Table of Contents

Acknowledgments xix

Introduction xxi

What's New in IIS 7.0 xxi

Overview of Book xxii

Document Conventions xxiii

- Reader Aids xxiii

- Sidebars xxiii

- Command Line Examples xxiv

Companion Media xxiv

Find Additional Content Online xxiv

Resource Kit Support Policy xxv

Part I: Foundation

Introducing IIS 7.0 3

Overview of IIS 7.0 3

What's New in IIS 7.0 5

Core Web Server 5

Configuration 8

Administration Tools 10

Diagnostics 13

Windows Process Activation Service 14

Application Compatibility 15

Basic Administration Tasks 15

Creating a Web Site 15

Creating an Application 17

Creating a Virtual Directory 19

Creating an Application Pool 20

Assigning an Application to an Application Pool 21

IIS 7.0 Features in Windows Server 2008 and Windows Vista 22

Summary 26

Additional Resources 27

Understanding IIS 7.0 Architecture 29

Overview of IIS 7.0 Architecture 30

IIS 7.0 Core Components 33

HTTP.sys 33

World Wide Web Publishing Service 35

Windows Process Activation Service 37

Configuration Store 38

Worker Process 40

Request Processing in Application Pool 42

Classic Mode 43

.NET Integrated Mode 46

Module Scope 51

Module Ordering 51

Non-HTTP Request Processing 53

Summary 55

Additional Resources 56

Understanding the Modular Foundation 57

Concepts 57

The Ideas 58

Types of Modules 58

Modules and Configuration 59

Key Benefits 61

Security 61

Performance 63

Extensibility 63

Built-in Modules 64

Summary 65

Additional Resources 65

Understanding the Configuration System 67

Overview of the Configuration System 68

Configuration File Hierarchy 69

Configuration File Syntax 74

The IIS 7.0 Configuration System and the IIS 6.0 Metabase 81

IIS 7.0 and the .NET Configuration Systems 83

Editing Configuration 85

Deciding Where to Place Configuration 86

Setting Configuration 87

Understanding Configuration Errors 90

Managing Configuration 94

Backing Up Configuration 94

Using Configuration History 95

Exporting and Importing Configuration 96

Delegating Configuration 97

Sharing Configuration Between Servers 107

Summary 113

Additional Resources 114

Part II: Deployment

Installing IIS 7.0 117

Planning the Installation 117

Installation Scenarios for IIS 7.0 119

Ways to Install IIS 7.0 131

Using Server Manager 131

Using Package Manager 132

Using ServerManagerCMD 133

Unattended Answer Files 136

Sysprep/New Setup System 138

Auto-Installs 139

Windows Server 2008 Setup for Optional Features 139

Post Installation 140

Folders and Content 141

Registry 142

Services 142

Validation 143

Troubleshooting Installation 143

Event Logs 144

IIS 7.0 Log 144

Other Related Logging Options 144

Removing IIS 7.0 145

The User Interface in Windows Server 2008 and Windows Vista 145

Command Line Method 147

Summary 148

Additional Resources 149

Part III: Administration

Using IIS Manager 153

Overview of IIS Manager 153

Starting IIS Manager 155

IIS Manager User Interface 156

Navigation Toolbar 159

Connections Pane 159

Workspace 162

Actions Pane 174

Understanding Features 175

Feature to Module Mapping 175

Where the Configuration Is Written 177

Feature Scope 180

IIS 7.0 Manager Customization and Extensibility 181

Remote Administration 184

Summary 186

Additional Resources 186

Using Command Line Tools 187

Using Command Line Management Tools 187

Appcmd.exe 189

Getting Started with Appcmd 190

Appcmd Syntax 191

Supported Objects 193

Getting Help 194

Understanding Appcmd Output 196

General Parameters 199

Using Range Operators 200

Avoiding Common Appcmd Pitfalls 201

Using Basic Verbs: List, Add, Set, Delete 201

Using the List Command to List and Find Objects 202

Using the Add Verb to Create Objects 203

Using the Set Verb to Change Existing Objects 204

Using the Delete Verb to Remove Objects 205

Working with Configuration 206

Viewing Configuration with the List Config Command 207

Setting Configuration with the Set Config Command 208

Managing Configuration Delegation 212

Managing Configuration Backups 213

Working with Applications, Virtual Directories, and Application Pools 213

Working with Web Server Modules 214

Inspecting Running Worker Processes and Requests 215

Listing Running IIS Worker Processes 215

Listing Currently Executing Requests 215

Working with Failed Request Tracing 217

Turning on Failed Request Tracing 217

Creating Failed Request Tracing Rules 218

Searching Failed Request Tracing logs 220

Microsoft.Web.Administration 222

Creating Sites with MWA 222

Creating Application Pools with MWA 223

Setting Configuration 224

Windows PowerShell and IIS 7.0 225

WMI Provider 226

IIS 7.0 Configuration COM Objects 227

Summary 227

Additional Resources 228

Remote Administration 229

The IIS Manager 230

Web Management Service 230

Installation 231

WMSvc Configuration 232

Managing Remote Administration 240

Using Remote Administration 249

Troubleshooting 252

Logging 254

Summary 257

Additional Resources 257

Managing Web Sites 259

Web Sites, Applications, Virtual Directories, and Application Pools 259

Web Sites 260

Applications 262

Virtual Directories 264

Application Pools 265

Administrative Tasks 266

Adding a New Web Site 267

Configuring a Web Site's Bindings 270

Limiting Web Site Usage 273

Configuring Web Site Logging and Failed Request Tracing 275

Starting and Stopping Web Sites 276

Managing Virtual Directories 277

Adding a New Virtual Directory 277

Configuring Virtual Directories 279

Searching Virtual Directories 282

Managing Remote Content 284

Configuring the Application to Use Remote Content 285

Selecting the Security Model for Accessing Remote Content 285

Configuring Fixed Credentials for Accessing Remote Content 287

Granting Access to the Remote Content 288

Summary 289

Additional Resources 289

Managing Applications and Application Pools 291

Managing Web Applications 291

Creating Web Applications 292

Listing Web Applications 297

Managing Application Pools 299

Application Pool Considerations 300

Adding a New Application Pool 302

Managing Application Pool Identities 305

Advanced Application Pool Configuration 309

Managing Worker Processes and Requests 315

Monitoring Worker Processes and Requests 316

Summary 320

Additional Resources 321

Hosting Application Development Frameworks 323

IIS as an Application Development Platform 323

Adding Support for Application Frameworks 325

Supported Application Frameworks 326

Hosting ASP.NET Applications 327

Understanding the Integrated and Classic ASP.NET Modes 328

Running Multiple Versions of ASP.NET Side by Side 330

Installing ASP.NET 332

Deploying ASP.NET Applications 334

Additional Deployment Considerations 340

Hosting ASP Applications 342

Installing ASP 342

Deploying ASP Applications 343

Additional Deployment Considerations 344

Hosting PHP Applications 345

Deploying PHP Applications 346

Additional Deployment Considerations 350

Techniques for Enabling Application Frameworks 353

Enabling New Static File Extensions to Be Served 354

Deploying Frameworks Based on IIS 7.0 Native Modules 356

Deploying Frameworks Based on ASP.NET Handlers 357

Deploying Frameworks Based on ISAPI Extensions 358

Deploying Frameworks That Use FastCGI 358

Deploying Frameworks That Use CGI 362

Summary 364

Additional Resources 365

Managing Web Server Modules 367

Extensibility in IIS 7.0 367

IIS 7.0 Extensibility Architecture at a Glance 368

Managing Extensibility 370

Runtime Web Server Extensibility 371

What Is a Module? 372

Installing Modules 377

Common Module Management Tasks 389

Using IIS Manager to Install and Manage Modules 396

Using IIS Manager to Create and Manage Handler Mappings 400

Using Appcmd to Install and Manage Modules 403

Creating and Managing Handler Mappings 408

Securing Web Server Modules 410

Summary 420

Additional Resources 420

Managing Configuration and User Interface Extensions 421

Administration Stack Overview 421

Managing Configuration Extensions 423

Configuration Section Schema 425

Declaring Configuration Sections 428

Installing New Configuration Sections 431

Securing Configuration Sections 432

Managing Administration Extensions 436

How Administration Extensions Work 438

Installing Administration Extensions 439

Securing Administration Extensions 439

Managing IIS Manager Extensions 440

How IIS Manager Extensions Work 441

Installing IIS Manager Extensions 443

Securing IIS Manager Extensions 443

Summary 446

Additional Resources 446

Implementing Security Strategies 447

Security Changes in IIS 7.0 448

Reducing Attack Surface Area 450

Reducing the Application's Surface Area 460

Configuring Applications for Least Privilege 465

Use a Low Privilege Application Pool Identity 466

Set NTFS Permissions to Grant Minimal Access 468

Reduce Trust of ASP.NET Applications 470

Isolating Applications 472

Implementing Access Control 474

IP and Domain Restrictions 475

Request Filtering 477

Authorization 483

NTFS ACL-based Authorization 484

URL Authorization 485

Authentication 490

Anonymous Authentication 491

Basic Authentication 493

Digest Authentication 495

Windows Authentication 497

Client Certificate Mapping Authentication 501

IIS Client Certificate Mapping Authentication 503

UNC Authentication 508

Understanding Authentication Delegation 509

Securing Communications with Secure Socket Layer (SSL) 511

Configuring SSL 511

Requiring SSL 512

Client Certificates 514

Securing Configuration 515

Restricting Access to Configuration 516

Securing Sensitive Configuration 520

Controlling Configuration Delegation 525

Summary 530

Additional Resources 531

Part IV: Troubleshooting and Performance

Logging 535

What's New? 535

IIS Manager 536

The XML-Based Logging Schema 536

Centralized Logging Configuration Options 538

SiteDefaults Configuration Options 538

Disable HTTP Logging Configuration Options 539

Default Log File Location 539

Default UTF-8 Encoding 539

New Status Codes 540

Management Service 540

Log File Formats That Have Not Changed 540

Centralized Logging 540

W3C Centralized Logging Format 541

Centralized Binary Logging Format 541

Remote Logging 541

Setting Up Remote Logging by Using the IIS Manager 542

Setting Up Remote Logging by Using Appcmd 544

Remote Logging Using the FTP 7.0 Publishing Service 545

Custom Logging 545

Configuring IIS Logging 547

IIS Manager 547

Appcmd 550

Advanced Appcmd Details 552

HTTP.sys Logging 556

Application Logging 557

Process Recycling Logging 557

ASP 558

ASP.NET 558

IIS Events 558

Folder Compression Option 558

Logging Analysis Using Log Parser 559

Summary 561

Additional Resources 561

Tracing and Troubleshooting 563

Tracing and Diagnosing Problems 564

Installing the Failed Request Tracing Module 564

Enabling and Configuring FRT 565

Reading the FRT Logs 572

Integrating Tracing and ASP.NET 576

Taking Performance into Consideration 577

Troubleshooting 579

Applying a Methodology 579

Using Tools and Utilities 581

Troubleshooting HTTP 594

Solving Common Specific Issues 601

IIS 6.0 Administration Tools Not Installed 602

SSl Not Enabled 602

Unexpected Recycling 602

Crashes 602

Unable to Reach Web Site 603

Authentication Errors 603

Slow Responses or Server Hanging 603

Summary 603

Additional Resources 604

Performance and Tuning 605

Striking a Balance Between Security and Performance 606

How to Measure Overhead 606

Authentication 610

SSL 611

The Impact of Constrained Resources 612

Processor 612

What Causes CPU Pressure? 613

Throttling 613

CPU Counters to Monitor 614

Impact of Constraints 616

Countermeasures 616

Memory 617

What Causes Memory Pressure? 617

Memory Counters to Monitor 618

Impact of Constraints 620

Countermeasures 620

Hard Disks 621

What Causes Hard Disk Pressure? 621

Hard Disk Counters to Monitor 621

Impact of Constraints 622

Countermeasures 622

Network 623

What Causes Network Pressure? 623

Network Counters to Monitor 624

Impact of Constraints 624

Countermeasures 625

Application-Level Counters 626

64-Bit Mode vs. 32-Bit Mode 631

Configuring for Performance 632

Server Level 633

IIS 634

Optimizing for the Type of Load 634

Server-Side Tools 635

Application 645

Performance Monitoring 647

WCAT 647

Reliability And Performance Monitor 647

FRT 648

Event Viewer 648

System Center Operations Manager 2007 648

Scalability 649

During Design 649

Scale Up or Out 649

Summary 652

Additional Resources 653

Part V: Appendices

A: IIS 7.0 HTTP Status Codes 657

B: IIS 7.0 Error Messages 663

HTTP Errors in IIS 7.0 664

<httpErrors> Configuration 665

Substatus Codes 666

A Substatus Code Example 667

Language-Specific Custom Errors 667

Custom Error Options 668

Execute a URL 668

Redirect the Request 669

C: IIS 7.0 Modules Listing 671

Native Modules 671

Managed Modules 679

D: Modules Sequence 683

E: IIS 7.0 Default Settings and Time-Outs/Thresholds 687

ASP.NET 687

IIS 694

Management 714

Application Pool Defaults 717

F: IIS 7.0 and 64-Bit Windows 719

Windows Server 2008 x64 719

Configuring a 32-Bit Application on 64-Bit Microsoft Windows 720

G: IIS Manager Features to Configuration References 723

ASP.NET 723

IIS 724

Management 726

H: IIS 6.0 Metabase Mapping to IIS 7.0 727

I: IIS 7.0 Shared Hosting 739

Implementing Process Gating 739

Using the Command Line 740

Configuration Changes 741

Enabling Dynamic Idle Threshold 741

Using the Command Line 743

Configuration Changes 744

J: Common Administrative Tasks Using IIS Manager 745

Index 753

 

 

© Microsoft. All Rights Reserved.