Deploying Windows 2000 with IIS 5.0 for Dot Coms: Best Practices
By Ram Papatla, firstname.lastname@example.org
This paper recommends a series of best practices for deploying the Microsoft® Windows® 2000 operating system and Internet Information Services 5.0 in a dot-com environment. The information and conclusions in this document were compiled while deploying systems for major dot-com businesses in the Windows 2000 Joint Development Program. Each section provides links to online documents that will be helpful in carrying out these recommendations.
On This Page
Planning a Migration
Planning a Dot-Com Site
A year before the release of the Windows® 2000 operating system, Microsoft teamed with several partners, including several dot-com businesses, to deploy and test the new operating system. These partners included a diverse group of businesses ranging from Super Markets Online to Dell.com. The program, known as the Joint Development Program, helped Microsoft fine-tune its product. From these partnerships, Microsoft developers and engineers learned valuable lessons about the best practices for customers to follow when deploying Windows 2000 with its integrated Internet Information Services (IIS) 5.0 in a dot-com environment. The recommended practices in this paper focus on issues faced by dot-com enterprises. These recommendations can help you avoid some common pitfalls and make the best choices for your organization. Along with each recommended practice, this paper includes links to online documents and resources for more detailed reading and explanations.
Deploying the Windows 2000 operating system in a dot-com environment requires planning and preparation. You should start by understanding the capabilities and features of Windows 2000. Then determine how your dot com can take advantage of them. Assess your needs going forward, analyze your current system, verify operating system requirements, and prepare a deployment plan that includes testing.
IIS 5.0 can get up and running in minutes because it is integrated with Windows 2000. This makes it even easier to create rich, dynamic content and build Web-based business applications for your corporate intranet and Internet sites. IIS 5.0, which ships as part of Windows 2000, significantly improves reliability, availability, performance, management, security, application environment, and scalability.
Microsoft continues to gain experience by working with partners to deploy the new operating system in new environments. This white paper will be updated occasionally to reflect new learning about the best practices. Updates will also reflect advances in technology, such as fixes included in service packs, that resolve earlier problems.
Planning a Migration
Planning is perhaps the most important phase in any project that affects enterprise computer systems. Without sufficient planning, you're more likely to overlook important steps or fail to prevent predictable problems. As a result, vital systems can become unavailable, and day-to-day business operations can be disrupted and revenues lost. With careful planning, however, the new system can meet or even exceed your expectations with minimal disruptions, and greatly enhance your business. Migrating a Web server involves creating a vision and scope, and writing a functional specification. The following articles on Microsoft TechNet provide more planning information. The first three chapters of the Windows 2000 Server Deployment and Planning Guide (from the Windows 2000 Resource Kit) include a thorough discussion of planning and migration. The recommendations and references in this section can help you plan the migration of your dot com to IIS 5.0 on Windows 2000.
Recommendation Understand and document the steps for planning a Web server migration project.
Understanding the Migration Process: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/deploy/depovg/planning.mspx
Planning a Web Server Migration Project: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/deploy/depovg/planning.mspx
Windows 2000 Server Deployment and Planning Guide (from the Windows 2000 Resource Kit): http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/w2rkbook/dpg.asp
System Readiness and Compatibility
Windows 2000 with IIS 5.0 introduces a new platform and architecture for dot-com business computing. You may need to update some of your hardware and software. Most problems encountered during upgrade testing for JDP dot-com customers involved third-party hardware and software products that were incompatible with Windows 2000. Microsoft provides an online tool, the Readiness Analyzer, to generate a custom report listing known hardware and software compatibility issues that arise when upgrading systems to Windows 2000. Note that this report does not provide information for all third-party hardware and software that you may be running on your system.
Many hardware and software manufacturers will be putting out updates and patches to allow their products to work with Windows 2000. You should take the time to contact these manufacturers to help you determine if your existing systems and software will be compatible with Windows 2000.
On each computer, running winnt32 /checkupgradeonly at the Setup command line helps you identify compatibility issues specific to that machine. This command checks for upgrade compatibility with Windows 2000. For Windows 95 or Windows 98 upgrades, it creates a report named Upgrade.txt in the Windows installation folder. For Windows NT® 3.51 or 4.0 operating system upgrades, it saves the report to the Winnt32.log in the installation folder. Running winnt32 /? will provide a description of the different switches that you can use when migrating your system to Windows 2000.
Such tools will help you discover readiness and compatibility issues, and plan accordingly. The following recommendations will help you assess the readiness of your production systems to make sure your hardware and software will run on Windows 2000.
Run winnt32 /checkupgradeonly to help you identify and eliminate any compatibility issues. Run winnt32 /? for a description of the different switches that you can use when upgrading.
Check if your hardware meets the minimum system requirements for Windows 2000. Check System Requirements: http://www.microsoft.com/windows2000/server/evaluation/sysreqs/default.asp
Check if your versions of Windows can be upgraded to Windows 2000 for client and server systems. Upgrading from Previous Versions of Windows: http://www.microsoft.com/windows2000/professional/howtobuy/upgrading/path/default.asp
Run the Windows 2000 Readiness Analyzer Tool prior to upgrading your test system. The Windows 2000 Readiness Analyzer: http://www.microsoft.com/windows2000/server/howtobuy/upgrading/compat/default.asp
Contact hardware and software manufacturers directly to determine product compatibility with Windows 2000.
Search for Compatible Hardware Devices: http://www.microsoft.com/windows2000/server /howtobuy/upgrading/compat/search/devices.asp
Search for Compatible Software Applications: http://www.microsoft.com/windows2000/professional /howtobuy/upgrading/compat/search/software.asp
Learn about Certified Applications that make maximum use of the features in Windows 2000. Windows 2000 Certified Applications: http://www.microsoft.com/windows2000/server/howtobuy/upgrading/compat/certified.asp
Learn to diagnose and resolve application compatibility issues with the Windows 2000 Application Compatibility Toolkit: http://msdn.microsoft.com/compatibility/
Obtaining the Latest Windows 2000 Service Pack
Service packs are the means by which Windows 2000 fixes are distributed. Service packs keep the operating system up to date, adding things such as updates, system administration tools, drivers, and additional components. All are conveniently presented for easy downloading. Service packs are cumulative—each new service pack contains new fixes and all of the fixes from previous service packs. You do not need to install a previous service pack before you install the latest one.
Read How to Obtain the Latest Windows 2000 Service Pack: http://support.microsoft.com/default.aspx?scid=KB;en-us;260910&sd=tech
Read the Windows 2000 Service Pack Installation and Deployment Guide: http://www.microsoft.com/windows2000/techinfo/planning/incremental/sp2guide.asp
Microsoft Server Products Service Packs
Many dot-com businesses deploying Windows 2000 also use some of the popular Microsoft Server products, such as Exchange Server or Site Server. You should review the list of service packs required for Microsoft server products to run on Windows 2000. Previous versions of Microsoft server products most likely require software updates to run on Windows 2000. Microsoft is releasing service pack updates for each server product to ensure compatibility with Windows 2000. These service packs are available to order or download.
Recommendation: Review the list of service packs for Microsoft Server products to run on Windows 2000.
Microsoft Server Products Service Packs Required for Windows 2000: http://www.microsoft.com/windowsserversystem/downloads/default.mspx
Service Packs and Hot Fixes for Microsoft Server Products: http://www.microsoft.com/technet/security/current.aspx
Visual Studio 6.0 Service Pack 4 or higher: http://msdn.microsoft.com/vstudio/sp/vs6sp5/default.asp
Hot Fixes by Technology, Top Support Downloads: http://support.microsoft.com/default.aspx?ID=FH;EN-US;hotfixes&FR=0&SD=TECH&LN=EN-US&CT=SD&SE=NONA
Microsoft Systems Management Server 2.0 Service Pack 2
Systems Management Server 2.0 is the configuration management tool for networks with hundreds or thousands of workstations. SMS Service Pack 2 is designed to address specific customer suggestions and to ensure compatibility with Windows 2000. You can download the Service Pack, order the CD online, or call 1-800-370-8758 to order a CD (allow 4-6 weeks for delivery). For more information about Systems Management Server 2.0 Service Pack 2 including a complete list of what has changed in the service pack, review the release notes contained in the Installation Readme and Operation Readme files available online and included with Service Pack 2.
Recommendation Install SMS Service Pack 2
- Systems Management Server Service Pack 2 Downloads: http://www.microsoft.com/smsmgmt/downloads/default.asp
Planning a Dot-Com Site
The following recommendations will help you plan and build your dot-com site. These recommendations were proven by dot-com customers in JDP deployments as the methods that take best advantage of the advanced features in Windows 2000 with IIS 5.0. These recommendations will help you ensure that your system delivers top performance, scalability, reliability, and security. These recommendations can also help reduce total cost of ownership (TCO).
Internet Information Services 5.0 runs within Windows 2000. It uses other services provided by Windows 2000, such as security services and the Active DirectoryTM service. IIS 5.0 incorporates advanced features in Windows 2000 to improve reliability, performance, management, security, and application services. With IIS 4.0, Microsoft focused on security, administration, programmability, and support for Internet standards. IIS 5.0 has enhanced features and capabilities to deliver Web sites and it is easier to use than prior versions.
Recommendation Read a quick overview of Internet Information Services 5.0.
- Adding a New Windows 2000 File-Print and Web Server to Your Network: http://www.microsoft.com/windows2000/techinfo/planning/incremental/addfile.asp
A common technique to protect your main IIS process is to run Web applications in their own memory space—that is, to run them out-of-process. This technique known as process isolation improves server stability by protecting the main IIS process even if an application crashes. However, process isolation may have performance tradeoffs. IIS 4.0 provided process isolation as a choice with the Run in separate memory space option in the Internet Service Manager console. IIS 5.0 offers more isolation options, allowing you to set isolation levels at Low, Medium, or High under the Application protection setting in the ISM console. You should thoroughly understand the pros and cons of each setting, and its impact on reliability and performance. It is important to note that Medium is the default setting for Active Server Pages (ASP) in IIS 5.0. The Medium option operates on the new concept of a pooled process, meaning that every Web application set to Medium will share the same instance of Dllhost.exe. This is a new feature that delivers an option requested by many Microsoft customers. It offers a compromise between the reliability of process isolation and the performance tradeoffs in IIS 4.0. Typically, Medium isolation performance in IIS 5.0 is better than in-process applications running under IIS 4.0.
During testing, benchmark the effect of your process isolation choice using Microsoft's Web Application Stress (WAS) tool. This will help you understand how your Web site will scale with each isolation choice. A major e-commerce site trying to serve many customers as quickly as possible may choose the low (in-process) setting. On the other hand, an online trader for whom any downtime could prove dire would choose the high (isolated) setting.
Recommendation Understand Process Isolation levels (Low, Medium, and High) for IIS 5.0.
Microsoft .NET and Windows DNA
The Microsofts® Windows Server Systems™, the comprehensive family of server applications for building, deploying, and managing scalable, integrated, Web-based solutions and services, has evolved from Windows® DNA, a platform for building and deploying interoperable business Web sites. DNA has often been described as a three-tiered model because Web applications are segmented into three logical tiers of functionality: presentation services, business services, and data services.
Key concepts of Windows DNA include:
Interoperability. Windows DNA greatly simplifies integration, so you can use the systems you already have in place.
Scalability. Windows DNA enables you to scale out your Web-based applications.
In the evolution to .NET, applications will expose functionality as a set of "Web services" to end users and/or developers. Windows DNA applications can be extended to become Web services, which can then be integrated and orchestrated with other Web services using the Microsoft .NET Framework. The development, deployment and management of these new applications and services will be greatly simplified by new .NET tools and technologies delivered by Microsoft.
Recommendation Create an architecture for your site that takes advantage of Microsoft.NET.
About Microsoft.NET: http://www.microsoft.com/net
MSDN Online .NET Information: http://msdn.microsoft.com/net/
Introduction to Designing and Building Windows DNA Applications: http://msdn.microsoft.com/library/techart/windnadesign_intro.htm
A Blueprint for Building Web Sites Using the Microsoft Windows DNA Platform: http://msdn.microsoft.com/library/techart/dnablueprint.htm
E-Commerce White Paper Series
The high levels of reliability and availability required of business-to-consumer Web sites requires great technology, but it also requires great operational processes. Microsoft has gathered information from industry experience and best practices to help you set up and run operational processes. This information is available in the Enterprise Services frameworks, including:
Microsoft Readiness Framework —which helps organizations plan for change.
Microsoft Solutions Framework —specific guidance for successful application and infrastructure projects.
Microsoft Operations Framework —technical guidance on reliability, availability, supportability, and manageability of Microsoft products.
Recommendation Read white papers drawn from these frameworks that are relevant for e-commerce enterprises.
- E-Commerce White Paper Series: http://www.microsoft.com/technet/archive/itsolutions/ecommerce/plan/ecseries.mspx
Network Load Balancing
The Network Load Balancing (NLB) service enhances the availability and scalability of Web servers. You can cluster up to 32 servers running Windows 2000 Advanced Server to evenly distribute incoming traffic while also monitoring the health of servers and network adapters. The dual benefits of simple, incremental scalability and high-availability make NLB ideal for use with business-critical e-commerce, hosting, and Terminal Services applications. NLB introduces the concept of software scaling, or scaling out, in which administrators can add capacity to their server farms by simply plugging in additional NLB-configured servers as needed. Benefits include scalable performance, rolling upgrade support to reduce planned downtime, automatic detection and restart of failed computers, automatic distribution of the network load, and integration with Windows 2000 Advanced Server.
Recommendation Use the Network Load Balancing (NLB) service built into Windows 2000 Advanced Server to create scalable and available Web farms.
Network Load Balancing Technical Overview: http://www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/confeat/nlbovw.mspx
Configuring Network Load Balancing: http://support.microsoft.com/default.aspx?scid=KB;en-us;240997&sd=tech
Using Terminal Server with Network Load Balancing: http://support.microsoft.com/default.aspx?scid=KB;en-us;243523&sd=tech
Transaction Cost Analysis
Transaction Cost Analysis (TCA) is an important management tool for dot-com businesses. This tool helps you determine the traffic load necessary to generate the business anticipated. You must design and build your Web site and applications with capacity to handle this load. The TCA tool is part of the Microsoft Commerce Server application. The purpose of capacity planning for Internet services is to ensure the best acceptable performance while minimizing the total dollar cost of ownership. You can use TCA methodology to simulate client transactions on your dot-com site with a load-generation tool. TCA can be used to measure the cost, in terms of CPU usage, of individual shopper operations, such as browsing, adding an item to the shopping cart, checking out, searching, registering, and so on. The capacity of a site is determined by dividing the costs of shopper operations into the total CPU capacity available for the server. Once you understand the cost and relative frequency of each shopper operation, you can view the performance numbers for a site's pages to see where the bottlenecks are, and to see where you can optimize performance to improve the site's capacity.
Recommendation Use Transaction Cost Analysis (TCA) for site capacity planning based on your existing site in production.
- Using Transaction Cost Analysis for Site Capacity Planning: http://www.microsoft.com/siteserver/ssrk/docs/rk_tcaplan.doc
Before you deploy Windows 2000 with IIS 5.0 on your Web servers, it is very important that you test your proposed design in an environment that simulates real-world scenarios as closely as possible. Not only does this help you find problems with your servers and the Web applications that you plan to deploy on them, but also it protects your production servers from being randomized by unpredictable problems. It is best if you set up your tests in a controlled environment, such as a lab, and isolate the servers from extraneous loads. Concentrate the test servers on stressing your hardware setup and Web applications.
Testing plays a vital role in the success of your upgrade from IIS 4.0 to IIS 5.0. In your test environment, you could discover problems that would be disastrous to encounter on your live site. These might include issues that will affect your Web server's performance. You may discover that you need to add more RAM, or that the ASP application you were hoping to deploy along with your upgrade of IIS 5.0 has too many bugs to go on the Web. If you eliminate as many of these issues as possible during the testing stage, you will have a greater chance of a smooth upgrade.
Setting Up a Test Lab
A well-designed test lab provides a controlled environment for testing throughout the project life cycle—from experimenting with the technology, to comparing design solutions, to fine-tuning the rollout process. A good lab need not be a large resource or capital funding investment; it can range from a few pieces of hardware in a small room to a full-scale network in a data center environment. The test lab is an investment that can pay for itself many times over in reduced support and redeployment costs that arise from poorly tested solutions.
One common issue during deployments at the JDP dot coms was a lack of available equipment to use for a test lab. Building a test lab will require many clients to participate in stress and load testing. One easy solution is to use the developer machines as stress machines overnight to stress the application. Tools like the Microsoft Web Application Stress Tool (WAS) make it easy for client machines to participate. WAS will propagate the stress script to the clients and automatically engage the client machines in a stress exercise.
Recommendation Before you deploy Windows 2000, test your proposed design in a lab environment that simulates and protects your production environment.
Building a Windows 2000 test lab.
Use developer machines overnight as stress machines for stress testing.
Stress and Load Testing
Dot-com businesses cannot overestimate the crucial benefits to be gained from simple stress testing and capacity planning. These tests ensure that online applications can handle the demands to keep the online businesses running. An organization should set capacity goals, such as a number of page-hits per minute that an application should handle. The WAS tool can simulate a high number of browser connections, which illustrates how your application will perform under real Internet or intranet traffic. This is particularly useful for Web sites that use lots of dynamic content. Simply selecting pages in your browser can create the script that provides this simulation. You should test each new page before releasing it to production. Use the planning tools mentioned earlier to establish a benchmark for the pages in your Web site, then test to make sure they handle the planned capacity. Continue testing after deployment to compare the application's live performance to the established goals.
Recommendation: Use the WAS tool for stress testing and capacity planning.
Microsoft Web Application Stress Tool: http://www.microsoft.com/technet/archive/itsolutions/intranet/downloads/webstres.mspx
Load Testing for Windows DNA Solutions: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnmdac/html/dnastress.asp
IIS 5.0 features a setup log, which tracks and lists every event during IIS setup. This can be useful for troubleshooting when you deploy IIS 5.0 in the lab or in production. Errors, missing files, and other failures can be tracked by searching the log using a keyword and fail as in "keyword_fail," to find the source of the failure. The log file can be used to debug installation difficulties that are discovered after attempting to install IIS.
Recommendation When a failure occurs in IIS after upgrade, review the IIS 5.0 Setup log for more information.
- Setup Logging in IIS 5.0: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/tips/setuplog.mspx
Testing Application Compatibility
Start early to develop a plan for testing your Windows-based applications. Information in the pages below can lead you through the process of testing your applications for compatibility with Windows 2000.
Recommendation Read testing guidelines.
- Testing in International and Localized Versions: http://support.microsoft.com/default.aspx?scid=KB;en-us;256600&sd=tech
Security and Authentication Mechanisms
Users who are familiar with the Windows NT Challenge/Response authentication mechanism in Windows NT Server 4.0 will not find it in Windows 2000. It has been replaced by the Integrated Windows Authentication. The Windows NT Challenge/Response authentication mechanism no longer appears in the management console. Windows 2000 has new authentication mechanisms, and administrators may benefit by using the chart referred to below as a handy reference to the new mechanisms replacing those familiar from Windows NT Server.
Recommendation Understand the authentication mechanisms in Windows 2000.
Windows 2000 Security Technical Overview: http://www.microsoft.com/windows2000/library/howitworks/security/sectech.asp
Product Security Notification Subscriptions: http://www.microsoft.com/technet/security/bulletin/notify.mspx
IIS 4.0 and IIS 5.0 Authentication Methods Chart: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/featusability/authmeth.mspx
No Windows NT Challenge-Response Authentication Method Available in IIS 5.0: http://support.microsoft.com/default.aspx?scid=KB;en-us;252941&sd=tech
Once your applications are deployed in the test lab, you will begin to uncover bugs. Thorough testing and debugging prior to deployment is critical. Windows 2000 with IIS 5.0 provide new features for debugging applications. The Customer Support Diagnostics package contains symbols and debugging tools for diagnosing your system. These can help you resolve bugs on your own, or help you successfully pinpoint and resolve bugs with support services.
In addition to the traditional Windows NT debugging tools (DrWtsn32, Windbg/WindbgRM, kernel debugger (KD), NT software debugger (NTSD)/CDB, and so forth) a new set of debugger-related tools are included with the Windows 2000 Support Tools. This tool set includes debugger extensions that examine kernel data structures, tools for checking the memory pool, and an intelligent kernel memory-dump analysis tool.
These troubleshooting and development tools extend the functionality of existing debugging tools such as Kernel Debugger, provide new features upon which new debugging methodologies can be based, and provide development support.
Recommendation Download the Windows 2000 Customer Support Diagnostics for obtaining symbols and debugging tools.
Windows 2000 Customer Support Diagnostics: http://www.microsoft.com/windows2000/downloads/otherdownloads/symbols/default.asp
Debugger Related Resources on the Microsoft Web site: http://www.microsoft.com/ddk/debugging/
Debugging COM Applications
As their needs grow, many dot-com businesses add more powerful Component Object Model (COM)–based applications. Developers who take up COM to meet certain objectives for their online businesses may be more familiar with scripting models and often have questions about the more complex issues of debugging COM. The following online resources relate to debugging COM in Windows 2000 with IIS 5.0.
Recommendation: Check out the following resources for help debugging COM components in IIS.
HowTo: Debug InProc COM Components Inside IIS Using WinDbg: http://support.microsoft.com/default.aspx?scid=KB;en-us;192754&sd=tech
HowTo: Debug a Native Code Visual Basic Component in VC++: http://support.microsoft.com/default.aspx?scid=KB;en-us;166275&sd=tech
Debugging a VB DLL Under Active Server Pages: http://support.microsoft.com/default.aspx?scid=KB;en-us;177182&sd=tech
Debug ISAPI and Filter DLL Under IIS 4.0: http://support.microsoft.com/default.aspx?scid=KB;en-us;183480&sd=tech
Monitoring Events Using Visual Studio Analyzer: http://www.microsoft.com/Mind/0699/analyzer/analyzer.htm
Calling Product Support
When you need Microsoft for technical support, you can try self-help by searching the Personal Online Support site's extensive collection of articles from the Microsoft Knowledge Base. When you need assistance from a support professional, the following tips will help you reach a successful resolution to your problem(s):
Describe/Isolate the problem. The better the description of the problem, the easier it will be to isolate. If possible, make sure you can isolate the problem to a specific area.
Reproduce the problem. Describe in detail, the steps the Support Professional can use to reproduce the problem.
Assess the impact of the problem. What is the impact of the problem on your product or business?
Recommendation Gather information to prepare before contacting Microsoft Product Support. The following articles offer advice for using online self-help.
How to Find Answers Online: http://support.microsoft.com/support/howto/services.asp
HowTo: Search for ASP Knowledge Base Articles: http://support.microsoft.com/default.aspx?scid=KB;en-us;246453&sd=tech
HowTo: Use the Developer Support Microsoft Knowledge Base: http://support.microsoft.com/default.aspx?scid=KB;en-us;242971&sd=tech
HowTo: Search for COM+ Knowledge Base Articles: http://support.microsoft.com/default.aspx?scid=KB;en-us;252318&sd=tech
Troubleshooting Blue Screens
When a fatal system error occurs in Windows 2000, it enters debug mode for troubleshooting purposes. This appears as a blue screen and the first few lines look similar to the following:
Stop 0x0000001e (c000009a 80123f36 02000000 00000246) Unhandled Kernel exception c000009a from 8123f26 Address 80123f36 has base at 80100000 - ntoskrnl.exe
The following Knowledge Base articles contain information to help you identify the cause of the Blue Screen and gather more information about it before you contact Microsoft Product Support. You can also search the Microsoft Product Support site for more information about fatal system errors, and troubleshooting tips, using the keywords: " kberrmsg" "kbtshoot" and "ntstop."
Recommendation Read KB articles on Blue Screen information.
Blue Screen Preparation Before Contacting Microsoft - 129845: http://support.microsoft.com/default.aspx?scid=kb;en-us;129845&sd=tech
Gathering Blue Screen Information After Memory Dump - 192463: http://support.microsoft.com/default.aspx?scid=kb;en-us;192463&sd=tech
The Active Server Pages environment has been enhanced in IIS 5.0 with features that make it easier to use for scripters and Web application developers. The articles recommended below discuss how to get the most from these new features.
Recommendation Understand and incorporate the new ASP 3.0 features.
Read up on the traps, pitfalls, and suggestions for optimizing ASP applications. 25+ ASP Tips to Improve Performance and Style: http://msdn.microsoft.com/workshop/server/asp/ASPtips.asp
Read a multi-step plan for migrating Windows NT 4.0-based ASP applications to Windows 2000. Migrating Your ASP Apps from Windows NT 4.0 to Windows 2000: http://msdn.microsoft.com/msdnmag/issues/0800/migrateASP/migrateASP.asp
Leveraging ASP in IIS 5.0: http://msdn.microsoft.com/workshop/server/asp/server02282000.asp
Server Performance and Scalability Killers: http://msdn.microsoft.com/workshop/server/iis/tencom.asp
Server Reliability through Process Isolation: http://msdn.microsoft.com/workshop/server/asp/server112299.asp
Two New Redirection Methods in Microsoft IIS 5.0: http://msdn.microsoft.com/msdnmag/issues/0400/default.asp
Improving ASP Application Performance: http://msdn.microsoft.com/workshop/server/asp/server03272000.asp
What's New in ASP with IIS 5.0: http://support.microsoft.com/default.aspx?scid=KB;en-us;222487&sd=tech
Using Enhanced <SCRIPT> Tags for Includes: http://support.microsoft.com/default.aspx?scid=KB;en-us;224963&sd=tech
Using Component Architecture
Components can provide benefits to your ASP application such as scalability, performance, and configuration and deployment flexibility. A COM object encapsulates a piece of compiled code that performs a small set of functions. It can be pulled into any program, but its main functionality remains the same. When you build an ASP project (or indeed any program), you can pull in that functionality as simply as you would make a call to a function that is defined within a program. Many projects or users can use COM objects at the same time due to COM architecture. Their encapsulation makes it easy to reuse code, and they can be distributed on different machines.
ASP components are COM objects that are written with Web-use in mind. For example, instead of "printf," you might have "Response.Write" when sending output text, or a component might manipulate a database depending on input from a Web client. The fact that components are compiled code makes them much faster than performing the same functions with ASP code. Microsoft Transaction Services (MTS) allows you to manage your components no matter where they are located, and it allows you to manage transactions made by those components. In COM+ (available with Windows 2000), that functionality is expanded. Components can be written in any language that supports COM, like VB and VC++. They can be accessed by any other language like VB, VC++, VBScript, or JScipt in ASP or in Windows Script Host. When creating a new version of a component, a developer uses a prescribed method that prevents it from breaking old applications that were written for the previous version of the component. By moving your business logic to component-based architecture, you open up a world of possibilities.
Recommendation Move business logic into a component-based architecture.
ASP Component Guidelines: http://msdn.microsoft.com/workshop/server/asp/server01242000.asp
Architectural Design: A Scalable, Highly Available Business Object Architecture: http://www.microsoft.com/technet/archive/itsolutions/ecommerce/plan/objarchi.mspx
Developing ASP Components with ATL: http://msdn.microsoft.com/workshop/server/asp/comp.asp
Free Microsoft Developer Training for Windows 2000: http://www.microsoft.com/trainingandservices/default.asp?PageId=training&LearnCenterAsp=win2000
Web Workshop: ASP Component Guidelines: http://msdn.microsoft.com/workshop/server/asp/server01242000.asp
Compiling Components in Visual Basic for ASP: http://msdn.microsoft.com/msdnmag/issues/0300/serving/serving.asp
Bulletproofing Your ASP Components: http://www.microsoft.com/mind/default.asp
Fitch & Mather Stocks: Web Application Design: http://msdn.microsoft.com/library/techart/fmstocks_Web.htm
INFO: Design Guidelines for VB Components Under ASP: http://support.microsoft.com/default.aspx?scid=KB;en-us;243548&sd=tech
Application Specification for Windows 2000 Server: http://msdn.microsoft.com/library/default.asp?URL=/library/specs/w2kserve.htm
COM+ is the next step in the evolution of Component Object Model (COM) and Microsoft Transaction Server (MTS). COM+ builds on and extends applications written using COM, MTS, and other COM-based technologies. COM+ handles many of the resource management tasks that developers previously had to program, such as thread allocation and security. Where applicable, COM+ can be used to develop enterprise-wide, mission-critical, distributed applications based on the Windows 2000 operating system.
Recommendation Understand the advantages of upgrading to COM+.
Basic Instincts: Porting Applications from MTS to COM+: http://msdn.microsoft.com/msdnmag/issues/0300/basics/basics.asp
MSDN Online Library: COMponents: http://msdn.microsoft.com/library/techart/msdn_components.htm
MSDN Online Library: COM+ (Component Services): http://msdn.microsoft.com/library/psdk/cossdk/complusportal_9o9x.htm
COM+ Application Guidelines for Visual Basic Development: http://msdn.microsoft.com/library/techart/complus.htm
Deploying COM+ applications: http://msdn.microsoft.com/library/psdk/cossdk/pgdeployment_toplevel_8b5f.htm
Building COM Components That Take Full Advantage of Visual Basic and Scripting: http://msdn.microsoft.com/library/default.asp?URL=/library/techart/msdn_vbscriptcom.htm
Windows Script Host
The Windows Script Host (WSH) is a tool that allows you to run Visual Basic Scripting Edition and JScript natively within the base operating system, either on Windows 95 or Windows NT 4.0. Using the scripting languages you already know you can now write script to automate common tasks, and to create powerful macros and logon scripts.
Recommendation Become knowledgeable in Windows Script Host built into Windows 2000 and incorporate it in your Web architecture.
Microsoft Windows Scripting Home Page: http://msdn.microsoft.com/scripting
You can use the Visual InterDev® Web development system to support Windows Script Host files: How to Enable Windows Script Version Tools Support for Visual InterDev: http://support.microsoft.com/default.aspx?scid=KB;en-us;249024&sd=tech
Windows® Management Instrumentation (WMI) makes Windows extremely manageable using a consistent, standards-based, extensible and object-oriented interface. WMI is the Microsoft implementation of Web-Based Enterprise Management (WBEM), an industry initiative to develop a standard technology for accessing management information in an enterprise environment. The purpose of this initiative is to help companies lower their total cost of ownership by enabling powerful enterprise-class management of systems, applications and devices. Numerous companies are participating in the WBEM initiative, including BMC Software, Cisco Systems, Compaq Computer, Intel, and Microsoft.
Recommendation Read the articles on WMI.
Windows Management Instrumentation SDK: http://msdn.microsoft.com/downloads/sdks/wmi/default.asp
Windows Management Instrumentation Platform SDK: http://msdn.microsoft.com/library/psdk/wmisdk/wmistart_5kth.htm
WMI Provider Programming: http://msdn.microsoft.com/library/psdk/wmisdk/provprog_9sdj.htm
Programming Basics for WMI Applications: http://msdn.microsoft.com/library/psdk/wmisdk/appprog_63ub.htm
Using WMI Scripting from ASP on Windows 2000: http://msdn.microsoft.com/library/psdk/wmisdk/scintro_4kog.htm
Microsoft Data Access Components Architecture
The Microsoft Data Access Components (MDAC) architecture provides a universal framework for exposing both traditional SQL-based database sources and non-SQL data stores such as documents or multidimensional sources. The architecture requires nothing of data except that it can be exposed in tabular form from an OLE DB data provider or ODBC data source. Microsoft ActiveX® Data Objects (ADO), Remote Data Service (RDS), or even OLE DB itself can then expose that data to the consumer application.
Recommendation Read MDAC development tips and platform SDKs for database developers.
Improve the Performance of Your MDAC Application: http://www.microsoft.com/data/impperf.htm
Top Ten Tips: Accessing SQL Through ADO and ASP: http://www.microsoft.com/mind/1198/ado/ado.htm
Handling ADO Connections in ASP: http://support.microsoft.com/default.aspx?scid=KB;en-us;176056&sd=tech
MSDN Online Library: Pooling in the Microsoft Data Access Components : http://msdn.microsoft.com/library/psdk/dasdk/pool0y2b.htm
MSDN Online Library: MDAC General Technical Articles: http://msdn.microsoft.com/library/psdk/dasdk/mdac1lpu.htm
ADO 2.5 and XML
ActiveX Data Objects 2.5 provides built-in integration with ASP pages in IIS 5.0, and between Remote Data Service (RDS) 2.5 and ASP. ADO 2.5 can be used with ASP pages to generate XML directly from the server. Understand XML integration in ADO 2.5, ASP and the Document Object Model (DOM) in Windows 2000. The resources below describe XML, DOM, name spaces, using XML for server-side scripting, XML data islands and other developer resources.
Recommendation Read up on XML and ADO 2.5.
XML Integration Features in ADO 2.5: http://msdn.microsoft.com/xml/articles/xmlintegrationinado.asp
XML Developer's Guide: http://msdn.microsoft.com/xml/xmlguide/default.asp
Inside MSXML Performance: http://msdn.microsoft.com/xml/articles/xml02212000.asp
Improve Performance of ADO Apps: http://msdn.microsoft.com/library/default.asp?URL=/library/psdk/dasdk/impr8l2m.htm
SOAP, the Simple Object Access Protocol, is a way to create widely distributed, complex-computing environments that run over the Internet using existing Internet infrastructure. For services to work together seamlessly, it must be easy to coordinate steps between services over the Internet and simple to create new and customized services. Microsoft's response to this challenge is to use existing Internet standards such as HTTP and XML to enable this kind of interoperability.
Recommendation Review the documentation on SOAP.
Simple Object Access Protocol: http://msdn.microsoft.com/xml/general/soaptemplate.asp
Returning ADO Recordsets with SOAP Messaging: http://msdn.microsoft.com/xml/articles/soapguide_ado.asp
SOAP Toolkit for Visual Studio: http://msdn.microsoft.com/downloads/default.asp?URL=/code/sample.asp?url=/msdn-files/027/000/242/msdncompositedoc.xml
As JDP customers have deployed Windows 2000 with IIS 5.0 in their dot coms, a few issues have appeared. The following recommendations address these common issues and will help you plan for them or avoid them. The first recommendation below includes information, tools, and resources to make your Windows 2000 deployment easier. Unattended, automated deployments can greatly reduce the amount of time spent installing Windows 2000 on each computer.
Use the Setup Manager deployment tool to simplify the creation of answer files for unattended installations.
Use Sysprep for new installations of Windows 2000 on systems with identical hardware. The latest version of Sysprep is available online: Windows 2000 System Preparation Tool, Version 1.1: http://www.microsoft.com/windows2000/downloads/deployment/sysprep/default.asp
Rename the computer using lowercase and uppercase letters as desired after Windows 2000 has been installed. This is the workaround for a bug discovered in Sysprep during JDP deployments. The bug causes the Mini-Setup Wizard to convert a machine name entered in lowercase letters to all uppercase letters.
Read the Windows 2000 Deployment Planning Guide and other deployment-related information. Windows 2000 – Planning & Deployment: http://www.microsoft.com/windows2000/library/planning/default.asp
SSL Connection Limits
Dot-com businesses must purchase enough Client Access Licenses (CALs) for all Secure Sockets Layer (SSL) connections. This requires careful planning for e-commerce, for example, to estimate the number of simultaneous connections that may be performing secure operations. In e-commerce, secure operations usually involve check-out transactions involving credit cards. If the SSL limit is exceeded, the additional connections will receive a 403.15 error message.
An SSL connection counter is set on the Web server. If you have 15 CALs, then the SSL connection counter is set to 15. This counter is decremented for both anonymous and authenticated users. If an anonymous user browses to a Web site and shops, then begins the payment transaction (transitioning into an SSL session), one SSL connection is consumed for that username. No CALs are consumed. SSL connections do not consume CALs, but the total number of SSL connections is limited to the number of CALs installed on the Web server. See the Knowledge Base article below for more information.
Recommendation If you are experiencing this specific problem where the number of SSL connections is limited by the number of CALs, review the following Knowledge Base article:
- Error Message: HTTP 403.15 - Forbidden: Client Access Licenses Exceeded: http://support.microsoft.com/default.aspx?scid=kb;en-us;264908
The Windows 2000 Internet Server Security Configuration Tool makes it easy to secure a Web server running IIS 5.0. It conducts an interview to determine what services you want to provide and the general way that you'd like for the server to operate. It then generates and deploys a policy to configure the server appropriately. Before using the tool, please be sure to read the Readme file included with it. The tool errs on the side of caution, and locks down many aspects of the system. It's important that you understand the effects this can have before deciding whether to lock down your server.
The HFCheck tool allows IIS 5.0 administrators to ensure that their servers are up to date on all security patches. The tool can be run continuously or periodically, against the local machine or a remote one, using either a database on the Microsoft Web site or a locally-hosted copy. When the tool finds a patch that hasn't been installed, it can display a dialogue or write a warning to the event log.
Recommendations Use Security Configuration tool and HFCheck to configure and maintain security.
Critical Update Notification tool: http://support.microsoft.com/default.aspx?scid=kb;EN-US;224420
Download the Windows 2000 Internet Server Security Configuration Tool: http://www.microsoft.com/technet/security/tools/default.mspx
For the latest information on Windows 2000 Security Services, check TechNet's guide to security: http://www.microsoft.com/technet/security/default.mspx
Hotfix Chaining tool: http://www.microsoft.com/technet/security/tools/locktool.mspx
IIS Lockdown Tool: http://www.microsoft.com
Internet Information Server 4 Security Checklist: http://www.microsoft.com/technet/security/tools/hfnetchk.mspx
Patch Status Checking tool: http://www.microsoft.com/technet/security/tools/hfnetchk.mspx
Product Security Notification: http://www.microsoft.com/technet/security/bulletin/notify.mspx
Secure Internet Information Services 5 Checklist: http://www.microsoft.com/technet/security/chklist/iis5chk.mspx
Security Tools: http://www.microsoft.com
Security Bulletin Search: http://www.microsoft.com/technet/security/current.aspx?productid=15
URL Scan Tool: http://www.microsoft.com/technet/security/tools/urlscan.mspx
Windows 2000 IIS 5.0 Hot fix Checking Tool: http://www.microsoft.com/Downloads/Release.asp?ReleaseID=24168
Monitor and Observe
A good monitoring plan checks performance in all areas in the test lab, in a pilot deployment, and after deployment in production. To improve server performance, examine every part of the system for potential bottlenecks. Bottlenecks can be caused by inadequate or improperly configured hardware or by software settings in either IIS 5.0 or Windows 2000. Once you know how your server is performing, you can begin to make changes aimed at improving performance. The performance tuning paper cited below provides information on monitoring IIS 5.0–based servers in Windows 2000. Although much of the information also applies to IIS 4.0, a number of things are new with IIS 5.0.
Writing high-performance server applications requires that you monitor the traditional performance issues of desktop applications, plus things such as memory allocations, cache lines, caching data, thread proliferation, locking strategies, multiprocessor machines, blocking calls, measurement and analysis, multi-client testing, and real-world scenarios.
You can establish counters to monitor such areas. There are hundreds of performance monitor counters in Windows 2000. Counters help you determine where a bottleneck may be occurring. The performance tuning paper presents a roadmap to tracking down such bottlenecks. You can establish counters and save them, and the Performance Monitor tool will run them routinely, eliminating the need to reestablish counters each time you wish to check performance. You can set alerts on various counters. In addition, you should monitor the event logs every two days at least. When problems arise, these event logs will help detect the source.
Another new feature that was not available prior to IIS 5.0 is process accounting. This allows IIS 5.0 to track the amount of CPU time each ASP and Common Gateway Interface (CGI) application is using. The log files show the amount of time, to the millisecond, during a 24-hour period that any given application is running. This data is useful when trying to track down which applications are running the most on a server or if an application is taking too much processor time.
Designing Apps and Tuning Servers for Performance
To truly maximize the performance of your Web site, you must consider many separate issues. These articles recommended below discuss tuning your IIS 5.0 Web server, ASP performance, optimizing scripting languages, optimizing access to your data, optimizing client-side performance, cache use and so forth.
Recommendation Review these guides to performance for Web server applications.
The Art and Science of Web Server Tuning With IIS 5.0: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/optimize/iis5tune.mspx
Maximizing IIS Performance: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/optimize/perflink.mspx
Server Performance and Scalability Killers: http://msdn.microsoft.com/workshop/server/iis/tencom.asp
25+ ASP Tips to Improve Performance and Style: http://msdn.microsoft.com/workshop/server/asp/ASPtips.asp
Processes and Threads: http://msdn.microsoft.com/library/psdk/winbase/prothred_0n03.htm
Monitor the various event logs: both system and application event logs.
Configure Performance Monitor (Perfmon) for IIS 5.0. Performance Monitor Counters for Web Server Testing: /downloads/details.aspx?FamilyID=e2c0585a-062a-439e-a67d-75a89aa36495&DisplayLang=en
Set alerts to monitor key system resources. Alerts Are Cheap Insurance: http://msdn.microsoft.com/library/techart/smartalerts.htm
Enable process accounting to establish benchmark performance information. How to Enable Logging for Process Accounting for IIS 5.0: http://support.microsoft.com/default.aspx?scid=KB;en-us;243059&sd=tech
Observe, analyze, and test poorly performing applications.
Solutions for Poor Server Performance: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/optimize/sol.mspx
Sever Performance and Scalability Killers: http://msdn.microsoft.com/workshop/server/iis/tencom.asp
Monitoring Reliability and Availability of Windows 2000-based Server Systems
The Windows 2000 Server operating system contains tools to monitor various conditions of the operating system and the computer in general. This paper describes these tools, their metrics, and some of the commonly monitored conditions.
Recommendation Read the paper.
- Monitoring Reliability and Availability of Windows 2000-based Server Systems: http://www.microsoft.com/WINDOWS2000/library/operations/cluster/monitorrel.asp
After you deploy your dot-com Web site, you might like to sit back and relax. However, you can't. Besides updating the content, your site requires some routine management and maintenance. No matter how well you plan the development of your Web site, you are going to have at least a few errors or broken links appearing at some stage. It might not always be your fault. The Web depends on the unimaginably complex mass of inter-site and inter-page links to make it what it is. Maintaining and updating your share of these links is often the biggest headache of all for the site administrator. Windows 2000 with IIS 5.0 provides features and support for tools that you should take advantage of as you manage your site. During the JDP deployments, the following best practices were determined to be useful in managing a dot-com Web site.
Using Terminal Services
Windows 2000 Terminal Services is a technology that lets you remotely execute applications on a Windows 2000-based server from a wide range of devices over virtually any type of network connection. With the integration of Windows 2000 Terminal Services into the core server operating system, you can choose to deploy the latest Windows-based applications in a fully server-centric mode, where applications run entirely on the server.
Recommendation Use Terminal Services where applicable on your Web site.
- Terminal Services Advanced Client: http://www.microsoft.com/windows2000/downloads/recommended/TSAC/default.asp
Using the Provisioning tool
The Web Site Provisioning Tool for Windows 2000 allows ISPs to create and auto-provision new Web sites in a shared hosting environment on Windows 2000 servers, ensuring that they can set up new Web sites more quickly and conveniently.
Recommendation: Use the Provisioning Tool to set up new Web sites.
- Web Site Provisioning Tool for Windows 2000: http://www.microsoft.com/ISN/downloads/web_site_provising_tool.asp
Creating a custom error page can be effective in helping you retain visitors who found your site through an old or partially broken link. As long as the link gets that visitor to your site (that is, it includes your domain) it doesn't matter if the path and filename are wrong. The visitor will get the custom error page. The error messages that your visitors see in the browser are just ordinary HTML pages. You can edit this file to customize it and, more importantly, add links to take the lost visitor to your home page or site map. You should also routinely test the site for general operations and broken links. Web applications contain multiple links to HTML pages, graphics, and other files. The larger the Web application, the more complicated verifying and maintaining these links can be. You can create link diagrams to identify the links between files in a Web application and to find broken links between items.
Recommendation Customize IIS errors, identify broken links, and establish routine Web testing.
Visual InterDev: Link Verification: http://msdn.microsoft.com/library/devprods/vs6/vinterdev/vidref/dvconlinkverification.htm
So You Want to Build a Web Site?: http://msdn.microsoft.com/workshop/management/planning/SITEBLD.asp
Configuring Custom Error Messages in IIS 5.0: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/tips/custerr.mspx
Windows Web Services IIS Maintaining: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/default.mspx
One of the most significant reliability improvements in IIS 5.0 and Windows 2000 Server is the reliable restart feature of IIS 5.0. It allows an administrator to restart Web services without rebooting the computer. By default, IIS 5.0 uses a new utility, IIS Reset, to restart your IIS services automatically if they fail. The downside is that you may not notice problems with the server so easily. Be sure to monitor the Event Log regularly. If you have to restart your Web service, IIS Reset makes it easier by allowing you to stop and restart IIS services and out-of-process Web applications with one command.
In the past, to restart IIS, an administrator needed to start up four separate services after every stoppage, and was required to have specialized knowledge, such as the syntax of the Net command.
Recommendation Use IIS Reset to restart Inetinfo.exe (IIS 5.0) from the command line or scheduler.
Internet Information Services 5.0 Command-Line Syntax for IISreset.exe: http://support.microsoft.com/default.aspx?scid=KB;en-us;202013&sd=tech
New Restart Features in IIS 5.0: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/featusability/restart.mspx
Administering Component Services
You can deploy and administer COM+ applications in two ways. You can use the Component Services administrative tool (a Microsoft Management Console snap-in) or you can write scripts to automate these processes with code that uses administration objects provided through the COMAdmin Library DLL. For a description of how to use these objects, see Automating COM+ Administration. It is found under Creating and Configuring COM+ Applications in the Component Services section of the Microsoft Platform SDK. Using script will allow you to do things such as stopping Mtx.exe to replace a broken DLL.
Most Component Services administrative tasks involve shepherding completed development efforts into use on the network, and ensuring high performance and security for the deployed applications and components. Tasks may include configuring your system for Component Services, making initial services settings, installing and configuring applications, monitoring and tuning component services.
Use the Component Services Administration MMC snap-in to monitor IIS out-of-process pooled applications.
Manage Component Services via COM+ administrative script. Understanding the Component Services Administration Tool: http://www.microsoft.com/com/wpaper/compsvcs.asp
Administrative scripts and example programs are found in the Platform SDK Components for COM and ActiveX Developers: http://msdn.microsoft.com/downloads/default.asp?URL=/code/topic.asp?URL=/msdn-files/028/000/123/topic.xml
Administering Web Services
Administering Web sites can be time consuming and costly, especially for people who manage large ISP installations. To save time and money, many ISPs support only large company Web sites, at the expense of personal Web sites. But is there a cost-effective way to support both? The answer is yes, if you can automate administrative tasks and let users administer their own sites from remote computers. This solution reduces the amount of time and money it takes to manually administer a large installation, without reducing the number of Web sites supported. IIS 5.0 offers technologies to help you.
Recommendation Automate administrative tasks, let users administer their own sites.
Automating Administration for IIS 5.0: http://msdn.microsoft.com/workshop/server/iis/Autoadm.asp
Using the IIS Metabase to Power ASP: http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/tips/metabase.mspx
Scripting to Administer IIS Installation: http://msdn.microsoft.com/library/psdk/iisref/asps0d6b.htm
Windows Media Services
Windows Media Services is completely integrated with Windows 2000 Server, allowing you to integrate streaming multimedia into applications that facilitate corporate communications, e-learning, customer and sales support, news and entertainment services, and product promotions. With Windows Media Services, you can configure and manage high-quality digital media content across the Internet and intranets—delivering live and on-demand content to the maximum number of users.
Recommendation Integrate, share, and publish content with Windows Media Services when possible.
- Windows 2000 Media Services: http://www.microsoft.com/windows2000/guide/server/features/media.asp
Intranets are a powerful and convenient use of the technology you have deployed to run your dot com. Windows 2000 with IIS 5.0 supports Distributed Authoring and Versioning (DAV), which can be of significant value and convenience to your organization. During the JDP deployments, many customers expressed interest in learning more about deploying their technology in intranets.
Recommendation Deploy an intranet.
Intranet resource center from TechNet: http://www.microsoft.com/technet/archive/itsolutions/intranet/default.mspx
Build an Easy Maintenance Intranet Site: Using Office Docs, File System Object, and OLE Structured Storage: http://msdn.microsoft.com/msdnmag/issues/0300/fso/fso.asp
Working with Distributed Authoring and Versioning (DAV) and Web Folders: http://support.microsoft.com/default.aspx?scid=KB;en-us;221600&sd=tech
Using Office Server Extensions: http://www.microsoft.com/insider/default.asp
The Windows 2000 Server operating system integrates Internet technologies across all services. Internet Information Server 5.0 (IIS) is fully integrated at the operating system level, helping organizations quickly and easily add Internet capabilities that weave directly into the rest of their computing infrastructure. IIS 5.0 uses other services provided by Windows 2000, such as security services and the Active DirectoryTM service. It incorporates these advanced features of Windows 2000 to improve reliability, performance, management, security, and application services for dot-com businesses. Operating system features such as pooled process isolation and IIS Reset make Windows 2000 with IIS 5.0 more reliable for dot-com business computing. The best practices in this paper were compiled during deployments at major dot-com businesses taking part in Microsoft's Windows 2000 Joint Development Program. Developers and engineers who worked on the JDP deployments recommend that you follow these practices when setting up a dot-com business.
For More Information
Product Home Page for Windows 2000 - http://www.microsoft.com/windows2000/default.asp
Microsoft Windows 2000 Technology Center - http://www.microsoft.com/technet/prodtechnol/windows2000serv/default.mspx
MSDN Online Windows 2000 Developer Center - http://msdn.microsoft.com/windows2000/
Find Training for Windows 2000 - http://www.microsoft.com/trainingandservices/default.asp?PageID=training&name=course
Windows 2000 for Service Providers - http://www.microsoft.com/ISN/ind_solutions/Windows_2000_service_providersP44048.asp