attributes that aren’t set explicitly Manage...
    • 44. Coding: Microsoft.Web.Administration <ul><li>First managed code API for administering IIS </li></ul><ul><ul><li>Same objects and functionality as WMI, appcmd </li></ul></ul><ul><li>What about System.Configuration? </li></ul><ul><ul><li>System.Configuration: </li></ul></ul><ul><ul><ul><li>Strongly typed ASP.NET and .NET Framework config </li></ul></ul></ul><ul><ul><li>Microsoft.Web.Administration: </li></ul></ul><ul><ul><ul><li>Weakly typed IIS, ASP.NET, and .NET Framework config </li></ul></ul></ul><ul><ul><ul><li>Strongly typed IIS objects like Sites and Application Pools </li></ul></ul></ul>Manage...

    ×