:: Home

  login:         
  passwords:  

IIS 7.0 Administration

IIS 7.0 Administration

Introducing IIS 7.0 Configuration Architecture
IIS 7.0 and Your Hardware
IIS 7.0 Editions and Windows
Web Administration Tools and Techniques

Deploying IIS 7.0 in the Enterprise
IIS 7.0 Protocols
IIS 7.0 Roles
Navigating the IIS 7.0 Role Services and Features
Setting Up IIS 7.0
Managing Installed Roles and Role Services

Core IIS 7.0 Administration
Working with IIS and URLs
Understanding the Core IIS Architecture
Understanding the Services and Processing Architecture
Managing IIS Servers: The Essentials
Managing IIS Services

Managing IIS 7.0 from the Command Line
Using the Windows PowerShell
Working with Cmdlets
Using the IIS Command-Line Administration Tool
Working with IIS Commands

Managing Global IIS Configuration
Understanding Configuration Levels and Global Configuration
Managing Configuration Sections
Extending IIS with Modules
Managing Modules
Sharing Global Configuration

Configuring Web Sites and Directories
Web Site Naming and Identification
Creating Web Sites
Managing Web Sites and Their Properties
Creating Directories
Managing Directories and Their Properties

Customizing Web Server Content
Managing Web Content
Redirecting Browser Requests
Customizing Web Site Content and HTTP Headers
Customizing Web Server Error Messages
Using MIME and Configuring Custom File Types
Additional Customization Tips

Running IIS Applications
Managing ISAPI and CGI Application Settings
Managing ASP Settings
Managing ASP.NET Settings
Managing .NET Framework Settings

Managing Applications, Application Pools, and Worker Processes
Defining Custom Applications
Managing Custom IIS Applications
Managing ASP.NET and the .NET Framework
Working with Application Pools
Configuring Multiple Worker Processes for Application Pools
Configuring Worker Process Recycling
Maintaining Application Health and Performance

Managing Web Server Security
Managing Windows Security
Managing IIS Security

Managing Active Directory Certificate Services and SSL
Understanding SSL
Working with Active Directory Certificate Services
Creating and Installing Certificates
Working with SSL

Performance Tuning, Monitoring, and Tracing
Monitoring IIS Performance and Activity
Detecting and Resolving IIS Errors
Monitoring IIS Performance and Reliability
Tuning Web Server Performance
Strategies for Improving IIS Performance

Tracking User Access and Logging
Tracking Statistics: The Big Picture
Understanding Logging
Configuring Logging

IIS Backup and Recovery
Backing Up the IIS Configuration
Backing Up and Recovering Server Files

WPF Interview Questions

SilverLight Interview Qs

SAP Interview Questions

Oracle Interview Questions

PHP Interview Questions

Ajax Interview Questions

OOP Interview Questions

Ruby Interview Questions

Sql Server Interview Questions

Winforms Interview Questions

SharePoint 2007 Questions

Microsoft Crm Questions

Managing IIS Servers: The Essentials


Managing IIS Servers: The Essentials

When you installed IIS 7.0, you had the opportunity to install the IIS management tools. The standard administration tool for IIS 7.0 is Internet Information Server (IIS) Manager. The standard administration tool for IIS 6.0 is Internet Information Services (IIS) 6.0 Manager.

Using Internet Information Services (IIS) Manager

You can access Internet Information Services (IIS) Manager by clicking Start and choosing Administrative Tools and then Internet Information Services (IIS) Manager. IIS Manager automatically connects to the local IIS installation (if available). Using the choices available when you select the Start Page node, you can connect to one or more remote servers, sites, and applications . Each additional computer, site, or application to which you connect will have a separate node that you can use to manage its resources.

Real World

Firewalls and proxy servers might affect your ability to connect to systems at remote locations. If you need to connect regularly to servers through firewalls or proxies, you'll need to consider the administration techniques you might want to use and then consult your company's network or security administrator to determine what steps need to be taken to allow those administration techniques. Typically, the network/security administrator will have to open TCP or UDP ports to allow remote communication between your computer or network and the remote computer or network. Each type of tool you want to use might require you to open different ports. By default, the Web Management Service (WMSVC) running on an IIS server listens on TCP port 8172. Because any administrator can easily change the default listen port, you may need to check the current configuration by logging on locally or checking your organization's configuration policy documentation. Be sure to provide the connection port when setting the server name.


The node level you select determines what IIS Manager displays in the right pane. When you select a server node in the left pane, the right pane displays the core administration tasks as shown in Figure 3-4. By default, IIS Manager groups the tasks into three areas:

  • ASP.NET Includes tasks related to managing ASP.NET and the .NET Framework

  • IIS Includes tasks related to managing sites and applications

  • Management Includes tasks related to configuring administrative roles, delegation, and remote administration

Figure 3-4. Use IIS Manager to manage Web servers, sites, and applications.

[View full size image]


Using the Group By drop-down list, you can select Category to group by category or No Grouping to list the tasks in alphabetical order. The categories are similar to the ones used during Setup and include Application Development, Health And Diagnostics, HTTP Features, Performance, Security, and Server Components. The Views button, to the right of the Group By drop-down list, allows you to control how the tasks are listed. The views available are:

  • Details Lists tasks with a small icon, task name, and summary description

  • Icon Lists tasks with the task name under a large icon

  • Tiles Lists tasks with a large icon to the left of the task name

  • List Lists tasks with a small icon to the left of the task name

When you expand a server node by double-clicking it, you'll see the following additional nodes as well. Application Pools allows you to view and manage the application pools on the server. When you select the Application Pools node, you'll see a list of application pools by name, status, and other key statistics. Sites allows you to view and manage the Web sites on the server. When you select the Sites node, you'll see a list of Web sites on the server organized by name, ID, status, binding, and local directory path. When you expand the Sites node by double-clicking it, you'll see the sites on the server.

Note

In Figure 3-4, there's also a node for FTP sites. The availability of this node and the way this node works depends on whether you are using classic FTP or nextgen FTP. I'll refer to FTP as originally implemented in IIS 7 for Windows Vista and early releases of Windows Server 2008 as "classic FTP." Classic FTP runs within the context of IIS 6. This means classic FTP uses IIS 6 compatibility mode and requires IIS 6 compatibility features, such as the IIS Manager console for IIS 6 and the IIS 6 metabase. The "nextgen" FTP server for IIS 7, included in all other releases of Windows Server 2008, is fully integrated with IIS 7 and includes enhanced features, such as FTP publishing points.


When you select the node for a specific site, you'll see a list of the site's top-level applications and virtual directories. Selecting the node for an application or virtual directory allows you to manage the configuration at that level.

Enabling and Configuring Remote Administration

The Web Management Service (WMSVC) enables remote and delegated management of IIS through IIS Manager. This means that you must configure and enable the Web Management Service before you can remotely manage a server and before delegated users can perform administration tasks.

You can configure the Web Management Service by completing these steps:

1.
Start IIS Manager. In the left pane, select the icon for the computer you want to work with. If the computer isn't shown, connect to it as discussed previously, and then select it.
2.
When you group by Area, the Management Service feature is listed under Management. Select the Management Service feature and then in the Actions pane, click Open Feature. This displays the Management Service pane as shown in Figure 3-5.

Figure 3-5. Configure options for remote and delegated administration.

[View full size image]
3.
If the Web Management Service is started, you must stop it before you can configure its properties. Click Stop.
4.
If you want to allow local management and local delegated administration only, clear the Enable Remote Connections check box. Otherwise, select this check box to allow remote administration.
5.
Under Identity Credentials, use one of the following options to determine the permitted credentials:

  • Windows Credentials Only Choose this option to restrict remote access for administration to those individuals with Windows administrator accounts.

  • Windows Credentials Or IIS Manager Credentials Choose this option to allow remote access for administration to those individuals with Windows administrator accounts or IIS Manager accounts.
6.
Under Connections, use the IP Address drop-down list to select the IP addresses on which the server will listen for remote connections. You can select a specific IP address to allow connections on that IP address only or All Unassigned to allow connections on any configured IP address.
7.
Under Connections, in the Port box, type the TCP port number on which the server should listen for remote administrator connections. The default port is TCP port 8172.
8.
All remote administration activities are encrypted automatically using SSL. Under Connections, in the SSL Certificate drop-down list, select the certificate the server should use for encryption.
9.
All remote administration activities are logged automatically to the %SystemDrive%\Inetpup\logs\WMSvc directory on the IIS server. To use a different directory, click Browse, and then use the Browse For Folder dialog box to select the new logging location. To disable remote administration logging, clear the Log Requests To check box.
10.
By default, any client with an IPv4 address can connect to the Web server. To restrict access to clients with specific IP addresses, set Access For Unspecified Clients to Deny and then add allowed clients using the Allow option.
11.
Click Start to run the Web Management Service with the updated configuration.

You can start, stop, or restart the Web Management Service by completing these steps:

1.
Start the IIS Manager. In the left pane, select the icon for the computer you want to work with. If the computer isn't shown, connect to it as discussed previously, and then select it.
2.
When you group by Area, the Management Service feature is listed under Management. Select the Management Service feature and then in the Actions pane, click Open Feature.
3.
In the Actions pane, you can do one of the following:

  • Select Start to start the Web Management Service.

  • Select Stop to stop the Web Management Service.

  • Select Restart to stop and then start the Web Management Service as necessary to ensure that the service and all related processes are recycled for troubleshooting.

Starting, Stopping, and Restarting All Internet Services

With classic FTP servers and IIS 6.0 servers, Window Server uses the Inetinfo.exe process to manage all Internet Information Services. Inetinfo is able to do this because it tracks all IIS resources running on a computer and can issue commands to these resources. As an administrator, you can control Inetinfo through IIS 6.0 Manager or the Iisreset.exe command-line utility. If you use either feature, all services on an IIS 6 server are started, stopped, or restarted as appropriate. When you use either technique on an IIS 7.0 server, the following services are started, stopped, or restarted:

  • FTP Publishing Service

  • IIS Admin Service

  • Windows Process Activation Service

  • World Wide Web Publishing Service

On an IIS 7.0 server, the following services are not started, stopped, or restarted:

  • Application Host Helper Service

  • ASP.NET State Service (ensures that out-of-process state is maintained)

  • Web Management Service (ensures that remote administration capabilities are enabled)

Tip

On an IIS 7.0 server, by default, FTP Publishing Service is configured for manual startup only. Because of this, if you use IIS 6.0 Manager or Iisreset to start or restart Internet services, FTP Publishing Service will not be started. To ensure that FTP Publishing Service is started or restarted, you must set the startup type to Automatic.


You can use the Iisreset.exe command-line utility to start, stop, and restart IIS services. To start any IIS services that are stopped on the local computer, type the following command:

iisreset /start

To stop all IIS services that are running, paused, or in an unknown state on the local computer, type the following command:

iisreset /stop

To stop and then restart IIS services on the local computer, type the following command:

iisreset /restart

You can also control IIS services on remote computers. To do this, use the following syntax:

iisreset computername command

such as:

iisreset engsvr01 /restart

With the Restart Internet Services command (Iisreset), the sequence of tasks is important to understand. This command performs the following tasks:

  1. Stops Internet Information Services running on the computer.

  2. Attempts to resolve potential problems with runaway processes or hung applications by stopping all related processes.

  3. Starts IIS services and then starts DLL Hosts as necessary.

Table 3-4 provides a listing of all switches for the Iisreset.exe command-line utility.

Table 3-4. IISRESET Switch Functions
SwitchFunction
/DISABLE Disables restarting of IIS services on the local system.
/ENABLE Enables restarting of IIS services on the local system.
/NOFORCE Doesn't forcefully terminate IIS services if attempting to stop them gracefully fails.
/REBOOT Reboots the local or designated remote computer.
/REBOOTONERROR Reboots the computer if an error occurs when starting, stopping, or restarting IIS services.
/RESTART Stops and then restart all IIS services. Attempts to resolve potential problems with runaway processes or hung applications.
/START Starts all IIS services that are stopped.
/STATUS Displays the status of all IIS services.
/STOP Stops all IIS services that are running, paused, or in an unknown state.
/TIMEOUT:val Specifies the time-out value (in seconds) to wait for a successful stop of IIS services. On expiration of this time-out, the computer can be rebooted if the /REBOOTONERROR parameter is specified. With /STOP and /RESTART, an error is issued. The default value is 20 seconds for restart, 60 seconds for stop, and 0 seconds for reboot.


Managing Individual Resources in IIS Manager

Sites and virtual servers that use the same IIS services can be controlled individually or as a group. You can control individual sites and virtual servers much as you do other server resources. For example, if you're changing the configuration of a site or performing other maintenance tasks, you might need to stop the site, make the changes, and then restart it. When a site is stopped, the site doesn't accept connections from users and can't be used.

In IIS Manager, you can start, stop, or restart all Web sites published on a server by following these steps:

1.
Start IIS Manager.
2.
In the left pane, select the icon for the computer you want to work with. If the computer isn't shown, connect to it as discussed previously, and then select it.
3.
In the Actions pane, you can do one of the following:

  • Select Start to start the World Wide Web Publishing Service and make all Web sites on the server available.

  • Select Stop to stop the World Wide Web Publishing Service and make all Web sites on the server unavailable.

  • Select Restart to stop and then start the World Wide Web Publishing Service as necessary to ensure that the service and all related processes are recycled for troubleshooting.

In IIS Manager, you can start, stop, or restart an individual Web site by following these steps:

1.
Start IIS Manager.
2.
In the left pane, expand the node for the computer you want to work with. If the computer isn't shown, connect to it as discussed previously, and then expand the computer node.
3.
With the Sites node selected in the left pane, in the Name list, click the Web site you want to work with.
4.
In the Actions pane under Manage Web Site, select Start, Stop, or Restart to start, stop, or restart the selected Web site.

Rebooting IIS Servers

Using the Iisreset.exe utility, you can reboot local and remote computers. To use this feature, you must have installed IIS on the computer and you must be a member of a group that has the appropriate user rights. To reboot a local system, you must have the right to shut down the system. To reboot a remote system, you must have the right to force shutdown from a remote system. You should reboot an IIS server only if the Restart IIS procedure fails.

To reboot a computer by using Iisreset.exe, type the following command:

iisreset computername /reboot

such as in the following example:

iisreset engsvr01 /reboot

If users are working on files or performing other tasks that need to be exited gracefully, you should set a time-out value for services and processes to be stopped. By default, the time-out is zero seconds, which forces immediate shutdown and tells Windows Server 2008 not to wait for services to be shut down gracefully. You could set a time-out value of 60 seconds when rebooting engsvr01 as follows:

iisreset engsvr01 /reboot /timeout:60

Copyright 2007, Megasolutions Ltd