Internet Information Services (IIS) 6 Resource Kit

Book description

Deploy and support Internet Information Services (IIS) 6.0 with tools and technical information—straight from the Microsoft IIS product team.

Table of contents

  1. Internet Information Services (IIS) 6.0
    1. SPECIAL OFFER: Upgrade this ebook with O’Reilly
    2. A Note Regarding Supplemental Files
    3. Acknowledgments
    4. Introduction
      1. Resource Kit Compact Disc
      2. Document Conventions
        1. Flowchart Symbols
        2. Art Symbols
        3. Reader Alert Conventions
        4. Command-line Style Conventions
      3. Support Policy
    5. I. Deploying Internet Information Services (IIS) 6.0
      1. 1. Overview of Deploying IIS 6.0
        1. Overview of Deploying an IIS 6.0 Web Server
          1. Process for Deploying an IIS 6.0 Web Server
            1. Deploying a New IIS 6.0 Web Server
            2. Upgrading and Migrating a Server to IIS 6.0
        2. Overview of IIS 6.0
          1. IIS 6.0 Benefits and Features
          2. Internet and Intranet Applications on IIS 6.0
        3. Determining Application Compatibility with IIS 6.0
        4. Moving from IIS 5.0 Isolation Mode to Worker Process Isolation Mode
          1. Reviewing Application Isolation Modes
          2. Benefits of Moving to Worker Process Isolation Mode
            1. Security Enhancements
              1. Default process identity for Web sites and applications set to NetworkService
            2. Performance and Scaling Enhancements
              1. Support for processor affinity for worker processes in an application pool
              2. Elimination of inactive worker processes and reclamation of unused resources
              3. Distributing client connections across multiple worker processes
            3. Availability Enhancements
              1. Reduced number of server restarts that are required when administering Web sites and applications
              2. A fault-tolerant request-processing model for Web sites and applications
              3. Isolation of failed worker processes from healthy worker processes
              4. Health monitoring of Web sites and applications
              5. Prevention of Web sites or applications that fail quickly from consuming system resources
              6. Automatic restart of poorly performing Web sites and applications
      2. 2. Deploying ASP.NET Applications in IIS 6.0
        1. Overview of Deploying ASP.NET Applications in IIS 6.0
          1. Process for Deploying ASP.NET Applications in IIS 6.0
            1. Deploy the Web Server
            2. Install ASP.NET Applications
            3. Complete the ASP.NET Application Deployment
        2. Deploying the Web Server
          1. Installing Windows Server 2003
          2. Installing and Configuring IIS 6.0
          3. Enabling ASP.NET in the Web Service Extensions List
        3. Installing ASP.NET Applications
          1. Creating Web Sites and Virtual Directories for each ASP.NET Application
            1. Creating Web Sites and Home Directories
            2. Creating Virtual Directories
          2. Copying ASP.NET Application Content
          3. Enabling Common Storage for ASP.NET Session State
            1. Selecting the Method for Maintaining and Storing ASP.NET Session State
            2. Configuring Out-of-Process Session State with the ASP.NET State Service
            3. Configuring Out-of-Process Session State with SQL Server
            4. Configuring Encryption and Validation Keys
            5. Configuring ASP.NET Applications to Use the Appropriate Session State
              1. Session state is maintained in-process
              2. Session state is maintained out-of-process with the ASP.NET state service
              3. Session state is maintained out-of-process with a computer running Microsoft SQL Server
            6. Securing the ASP.NET Session State Connection String
        4. Completing the ASP.NET Application Deployment
          1. Ensuring the Security and Availability of ASP.NET Applications
          2. Verifying That the ASP.NET Applications Were Deployed Successfully
          3. Backing Up the Web Server
          4. Enabling Client Access
        5. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
          3. Related Windows Server 2003 Help Topics
      3. 3. Securing Web Sites and Applications
        1. Overview of the Securing Web Sites and Applications Process
          1. Process for Securing Web Sites and Applications
            1. Reduce the Attack Surface of the Web Server
            2. Prevent Unauthorized Access to Web Sites and Applications
            3. Isolate Web Sites and Applications
            4. Configure User Authentication
            5. Encrypt Confidential Data Exchanged with Clients
            6. Maintain Web Site and Application Security
        2. Reducing the Attack Surface of the Web Server
          1. Enabling Only Essential Windows Server 2003 Components and Services
          2. Enabling Only Essential IIS Components and Services
          3. Enabling Only Essential Web Service Extensions
          4. Enabling Only Essential MIME Types
          5. Configuring Windows Server 2003 Security Settings
        3. Preventing Unauthorized Access to Web Sites and Applications
          1. Storing Content on a Dedicated Disk Volume
          2. Setting IIS Web Site Permissions
          3. Setting IP Address and Domain Name Restrictions
          4. Setting NTFS Permissions
            1. The user who is accessing the Web sites and applications
            2. The application pool identity that is used by the Web sites and applications
        4. Isolating Web Sites and Applications
          1. Evaluating the Effects of Impersonation on Application Compatibility
            1. Identifying the Impersonation Behavior for ASP Applications
            2. Selecting the Impersonation Behavior for ASP.NET Applications
              1. Impersonation is disabled
              2. Impersonation is enabled
              3. Impersonation is enabled and a specific impersonation identity is specified
          2. Configuring Web Sites and Applications for Isolation
        5. Configuring User Authentication
          1. Configuring Web Site Authentication
            1. Selecting a Web Site Authentication Method
              1. Authentication Methods that Do Not Require or Encrypt User Credentials
                1. Anonymous access
                2. Authentication that is independent of the client configuration and user
              2. Authentication Methods That Encrypt User Credentials
            2. Configuring the Web Site Authentication Method
          2. Configuring FTP Site Authentication
        6. Encrypting Confidential Data Exchanged with Clients
          1. Using SSL to Encrypt Confidential Data
          2. Using IPSec or VPN with Remote Administration
        7. Maintaining Web Site and Application Security
          1. Obtaining and Applying Current Security Patches
          2. Enabling Windows Server 2003 Security Logs
          3. Enabling File Access Auditing for Web Site Content
          4. Configuring IIS Logs
            1. W3C Extended log file format
            2. IIS log file format
            3. NCSA Common log file format
            4. ODBC logging
            5. Centralized binary logging
          5. Reviewing Security Policies, Processes, and Procedures
            1. Identifying changes in Web server configuration that can compromise security
        8. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
          3. Related Windows Server 2003 Help topics
      4. 4. Ensuring Application Availability
        1. Overview of the Ensuring Application Availability Process
          1. Process for Ensuring Application Availability
            1. Establishing Application Availability Goals
            2. Configuring IIS 6.0 for Optimum Availability
            3. Testing Applications for Compatibility
        2. Establishing Application Availability Goals
          1. Setting Service Availability Goals
            1. Measuring Service Availability
          2. Setting Request-Handling Goals
            1. Request-Handling Reliability
              1. Request Processing Time
              2. Testing Request-Handling
        3. Configuring IIS 6.0 for Optimum Availability
          1. Isolating Applications
            1. Determining the Application Isolation Needs of Your Server
            2. Creating Application Pools and Assigning Applications to Them
          2. Recycling Worker Processes
            1. Recycling and Maintaining State
            2. Recycling by Elapsed Time
            3. Recycling by Number of Requests
            4. Recycling at Scheduled Times
            5. Recycling on a Virtual-Memory Threshold
            6. Recycling on a Used-Memory Threshold
          3. Tuning Performance
            1. Managing Isolation and Performance
            2. Configuring Idle Time-out for Worker Processes
            3. Configuring a Request Queue Limit
              1. Managing ASP.NET and Request Queue Limit
            4. Configuring Web Gardens
            5. Setting Processor Affinity on Servers with Multiple CPUs
          4. Managing Application Pool Health
            1. Configuring Worker Process Pinging
              1. Optimizing Ping Intervals
            2. Configuring Rapid-Fail Protection for Worker Processes
            3. Configuring the Startup Time Limit for Worker Processes
            4. Configuring the Shutdown Time Limit for Worker Processes
            5. Enabling Debugging for Application Pool Failures
          5. Configuring Application Pool Identity
        4. Testing Applications for Compatibility
          1. Checking for Known Conflicts with IIS 6.0
          2. Testing Applications for Compatibility with IIS 6.0
            1. Version Detection Incompatibility
            2. Wwwroot and Scripts Retrieval Incompatibility
          3. Testing Applications for Functional Compatibility with IIS 6.0
            1. ISAPIs Not Enabled in the Web Service Extensions Node
            2. MIME Types Incompatibility
              1. Recycling Incompatibility
              2. Overlapped Recycling and Single Instance Application Incompatibility
              3. Subauthentication Is Not Installed
        5. Additional Resources
          1. Related Information
          2. Related Help Topics
      5. 5. Upgrading an IIS Server to IIS 6.0
        1. Overview of Upgrading an IIS Server to IIS 6.0
          1. Process for Upgrading an IIS Server to IIS 6.0
            1. Prepare to Upgrade
            2. Perform the Upgrade
            3. Convert to Worker Process Isolation Mode
            4. Configure IIS 6.0 Properties
            5. Configure IIS to Host ASP.NET Applications
            6. Complete the Upgrade
        2. Preparing to Upgrade
          1. Determining Compatibility with Windows Server 2003
            1. Determining the Compatibility of Existing Windows Servers with Upgrade
            2. Determining the Compatibility of Existing Hardware
            3. Determining the Compatibility of Existing Software
          2. Identifying and Compensating for Changes to IIS 6.0
            1. Ensuring That the WWW Service is Enabled After Upgrade
            2. Compensating for Changes to IIS Components
          3. Determining Application Compatibility with Worker Process Isolation Mode
            1. Evaluating the Benefits of Worker Process Isolation Mode
              1. Security Enhancements
                1. Default process identity for Web sites and applications is set to NetworkService
              2. Performance and Scaling Enhancements
                1. Support for processor affinity for worker processes in an application pool
                2. Elimination of inactive worker processes and reclamation of unused resources
                3. Distributing client connections across multiple worker processes
                4. Ability to Isolate Web sites and applications from each other
              3. Availability Enhancements
                1. Reduced number of Web server restarts required when administering Web sites and applications
                2. A fault-tolerant request processing model for Web sites and applications
                3. Isolation of failed worker processes from healthy worker processes
                4. Health monitoring of Web sites and applications
                5. Prevention of Web sites or applications that fail quickly from consuming system resources
                6. Automatic restart of poorly performing Web sites and applications
            2. Evaluating Application Changes Required for Worker Process Isolation Mode
            3. Evaluating Management and Provisioning Script Changes Required for Worker Process Isolation Mode
            4. Verifying Application Compatibility with Worker Process Isolation Mode in a Lab
          4. Determining Application Compatibility with the .NET Framework
        3. Performing the Upgrade
          1. Backing Up the Server
          2. Verifying That Clients Are Not Accessing Web Sites
          3. Preventing the WWW Service from Being Disabled
            1. Modifying the Registry or Unattended Setup Script
            2. Running the IIS Lockdown Tool
              1. Custom Server Configurations with the IIS Lockdown Tool
              2. Server Roles in the IIS Lockdown Tool
          4. Upgrading the Server to IIS 6.0
          5. Verifying That the Operating System Upgrade Was Successful
          6. Backing Up the IIS 6.0 Metabase
        4. Converting to Worker Process Isolation Mode
          1. Documenting the Current Application Isolation Settings
            1. Application isolation settings
            2. Process identity that is used by the Web site or application
          2. Configuring IIS 6.0 to Run in Worker Process Isolation Mode
          3. Configuring Application Isolation Settings in Worker Process Isolation Mode
            1. For each Web site or application configured in High isolation in IIS 5.0
            2. For each Web site or application configured in Low or Medium isolation in IIS 5.0
          4. Example: Converting to Worker Process Isolation Mode
        5. Configuring IIS 6.0 Properties
          1. Enabling the WWW Service
          2. Configuring Web Service Extensions
          3. Configuring MIME Types
          4. Modifying References to IIS 6.0 Metabase Properties
          5. Upgrading FrontPage Extended Web Sites
          6. Determining Whether to Run the IIS Lockdown Tool and UrlScan
            1. IIS Lockdown Tool
            2. UrlScan
          7. Making Security-Related Configuration Changes
            1. Enabling Essential IIS Components and Services
            2. Removing Unnecessary IIS Virtual Directories
            3. Configuring the Anonymous User Identity
        6. Configuring IIS 6.0 to Host ASP.NET Applications
          1. Configuring IIS 6.0 to Use the Correct Version of the .NET Framework
          2. Configuring the .NET Framework
          3. Reviewing How ASP.NET Applications Run In Each Application Isolation Mode
            1. Behavior of ASP.NET Applications that Are Running in IIS 5.0 Isolation Mode
            2. Behavior of ASP.NET Applications that Are Running in Worker Process Isolation Mode
          4. Migrating Machine.config Attributes to IIS 6.0 Metabase Property Settings
            1. Migrating Recycling-Related Attributes
              1. Migrating the timeout Attribute
              2. Migrating the requestLimit Attribute
              3. Migrating the memoryLimit Attribute
            2. Migrating Performance-Related Attributes
              1. Migrating the webGarden and cpuMask Attributes
              2. Migrating the restartQueueLimit Attribute
              3. Migrating the idleTimeout Attribute
          5. Migrating Health-Related Attributes
            1. Migrating the shutdownTimeout Attribute
            2. Migrating the pingFrequency and pingTimeout Attributes
          6. Migrating Identity-Related Attributes
            1. Migrating the username Attribute
              1. Option 1 Configure IIS 6.0 to use NetworkService
              2. Option 2 Configure IIS 6.0 to use a new service account and grant the account the minimal user rights or group membership to allow the applications to run successfully
              3. Option 3 Configure IIS 6.0 to use a new service account that belongs to the local Administrators group
            2. Migrating the password Attribute
        7. Completing the Upgrade
          1. Verifying That the Web Sites and Applications Run Properly
          2. Backing Up the Server
          3. Enabling Client Access
        8. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
          3. Related Tools
      6. 6. Migrating IIS Web Sites to IIS 6.0
        1. Overview of Migrating IIS Web Sites to IIS 6.0
          1. Process for Migrating IIS Web Sites to IIS 6.0
            1. Prepare for Migration
            2. Deploy the Target Sever
            3. Migrate Web Sites with the IIS 6.0 Migration Tool
            4. Migrate Web Sites Manually
            5. Configure IIS 6.0 Properties
            6. Perform Application-Specific Migration Tasks
            7. Complete the Migration
        2. Preparing for Migration
          1. Identifying Which Web Site and Application Components to Migrate
          2. Determining Compatibility with Windows Server 2003
            1. Compatibility of Existing Hardware
            2. Compatibility of Existing Software
          3. Determining Application Compatibility with Worker Process Isolation Mode
            1. Evaluating the Benefits of Worker Process Isolation Mode
              1. Security Enhancements
                1. Default process identity for Web sites and applications is set to NetworkService
              2. Performance and Scaling Enhancements
                1. Support for processor affinity for worker processes in an application pool
                2. Elimination of inactive worker processes and reclamation of unused resources
                3. Distributing client connections across multiple worker processes
                4. Ability to Isolate Web sites and applications from each other
              3. Availability Enhancements
                1. Reduced number of Web server restarts required when administering Web sites and applications
                2. A fault-tolerant request processing model for Web sites and applications
                3. Isolation of failed worker processes from healthy worker processes
                4. Health monitoring of Web sites and applications
                5. Prevention of Web sites or applications that fail quickly from consuming system resources
                6. Automatic restart of poorly performing Web sites and applications
            2. Evaluating Application Changes Required for Worker Process Isolation Mode
            3. Evaluating Management and Provisioning Script Changes Required for Worker Process Isolation Mode
            4. Verifying Application Compatibility with Worker Process Isolation Mode in a Lab
          4. Determining Application Compatibility with the .NET Framework
          5. Selecting a Migration Method
          6. Identifying the Role of the IIS 6.0 Migration Tool
            1. Migration Tasks That Are Automated by the IIS 6.0 Migration Tool
            2. Migration Tasks That Must Be Completed Manually
              1. Migrating Additional Web Site and Application Content
              2. Configuring Additional Web Site and Application Properties
                1. Performing Application-Specific Migration Tasks
        3. Deploying the Target Server
          1. Installing Windows Server 2003
          2. Installing and Configuring IIS 6.0
        4. Migrating Web Sites with the IIS 6.0 Migration Tool
          1. Installing the IIS 6.0 Migration Tool
          2. Verifying That Clients Are Not Accessing Web Sites
          3. Running the IIS 6.0 Migration Tool
          4. Verifying That the IIS 6.0 Migration Tool Ran Successfully
          5. Migrating Additional Web Site Content
            1. Migrating Content Located Outside the Home Directory of the Web Site
            2. Migrating Content Located in Virtual Directories
          6. Modifying IIS 6.0 Metabase Properties That Reference the Systemroot Folder
        5. Migrating Web Sites Manually
          1. Verifying That Clients Are Not Accessing Web Sites Before a Manual Migration
          2. Creating Web Sites and Virtual Directories
            1. Creating Web Sites and Home Directories on the Target Server
            2. Creating Virtual Directories
          3. Migrating Web Site Content
          4. Configuring Web Site Application Isolation Settings
            1. Documenting the Current Application Isolation Settings on the Source Server
              1. Application isolation settings
              2. Process identity that is used by the Web site or application
            2. Configuring Application Isolation Settings in IIS 5.0 Isolation Mode
            3. Configuring Application Isolation Settings in Worker Process Isolation Mode
              1. For each Web site or application configured in High isolation in IIS 5.0
              2. For each Web site or application configured in Low or Medium isolation in IIS 5.0
        6. Configuring IIS 6.0 Properties
          1. Configuring IIS 6.0 Properties That Reference Local User Accounts
          2. Configuring Web Service Extensions
          3. Configuring MIME Types
          4. Migrating Server Certificates for SSL
          5. Migrating FrontPage Users and Roles
          6. Configuring IIS 6.0 to Host ASP.NET Applications
            1. Configuring IIS to Use the Correct Version of the .NET Framework
            2. Configuring the .NET Framework
            3. Reviewing How ASP.NET Applications Run in Each Application Isolation Mode
              1. Behavior of ASP.NET Applications That Are Running in IIS 5.0 Isolation Mode
              2. Behavior of ASP.NET Applications That Are Running in Worker Process Isolation Mode
            4. Migrating Machine.config Attributes to IIS 6.0 Metabase Property Settings
          7. Determining Whether to Run the IIS Lockdown Tool and UrlScan
            1. IIS Lockdown Tool
            2. UrlScan
        7. Performing Application-Specific Migration Tasks
          1. Modifying Application Code for Compatibility with Windows Server 2003 and IIS 6.0
            1. Modifying References to Windows Platform Components and APIs No Longer Supported in Windows Server 2003
            2. Modifying References to IIS 6.0 Metabase Properties
            3. Modifying Applications To Be Compatible with Worker Process Isolation Mode
          2. Installing Additional Software Required by Applications
          3. Migrating MTS Packages, COM Objects, and COM+ Applications
          4. Modifying ODBC Data Connection Strings and DSNs
            1. Modifying ODBC DSNs
            2. Creating System ODBC DSNs
          5. Creating IP Addresses That Are Used by Applications
          6. Creating Users and Groups That Are Used by Applications
          7. Creating Registry Entries for Applications
        8. Completing the Migration
          1. Verifying That the Web Sites and Applications Migrated Successfully
          2. Backing Up the Target Server
          3. Enabling Client Access
        9. Additional Resources
          1. Related IIS 6.0 Help Topics
          2. Related Windows Server 2003 Help Topics
          3. Related Tools
      7. 7. Migrating Apache Web Sites to IIS 6.0
        1. Overview of Migrating Apache Web Sites to IIS 6.0
          1. Process for Migrating Apache Web Sites to IIS 6.0
            1. Prepare for Migration
            2. Deploy the Target Sever
            3. Perform the Migration
            4. Migrate Apache-Specific Extensions
            5. Configure IIS 6.0 After Migration
            6. Enable Client Access After Migration
        2. Preparing for Migration
          1. Determining Web Site Compatibility with IIS 6.0
          2. Determining Web Site Compatibility with Worker Process Isolation Mode
          3. Identifying the Role of the Migration Tool
          4. Selecting a Migration Tool Installation Option
            1. Source Server Installation Option
            2. Target Server Installation Option
            3. Intermediate Computer Installation Option
        3. Deploying the Target Server
          1. Installing Windows Server 2003
          2. Installing IIS 6.0
          3. Configuring the FTP Service
        4. Performing the Migration
          1. Installing the Migration Tool
            1. Installing the Migration Tool on Computers Running Linux
            2. Installing the Migration Tool on Computers Running Windows
            3. Configuring the Target Server for Migration
          2. Verifying that Clients Are Not Accessing Web Sites
          3. Migrating Web Site Content
          4. Migrating Web Site Configuration
          5. Recovering from an Interruption in the Migration Process
            1. Determining Cause of and Resolving Errors
            2. Restarting the Migration Tool in Recovery Mode
        5. Migrating Apache-Specific Extensions
          1. Migrating Dynamic Content
            1. Run Dynamic Content on a Preprocessor that Ships with IIS
            2. Run Dynamic Content on a Preprocessor External to IIS
            3. Rewrite the Dynamic Content in ASP or ASP.NET
          2. Migrating Database Content and Connectivity
            1. Migrating the Database Content
            2. Migrating the Database Connectivity
              1. Obtain a Version of the Database Connectivity that Runs on IIS 6.0
              2. Convert the Dynamic Content to use Windows Database Connectivity
          3. Migrating External Modules
            1. Obtain Version of External Module that Runs on IIS 6.0 and Windows Server 2003
            2. Convert External Modules to Run on Same Preprocessor as IIS 6.0 and Windows Sever 2003
            3. Rewrite the External Module in ASP or ASP.NET
        6. Configuring IIS 6.0
          1. Configuring Web Service Extensions
          2. Configuring MIME Types
          3. Configuring Web Site Properties
          4. Configuring Server Certificates for SSL
          5. Backing Up the Target Server
        7. Enabling Client Access After Migration
        8. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help topics
          3. Related Windows Server 2003 Help topics
      8. A. IIS Deployment Procedures
        1. Assign Additional IP Addresses to a Network Adapter
        2. Assign a Server Certificate to a Web Site
        3. Back Up and Restore Registry Entries
        4. Back Up and Restore the IIS Metabase
        5. Back Up and Restore the Web Server to a File or Tape
        6. Configure an ASP.NET Application for ASP.NET
          1. Viewing the Script Map for an ASP.NET Application
          2. Configure an ASP.NET Application for ASP.NET
        7. Configure Anonymous User Identity
        8. Configure a Web Site to be FrontPage Extended
        9. Configure Application Identity for IIS 5.0 Isolation Mode
        10. Configure Application Isolation Modes
          1. Configuring IIS for Worker Process Isolation Mode
          2. Configuring IIS for IIS 5.0 Isolation Mode
        11. Configure Application Isolation Settings for IIS 5.0 Isolation Mode
        12. Configure Application Pool Health
        13. Configure Application Pool Identity
        14. Configure Application Pool Performance
        15. Configure Application Pool Recycling
        16. Configure FrontPage Server Roles
        17. Configure FTP Server Authentication
          1. Enable Anonymous FTP Authentication
          2. Enable Basic FTP Authentication
        18. Configure IIS Components and Services
        19. Configure IP Address Assigned to Web Sites
        20. Configure IP Address and Domain Name Restrictions
          1. Grant or deny access to resources for a group of computers
          2. Configure Restrictions Based on Domain
        21. Configure MIME Types
        22. Configure NTFS Permissions
        23. Configure the State Service on the ASP.NET State Server
        24. Configure the Registry
        25. Configure the Web Site Identification Number
        26. Configure Web Server Authentication
        27. Configure Web Service Extensions
        28. Configure Web Site Permissions
        29. Configure Windows Server 2003 Services
        30. Convert Existing Disk Volumes to NTFS
        31. Create a Service Account
        32. Create A SQL Server Database for Storing ASP.NET Session State
        33. Create a Virtual Directory
        34. Create a Web Site
        35. Debug Application Pool Failures
        36. Determine Web Sites Uniquely Identified by IP Addresses
        37. Disable Network Adapters
        38. Enable ASP.NET
        39. Enable Logging
        40. Enable Network Adapters
        41. Enable Security Auditing
        42. Enable the WWW Service After Upgrade
        43. Enable Web Site Content Auditing
        44. Export a Server Certificate
        45. Gather and Display WWW Service Uptime Data
          1. Gathering WWW Service Uptime Data
          2. Displaying WWW Service Uptime Data
        46. Grant User Rights to a Service Account
        47. Install a Server Certificate
        48. Install IIS 6.0
        49. Install Subauthentication
        50. Isolate Applications in Worker Process Isolation Mode
        51. Make a Service Account a Member of the Local Administrators Group
        52. Migrate CDONTS
        53. Modify the IIS Metabase Directly
        54. Monitor Active Web and FTP Connections
        55. Pause Web or FTP Sites
          1. Pausing Web Sites
          2. Pausing FTP Sites
        56. Publish Web Site Content with FrontPage
          1. Extending a Web site
          2. Publishing a Web site
        57. Remove Virtual Directories
        58. Request a Server Certificate
        59. Secure the Root Folder of Each Disk Volume
        60. Secure Windows Server 2003 Built-in Accounts
        61. Set Processor Affinity
        62. Stop the WWW Service
        63. Upgrade FrontPage Extended Web Sites
        64. View Application Isolation Configuration
        65. View Web Site and Application Process Identities
      9. B. Changes to Metabase Properties in IIS 6.0
    6. II. Internet Information Services (IIS) 6.0 Resource Guide
      1. 8. Introducing IIS 6.0
        1. Internet Information Services 6.0
          1. Installing IIS as an Application Server
          2. Enabling Web Service Extensions to Serve Dynamic Content
        2. What's Changed
          1. Reliability Improvements
          2. Manageability Improvements
            1. Metabase Improvements
            2. Programmatic Administration Additions
            3. Logging Enhancements
            4. Troubleshooting
          3. Security Improvements
          4. Performance and Scalability Improvements
        3. IIS 6.0 Resource Guide Tools
          1. Migration Tools
          2. Performance and Troubleshooting Tools
          3. Security Tools
          4. Administration Tools
        4. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
          3. Related Windows Server 2003 Help Topics
          4. Related Tools
      2. 9. IIS 6.0 Architecture
        1. Overview of IIS 6.0 Architecture
          1. IIS 6.0 Request Processing Models
          2. IIS 6.0 Services
          3. Comparing Basic Functionality Between IIS 6.0 and Earlier IIS Versions
        2. IIS 6.0 Services
          1. World Wide Web Publishing Service
          2. FTP Service
          3. SMTP Service
          4. NNTP Service
          5. IIS Admin Service
        3. IIS 6.0 Core Components
          1. HTTP Protocol Stack
            1. How HTTP.sys Works
            2. How HTTP.sys Handles Kernel-Mode Queuing
          2. Worker Processes
          3. WWW Service Administration and Monitoring
            1. HTTP administration
            2. Managing the lifetime of the worker process
          4. Inetinfo.exe
          5. The IIS Metabase
            1. Metabase Elements
            2. Automatic Versioning and History
        4. Application Isolation Modes
          1. Worker process isolation mode
          2. IIS 5.0 isolation mode
          3. Choosing an Application Isolation Mode
            1. Applications that cannot run in worker process isolation mode
            2. Applications that require special handling to run in worker process isolation mode
            3. Application Isolation Mode Defaults
            4. Application Isolation Mode Functions
              1. HTTP SSL (HTTPFilter)
              2. IIS 6.0 Identity vs. IIS 5.0 Identity
          4. Worker Process Isolation Mode
            1. Benefits of Using Worker Process Isolation Mode
            2. Features of Worker Process Isolation Mode
              1. Multiple Application Pools
              2. Application Pool Health Monitoring
              3. Worker Process Recycling
              4. Rapid-Fail Protection
              5. Orphaning Worker Processes
              6. Web Gardens
              7. Processor Affinity
              8. Idle Timeout
              9. Application Pool Identity
            3. How Application Pools Work
            4. Request Processing in Worker Process Isolation Mode
          5. IIS 5.0 Isolation Mode
            1. Application Isolation in IIS 5.0 Isolation Mode
              1. Security Considerations
              2. Performance Considerations
            2. Request Processing in IIS 5.0 Isolation Mode
        5. How ASP.NET Works with IIS 6.0
          1. ASP.NET Request Processing Model
          2. ASP.NET processModel Configuration Settings
          3. When Different Versions of ASP.NET Share the Same Application Pool
        6. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
          3. Related Windows Server 2003 Help Topics
      3. 10. Running IIS 6.0 as an Application Server
        1. Introduction to Running an Application Server
        2. Configuring an Application Server Role
          1. Technologies Offered in the Application Server
            1. Benefits of Enabling ASP.NET
            2. Benefits of Installing FrontPage Server Extensions
          2. Preparing to Install IIS 6.0
            1. Avoid installing IIS on a domain controller
            2. Verify that all disk volumes on your application servers use NTFS
          3. Installing IIS 6.0
        3. Enabling Dynamic Content
        4. Configuring an Application Isolation Mode
          1. Choosing an Application Isolation Mode
            1. Evaluating the Capabilities of the Two Application Isolation Modes
              1. Benefits of Worker Process Isolation Mode
              2. Isolation Options in IIS 5.0 Isolation Mode
            2. Evaluating Application Requirements
              1. Guidelines for Optimizing Application Performance
              2. Applications That Cannot Run in Worker Process Isolation Mode
            3. Security Considerations When Choosing an Application Isolation Mode
            4. Performance Considerations When Choosing an Application Isolation Mode
          2. Configuring an Application Isolation Mode
            1. Setting Isolation for Applications Running in IIS 5.0 Isolation Mode
        5. Creating Application Pools
          1. Guidelines for Creating Application Pools
          2. Configuring Application Pools
        6. Ensuring Application Health in Worker Process Isolation Mode
          1. Monitoring Application Pool Health
            1. Using an ISAPI Extension That Declares Itself Unhealthy
            2. Enabling Debugging
            3. Ensuring Application Pool Health
          2. Recycling Worker Processes
            1. How Worker Process Recycling Works
            2. When and How to Use Worker Process Recycling
            3. Logging Worker Process Recycling Events
          3. Configuring Rapid-Fail Protection
            1. Configuring Rapid-Fail Protection from the Command Line
        7. Managing Resources in Worker Process Isolation Mode
          1. Configuring Web Gardens
          2. Configuring Idle Timeout for a Worker Process
          3. Configuring Shutdown and Startup Time Limits
          4. Enabling CPU Monitoring
            1. Event logging
            2. Shut down the unhealthy application pool (also includes event logging)
            3. Obtaining more detailed CPU monitoring
              1. Enabling CPU Monitoring by Using IIS Manager
              2. Enabling CPU Monitoring from the Command Line
              3. Set the CPU Limit
              4. Set the CPU Reset Interval
              5. Set the CPU Action
          5. Assigning Processor Affinity
        8. Running Web Applications
          1. Enhancements to ISAPI Support
            1. Using HSE_REQ_EXEC_URL to Call Other URLS on the Server
            2. Using HSE_REQ_VECTOR_SEND to Consolidate Multiple Buffers
            3. Using HSE_REQ_REPORT_UNHEALTHY to Recycle a Worker Process
            4. Using HSE_REQ_SEND_CUSTOM_ERROR to Send Custom Error Messages
            5. Using the New Unicode ServerSupportFunctions
          2. Using ASP in IIS 6.0
            1. Improvements to the ASP Programming Environment
              1. COM+ Services in ASP
                1. Apartment model selection
                2. Side-by-side assemblies Side-by-side
                3. COM+ partitions
                4. COM+ tracker
              2. New Metabase Properties for ASP
            2. Security and Performance Enhancements in ASP
              1. ASP Metabase Properties No Longer in Use in IIS 6.0
          3. Setting Application Mappings
            1. Benefits of Using Wildcard Application Mappings Instead of ISAPI Filters
            2. Request Handling with Wildcard Application Mappings
            3. Inserting Wildcard Application Mappings
        9. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
          3. Related Windows Server 2003 Help Topics
          4. Related Tools
      4. 11. Working with the Metabase
        1. Overview of the IIS 6.0 Metabase
          1. IIS 6.0 Metabase Features
            1. The metabase schema can be modified by an administrator
            2. The metabase is 100 percent compatible with IIS 5.0 metabase APIs
            3. Metabase performance and scalability are improved
            4. The metabase incorporates rich functionality
              1. Benefits of Plaintext XML Files
                1. Metabase files can be edited directly by using common text editors
                2. Improved metabase corruption recovery and troubleshooting
                3. Improved metabase backup and restore capabilities
          2. Metabase Terminology
            1. Keys and Locations
            2. XML Terminology Related to IIS
        2. Metabase Structure
          1. The Local Machine Namespace
          2. Property Inheritance
            1. Hierarchical Relationship of Keys
            2. Inheritance
          3. The Metabase Schema
            1. Collections
            2. Properties
            3. Flags
            4. Remaining Collections
        3. Metabase Security
          1. File-Level Security
          2. Encrypted Properties
          3. Checklist: Metabase Security
        4. Backing Up and Restoring the Metabase
          1. Backing Up the Metabase
            1. Portable Backup
            2. Non-portable Backup
          2. The Metabase History Feature
            1. History Folder
            2. Configuring the Metabase History Feature
            3. Naming the Metabase History Files
              1. Metabase Version Numbers
              2. HistoryMajorVersionNumber Property
              3. Minor Version Number
              4. Naming the History Files
            4. Metabase Error Files
          3. Restoring the Metabase
            1. Restoring the Metabase from History Files
            2. Restoring the Metabase from Backup Files
              1. SSL Certificates
            3. Restoring a Section of the Metabase
        5. Editing the Metabase
          1. Best Practices for Maintaining Metabase Integrity
          2. Configuring the Metabase
            1. About the IIS ABOs
            2. Metabase Storage Layer
            3. Adding Comments to the Metabase
          3. Editing Metabase Properties
            1. General Notes for Editing the Metabase
            2. Changing Schema-Defined or Out-of-Schema Properties
            3. Starting or Stopping IIS
          4. Editing the MetaBase.xml File While IIS Is Running
            1. The Edit-While-Running Process
            2. Simultaneous Updates
            3. Enabling Edit-While-Running
          5. Writing the In-Memory Metabase and Schema to Disk
            1. Writing the In-Memory Metabase to Disk
            2. Writing the In-Memory Schema to Disk
        6. Metabase Import and Export
          1. Specifying Metabase Elements for Import or Export
          2. Importing and Exporting a Metabase Element
            1. Before exporting a metabase element
            2. Before importing a metabase element
          3. Setting Inherit and Merge Flags
          4. Exporting Lower-Level Child keys
            1. Importing and Exporting Metabase Elements with IIS Manager
            2. Moving Sites and Applications to Another Computer
            3. Metabase Import/Export Behavior
            4. Machine-Specific and System-Specific Information
        7. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
          3. Related Windows Server 2003 Help Topics
          4. Related Tools
      5. 12. Managing a Secure IIS 6.0 Solution
        1. What's Changed
          1. IIS Installs in a Locked-Down Mode
            1. IIS Lockdown Tool Capabilities Are Built-in
          2. Restrictive MIME Types Reduce the Attack Surface of IIS
            1. Adding MIME Types
            2. Allowing All Extensions
            3. Multiple Worker Processes Affect ISAPI Filter Status Display
            4. ASP-Related Security Changes
              1. ASP and ASP.NET Are Disabled by Default
              2. Parent Paths Are Disabled by Default
              3. Global.asa Events Are Run As Anonymous User
            5. Security-Related Changes in Authentication
              1. Anonymous Password Synchronization is Disabled by Default
              2. Advanced Digest Authentication Requires Windows Server 2003
              3. .NET Passport Authentication Requires LocalSystem User Account Rights
              4. Kerberos Authentication Requires SPNs for Multiple Worker Processes
                1. Using Setspn.exe
                2. Forcing NTLM
            6. Security-Related Changes in Access Control
              1. Access Is Restricted for Executables
              2. Access Is Restricted for Nondefault Identities for CGI Processes
        2. Automatic Installation of Security Patches
        3. Authentication
          1. Anonymous Authentication
          2. Basic Authentication
            1. Logon Types
            2. Token Cache Security Considerations
          3. Digest Authentication
            1. Requirements for Digest Authentication
          4. Advanced Digest Authentication
            1. Requirements for Advanced Digest Authentication
          5. Integrated Windows Authentication
            1. Client Authentication Process
            2. Kerberos and Service Registration
          6. UNC Authentication
            1. Constrained Delegation
              1. Deciding Whether to Use Constrained Delegation
              2. Configuring Constrained Delegation for IIS
          7. .NET Passport Authentication
        4. Access Control
          1. How Access Control Works
          2. NTFS Permissions
            1. Access Control Lists
              1. ACL Tools
                1. Cacls
                2. Xcacls.exe
              2. IIS Default ACLs
              3. Metabase ACLs
          3. Web Site Permissions
          4. IIS and Built-in Accounts
            1. LocalSystem
            2. Network Service
            3. Local Service
            4. IIS_WPG
            5. IUSR_ComputerName
            6. IWAM_ComputerName
            7. ASPNET
            8. Configuring Application Pool Identity
          5. URL Authorization
            1. Using URL Authorization
              1. Enabling the Wildcard Script Map
        5. Encryption
          1. SSL and Certificates
            1. Managing Certificates Programmatically
            2. Server-Gated Cryptography
            3. Cryptographic Service Provider
            4. Client Certificate Mapping
              1. Directory Service Mapping
              2. One-to-One Mapping
              3. Many-to-One Mapping
        6. TCP/IP Port Filtering
          1. Creating an IPSec Policy to Restrict Ports
            1. Example: Creating an IPSec Policy
        7. Secure Code
        8. MIME Types
          1. Inheritance and Merge Behavior
            1. Merge considerations
        9. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
          3. Related Windows Server 2003 Help Topics
          4. Related Tools
      6. 13. Optimizing IIS 6.0 Performance
        1. Overview of Performance Monitoring and Tuning
          1. Using Performance Tools to Obtain a Baseline
            1. System Monitor
            2. Performance Logs and Alerts
            3. Task Manager
            4. Event Tracing with Log Manager and Trace Report
            5. Network Monitor
          2. Monitoring with Performance Counters
            1. Components of a counter path
            2. Sampling methods for counters
            3. Counters Provided by Windows and by IIS
            4. Suggested Performance Counters to Watch
          3. Setting Up Monitoring
            1. Viewing Counter Data in the Performance Console
            2. Using the Predefined System Overview Log
          4. Collecting Useful Data
        2. Managing Network Activity
          1. Estimating Bandwidth Requirements and Connection Speed
            1. Browser Download Time
            2. Server-Side Request Processing
            3. Perceived Delay, Acceptable Delay, and Site Performance
          2. Monitoring Network Activity
            1. Bandwidth and Capacity
            2. Monitoring Data Transmission Rates at Different OSI Layers
              1. Counters for Monitoring Data Transmission Rates at the Application Layer
                1. Analyzing the data
              2. Counters for Monitoring Data Transmission Rates at the Transport and Network Layers
                1. Analyzing the data
              3. Counters for Monitoring Data Transmission Rates at the Data-Link Layer
                1. Analyzing the data
            3. Monitoring File and Message Transfers
              1. Analyzing the Data
            4. Monitoring TCP Connections
              1. Analyzing the Data
          3. Administering Network Resources
            1. Limiting Connections to Manage Resources
            2. Enabling HTTP Keep-Alives to Keep Connections Open
            3. Setting Connection Timeouts to Save Resources
              1. Monitoring with Counters to Evaluate Connection Limits
              2. Setting Connection Timeouts by Using IIS Manager
              3. Setting Connection Timeouts by Editing the Metabase
                1. Setting connection timeouts
                2. Setting request timeouts
                3. Setting response timeouts
              4. Reference to Default Time-out Settings
            4. Using HTTP Compression for Faster Downloads
              1. How HTTP Compression Works
              2. Determining Whether HTTP Compression Will Improve Performance
              3. Choosing Compression Options
              4. Enabling Global HTTP Compression
              5. Configuring HTTP Compression at Specific Metabase Levels
              6. Specifying File Types and Compression Schemes by Editing the Metabase
              7. Specifying the Location and Size of the Compression Directory for Static Compression
                1. Changing the location of the compression directory
                2. Setting a size limit for the compression directory
              8. Disabling HTTP Compression for Requests That Come Through Certain Proxy Servers
            5. Throttling Bandwidth to Manage Service Availability
              1. Determining When and Where to Use Bandwidth Throttling
              2. Enabling Bandwidth Throttling
            6. Using Other Features to Enhance Performance
              1. Using Web Gardens to Enhance Performance
              2. Conserving Processor Resources by Using Idle Timeout
              3. Enabling CPU Monitoring to Conserve Processing Time
                1. Obtaining more detailed CPU monitoring
        3. Controlling Memory Usage
          1. Minimum Memory Requirements for IIS 6.0
          2. Memory Management and Memory Allocation in Windows Server 2003
          3. Monitoring Overall Server Memory
            1. Monitoring Available Memory
            2. Monitoring Paging
            3. Monitoring the File System Cache
            4. Monitoring the Size of the Paging Files
            5. Monitoring the IIS 6.0 Working Set
              1. Monitoring Disk I/O
          4. Optimizing Memory Usage
            1. Improve Data Organization
            2. Increase the Efficiency of High-Traffic Web Sites
            3. Try Disk Mirroring or Striping
            4. Add or Enlarge Paging Files
            5. Retime the IIS Object Cache
            6. Change the Balance of the File System Cache to the IIS 6.0 Working Set
            7. Limit Connections
            8. Limit the Queue Length for Application Pools
            9. Adjust Resource Allocation in Windows
            10. Limit Performance Logging
        4. Preventing Processor Bottlenecks
          1. Identifying Processor Bottlenecks
            1. Monitoring Processor Activity
              1. Analyzing Processor Activity Data
              2. Optimizing Processor Activity
            2. Monitoring Connections
              1. Optimizing Connections
            3. Monitoring Threads
              1. Monitoring Threads and Context Switches
              2. Monitoring Interrupts and Deferred Procedure Calls
              3. Optimizing Thread Values
          2. Improving Processor Performance
            1. Upgrade the L2 cache
            2. Add network adapters
            3. Upgrade network adapters
            4. Upgrade to a multiprocessor computer
            5. Assign processor affinity to better use CPU caching
            6. Limit connections
            7. Adjust the maximum number of threads
            8. Redesign the Web site
        5. Improving Application Performance
          1. Testing Applications with Stress Tools
            1. Measuring Performance by Using a Stress Client
            2. Using WCAT as a Stress Client
            3. Estimating Baseline Performance for Applications
          2. Monitoring and Tuning Applications
            1. Monitoring Applications That Use the WWW Service
            2. Monitoring ASP Performance
              1. Analyzing the Data
            3. Tuning ASP Metabase Settings
              1. AppAllowDebugging
              2. AspBufferingOn
              3. AspProcessorThreadMax
              4. AspQueueConnectionTestTime
              5. AspRequestQueueMax
              6. AspScriptEngineCacheMax
              7. AspScriptFileCacheSize
              8. AspDiskTemplateCacheDirectory
              9. AspSessionTimeout and AspSessionMax
              10. AspTrackThreadingModel
              11. CacheISAPI
            4. Monitoring ASP.NET Performance
              1. Useful Counters for Monitoring ASP.NET Applications
              2. Useful Counters for Troubleshooting ASP.NET Performance Problems
        6. Balancing Performance and Security
          1. Configuring ServerCacheTime for SSL Sessions
          2. Testing How Security Features Affect Performance
            1. Measuring Security Overhead by Using a Stress Client
          3. Tracking Anonymous and Nonanonymous Requests
          4. Watching 404 Not-Found Errors
          5. Analyzing Security Data and Planning Upgrades
            1. Upgrade or add processors
            2. Add memory
            3. Use custom hardware
        7. Optimizing Performance Through Design
          1. Optimizing Application Design and Administration
            1. Upgrading Hardware to Improve Application Performance
            2. Optimizing Application Design
            3. Optimizing the Design of ASP Applications
            4. Optimizing Network Administration and Design
          2. Creating a More Efficient Web Site
            1. Obtaining a Page-Load Performance Profile
            2. Optimizing a Page-Load Performance Profile
              1. Verify That HTTP Keep-Alives Are Enabled
              2. Set HTTP Compression
              3. Set Expiration Dates on Files
              4. Identify Slow-Loading Files
              5. Remove Unneeded File Content
              6. Measure File Quantity and Size
              7. Determine Your Port Usage
              8. Control Screen Refreshes
            3. Best Practices for Creating Efficient Sites
              1. Use design elements judiciously
              2. Ensure that developers design scripts and code that load quickly
              3. Test load times for your pages
          3. Partnering with Other Groups to Improve Performance
        8. Additional Resources
          1. Related IIS 6.0 Help Topics
          2. Related Windows Server 2003 Help Topics
          3. Related Tools
      7. 14. Web Server Scalability
        1. Scaling IIS 6.0
          1. Scalability Features in IIS 6.0
            1. Worker process isolation mode
            2. On-demand process start
            3. HTTP Keep-Alives
            4. Web gardens
            5. Processor affinity
            6. Idle timeout for worker processes
            7. Bandwidth throttling
            8. HTTP compression
            9. 64 GB cache capacity
            10. Centralized binary logging
          2. Scalability Features in Windows Server 2003
            1. Kernel-mode driver
            2. 64-bit support
            3. WSRM
            4. DFS
            5. FRS
        2. Improving IIS 6.0 Scalability and Availability with Network Load Balancing
          1. IIS Responses to Load-Balanced Application Pool Behaviors
            1. IIS Response When a Load-Balanced Application Pool Enters Rapid-Fail Protection
            2. IIS Response When a Load-Balanced Application Pool Exceeds a Configured CPU Threshold
            3. IIS Response When a Load-Balanced Application Pool Is Disabled by an Administrator or an Administrator Shuts Down the WWW Service
            4. IIS Response When the Kernel-Mode Request Queue Is Full
          2. Preserving Session State in Network Load Balancing Web Server Clusters
            1. Preserving Session State with ASP Web Applications in Network Load Balancing
            2. Preserving Session State with ASP.NET Web Applications in Network Load Balancing
        3. Improving Scalability by Optimizing IIS 6.0 Queues
          1. TCP/IP Queue
          2. Kernel Request Queue
          3. ASP Request Queue
            1. Tuning AspProcessorThreadMax
            2. Tuning AspRequestQueueMax
            3. Additional Metabase Properties
              1. AspQueueTimeout
              2. AppPoolQueueLength
          4. ASP.NET Request Queues
            1. ASP.NET Counters
              1. Request Execution
              2. Requests Queued
              3. Requests Rejected
              4. Request Wait Time
            2. ASP.NET Application Counters
              1. Requests Executing
              2. Requests In Application Queue
              3. Pipeline Instance Count
          5. Registry Entries for Thread Pool Queuing
            1. MaxPoolThreads
            2. PoolThreadLimit
        4. Improving Scalability by Optimizing IIS 6.0 Caches
          1. URI Cache
          2. Token Cache
          3. File Cache
          4. HTTP.sys Response Cache
            1. HTTP.sys Cache Counters
            2. Events and Conditions That Disable HTTP.sys Response Caching
          5. ASP Caching
            1. ASP Template Caching
            2. Script Engine Caching
            3. Setting the ASP Cache Metabase Property and Registry Entry
              1. AspScriptFileCacheSize
              2. DisableLazyContentPropagation
          6. Global IIS Caching Registry Entries
            1. DisableMemoryCache
            2. MemCacheSize
            3. ObjectCacheTTL
        5. ISP Scaling — Strategies for Hosting Thousands of Sites
          1. Shared Static Hosting
            1. Administer IIS by using command-line administration scripts or batch files
            2. Create a logical folder structure
            3. Use host header names to create multiple sites on one server
            4. Put all static sites in one application pool
            5. Run all static sites with the same anonymous user account
            6. Recycle the application pool worker process (optional)
            7. Monitor startup times
            8. Monitor performance
            9. Enable centralized binary logging
            10. Partition log files on multiple disks
          2. Shared Static and Dynamic Hosting
            1. Separate static and dynamic content sites in different application pools
            2. Set content quotas for sites
            3. Consider enabling Quality of Service (QoS) features for sites that are resource-intensive
            4. Configure one unique anonymous user per site
            5. Develop processes for handling service packs, security patches, and hotfixes
            6. For ASP content, allow ASP pages to run on MTA instead of STA
            7. If you need to set up more than 60 application pools where each pool is running as a unique identity on a server, change the UseSharedWPDesktop registry key
            8. If IIS is spinning up too many worker processes and your server is running out of resources, set a maximum number of concurrent worker processes
            9. Locate misbehaving applications and isolate them in their own application pool
          3. Dedicated Hosting
            1. Configure one unique application pool per Web site
            2. Configure one unique anonymous user per site
            3. Configure one unique user to run as the process identity of the application pool
        6. Improving Scalability Through UNC–Based Centralized Content Storage
          1. Caching UNC–based Files
            1. Last-Modified Caching
            2. ASP Change-Notification Caching
          2. UNC–based Caching Considerations
            1. MaxMpxCt
            2. MaxWorkItems
            3. MaxCmds
          3. UNC–based Caching Scenarios
            1. Scenario 1: Wide Content, Low Traffic
            2. Scenario 2: Wide Content, High Traffic
            3. Scenario 3: Narrow Content, High Traffic
          4. UNC Authentication
          5. Constrained Delegation for UNC File Content
        7. Case Study: Scaling an ASP.NET Web Application on IIS 6.0
          1. Capacity Planning
            1. Preparing to Test
            2. Interpreting Test Data
          2. Tuning Production Servers
            1. Use RAID
            2. Delete unused default documents
            3. Shut down unused services
            4. Change file and printer sharing defaults
          3. Scaling Up
          4. Scaling Out
        8. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
          3. Related Tools
      8. 15. Configuring Internet Sites and Services
        1. DNS Overview
          1. Namespace Planning for DNS
          2. Registering a DNS Domain Name
        2. Configuring Web Sites
          1. Creating and Setting Up Web Sites
            1. Home Directories
            2. Virtual Directories
            3. WebDAV Publishing Directories
              1. Making the WebDAV Publishing Directory Available to Users
              2. Enabling WebDAV Redirector
          2. Configuring Web Site Properties
            1. Modifying the Default Web Site
              1. Modifying Default Web Site Identity Settings
              2. Modifying the Default Authentication Method
              3. Modifying the Default Physical File Location
              4. Enabling and Configuring Log File Formats
              5. Specifying the Application Pool
              6. Extending Web Sites with FrontPage 2002 Server Extensions
            2. Redirecting Requests
              1. Redirecting to Dynamic Content
          3. Securing Web Sites
            1. Securing WebDAV Publishing Directories
              1. Setting the Client Authentication Method
              2. Configuring Access Control
          4. Hosting Multiple Web Sites on the Same Server
            1. Port-Based Routing
            2. IP-Based Routing
            3. Host-Header Routing
              1. Host-Header Routing and SSL
        3. Configuring FTP Sites
          1. Installing the FTP Service
          2. Configuring FTP Site Properties
            1. Configuring Site Messages
            2. Setting the Directory Output Style
            3. Setting the Authentication Method
            4. Setting the Passive Connection Port Range
          3. Securing FTP Sites
          4. Creating Additional FTP Sites
          5. Hosting Multiple FTP Sites with FTP User Isolation
            1. Do Not Isolate Users Mode
            2. Isolate Users Mode
            3. Isolate Users Using Active Directory Mode
              1. User Home Directories
              2. Configuring Isolate Users Using Active Directory Mode
        4. Configuring the NNTP Service
          1. Installing the NNTP Service and Setting Up NNTP Virtual Servers
            1. Virtual Servers
            2. File and Message Types
            3. Virtual Directories
          2. Configuring NNTP Virtual Server Properties
          3. Securing NNTP Virtual Servers
            1. Configuring Access-Related Settings
              1. Authentication
              2. Certificate
              3. Connection
              4. Setting Post and Connection Limits
              5. Assigning Administrative Credentials
              6. Creating ACLs
          4. Creating and Managing Newsgroups
            1. Creating Newsgroups
            2. Moderating Newsgroups
            3. Managing Newsgroup Messages
              1. Setting Expiration Policies
              2. Setting Expiration Policies Using Rexpire.vbs
              3. Deleting Messages Using Rcancel.vbs
            4. Limiting Newsgroup Enumeration
            5. Managing Sessions
              1. Managing Sessions Using Rsess.vbs
            6. Using Control Messages
              1. Generating Control Messages
              2. Restricting Access to Control Messages
          5. Rebuilding the NNTP Service
          6. Backing Up and Restoring an NNTP Virtual Server
          7. Enabling and Managing Newsfeeds
            1. Enabling Newsfeeds
            2. Adding, Deleting, and Modifying Newsfeeds
        5. Configuring the SMTP Service
          1. Installing the SMTP Service and Creating an SMTP Virtual Server
            1. Default Settings
          2. Configuring an SMTP Virtual Server as a Smart Host
            1. Setting Delivery Properties
          3. Securing SMTP Virtual Servers
            1. Configuring Access-Related Settings
              1. Authentication
              2. Certificate and Communication
              3. Connection
              4. Relay
              5. Limiting Administrative Access
              6. Setting Messages Limits
          4. Organizing Messages Using SMTP Domains
            1. Organizing Messages Using Local Domains
            2. Organizing Messages Using Remote Domains
        6. Additional Resources
          1. Related Information
          2. Related Windows Server 2003 Help Topics
      9. 16. IIS 6.0 Administration Scripts, Tips, and Tricks
        1. Creating and Configuring a Site Programmatically
          1. Variables
          2. Setting Up and Configuring DNS
          3. Creating Directories
            1. Creating Directories Remotely
          4. Adding Temporary Content
            1. Adding Temporary Content Remotely
          5. Creating Web Sites
            1. Creating Web Sites Remotely
            2. Providing Additional Host Headers
              1. Providing Additional Host Headers Remotely
          6. Installing and Setting Up FrontPage 2002 Server Extensions
            1. Installing FrontPage 2002 Server Extensions Locally
            2. Security Considerations for Installing FrontPage 2002 Server Extensions Remotely
          7. Creating FTP Sites
            1. Setting Up FTP Virtual Directories
              1. Setting Up FTP Remotely
          8. Setting ACLs
            1. Recommended and Inherited ACLs
            2. Setting ACLs Remotely
          9. Including Verification and Error Checking
          10. The Complete Batch File
        2. Creating a Web Site from a Template
        3. Managing IIS 6.0 Programmatically by Using ADSI
          1. IIS ADSI Objects
          2. IIS ADSI Security
          3. Adsutil.vbs IIS Administration Utility
            1. Parameters for Adsutil.vbs
            2. Commands for Adsutil.vbs
        4. Managing IIS 6.0 Programmatically by Using WMI
          1. IIS WMI Provider
            1. Advantages of Using the IIS WMI Provider
            2. Comparing the IIS WMI Provider with the IIS ADSI Provider
            3. Object Hierarchy in IIS WMI Provider
              1. WMI Class Types
              2. WMI Element Classes
              3. WMI Setting Classes
              4. WMI Association Classes
            4. Sample WMI Scripts
              1. Enumerating Virtual Directories
              2. Recycling Application Pools
        5. Managing Server Certificates Programmatically
          1. Managing Server Certificates by Using IISCertObj
            1. Setting IISCertObj Properties
            2. Applying IISCertObj Methods
              1. Copy
              2. Export
              3. GetCertInfo
              4. Import
              5. ImportToCertStore
              6. IsExportable
                1. IsInstalled
                2. Move
                3. RemoveCert
              7. Sample Server Certificate Management Scripts
                1. Importing server certificates to multiple servers
                2. Saving backup copies of server certificates in a central archive
                3. Copying a server certificate from an existing server to a new server
          2. Extracting Server Certificate Information with a CAPICOM-Based Script
            1. Registering CAPICOM.dll
        6. Managing IIS 6.0 Remotely
        7. Scheduling IIS 6.0 Backups
          1. Backing Up IIS Content
          2. Backing Up IIS Configuration
        8. Restarting and Alternatives to Restarting IIS 6.0
          1. Automatic Restart
          2. Worker Process Isolation Mode
        9. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
            1. Related Windows Server 2003 Help Topics
      10. 17. Analyzing Log Files
        1. New in Logging
          1. Events Are Logged by HTTP.sys
          2. Substatus Error Code Logging
          3. Centralized Binary Logging
          4. HTTP.sys Error Logging
          5. Remote Logging
        2. Log File Formats in IIS
          1. UTF-8 Format for Non-English Languages and Security
          2. Log File Locations and ACLs
          3. W3C Extended Log File Format
            1. W3C Extended Log File Examples
              1. Example of an Intranet Site
              2. Example of an Internet Site
              3. Example of an FTP Site
            2. Substatus Error Codes
          4. NCSA Common Log File Format
            1. NCSA Common Log File Example
          5. IIS Log File Format
            1. IIS Log File Example
          6. ODBC Logging
          7. Centralized Binary Logging
            1. When to Use Centralized Binary Logging
            2. Centralized Binary Logging File Format
        3. HTTP.sys Error Log Files
          1. Common HTTP.sys Error Log File Entries
          2. Configuring HTTP.sys Error Logging
            1. Registry Parameters
          3. Log File Format for HTTP.sys Error Logging
            1. HTTP.sys Reason Phrases
              1. Connection_Abandoned_By_AppPool
              2. Connection_Dropped
              3. Various connection time-out errors
              4. Various errors
                1. Internal
                2. N/I
                3. All 503 errors
                4. Version_N/S
            2. HTTP.sys Error Log File Examples
        4. Custom Logging Modules
          1. Custom Logging Considerations
        5. Additional Resources
          1. Related Information
          2. Related Help Topics
          3. Related Tools
      11. 18. Troubleshooting IIS 6.0
        1. Overview of Troubleshooting IIS 6.0
          1. Troubleshooting Methodology
            1. Phase 1: Discovery
              1. Interview the user who reported the problem
              2. Examine the records
            2. Phase 2: Planning
              1. Phase 3: Problem Reproduction
              2. Phase 4: Problem Isolation
              3. Phase 5: Analysis
        2. Tools for Troubleshooting IIS 6.0
          1. WFetch
          2. File Monitor and Registry Monitor
            1. Tips for Using File Monitor and Registry Monitor for Troubleshooting
          3. IIS 6.0 Enterprise Tracing for Windows
          4. Network Monitor
            1. Tips for Using Network Monitor for Troubleshooting
          5. System Monitor
          6. HRPlus
          7. Microsoft Debugging Tools for Windows
        3. IIS Fundamentals
          1. HTTP Protocol Basics
            1. HTTP Connection Management
            2. HTTP Authentication
          2. IIS Service Startup
            1. HTTP.sys
            2. IIS Admin Service
            3. WWW Service
            4. Worker Process Startup
          3. HTTP Request Walkthrough
            1. Common Request Operations
            2. Requests for Static Content
            3. Requests Handled by ISAPI Extensions
            4. CGI Requests
        4. Common Troubleshooting Tasks
          1. Disabling HTTP Friendly Error Messages in Internet Explorer
          2. Generating an HTTP Request
          3. Checking Basic Functionality with Test Request Files
            1. Static Content Test Request File
            2. ASP Test Request File
            3. ASP.NET Test Request File
            4. Testing Simple Object Creation
            5. Testing Application Code Outside of IIS
          4. Browsing with Different Host Name Styles
          5. Using Substatus and Win32 Errors in W3C Extended Logging
          6. Configuring the WWW Service to Log Worker Process Recycling Events
          7. Checking NT System and Application Event Logs
          8. Checking the HTTP Error Log
          9. Checking the IIS Logs
          10. Restarting IIS Services
            1. Restarting a Web Site
            2. Recycling an Application Pool
            3. Stopping an Application Pool
            4. Restarting the WWW Service
          11. Identifying Worker Process Process ID
        5. HTTP Status Codes
          1. HTTP 1xx-2xx — Informational and Success Codes
          2. HTTP 3xx — Redirection Codes
            1. 301-Permanent Redirect
            2. 302-Object Moved
            3. 304-Not Modified
            4. 307-Temporary Redirect
            5. Courtesy Redirects
          3. HTTP 40x — Client Error Codes
            1. HTTP 400-Cannot Resolve the Request
            2. HTTP 401.x-Unauthorized
            3. 401.1 and 401.2 — Authentication Problems
              1. Initial Isolation
              2. Multiple Authentication Methods
              3. LogonMethod Default Has Changed
              4. No Authentication Methods Selected (AuthFlags=0)
              5. Anonymous Accounts (IUSR_ComputerName) Attempting Sub-authentication Logon Receive the 401.1 Error: Logon Failed
                1. Non-Anonymous authentication
                2. Basic authentication
                3. Integrated Windows authentication
            4. HTTP 403.x-Forbidden
            5. HTTP 404.x-File or Directory Not Found
              1. 404.1-Web Site Not Accessible on the Requested Port
              2. 404.2-Lockdown Policy Prevents This Request
              3. 404.3-MIME Map Policy Prevents This Request
            6. 405-HTTP Verb Used to Access This Page Is Not Allowed
            7. 407-Initial Proxy Authentication Required by the Web Server
            8. 413-Request Entity Is Too Large
            9. 414-Request URL Is Too Large and Therefore Unacceptable on the Web Server
          4. HTTP 5xx Server Error Codes
            1. HTTP 500.x — Internal Server Error Codes
              1. 500.11 and 500.12-Application State Issues
              2. 500.13-Web Server Too Busy
              3. 500.16-UNC Authorization Credentials Are Incorrect
              4. 500.17 and 500.18-IIS URL Authorization Issues
            2. 503-Service Unavailable
          5. Other HTTP.sys Error Log Errors
        6. Troubleshooting Configuration Problems
          1. Preserving the Integrity of XML in the IIS Metabase
          2. Troubleshooting Problems with UNC Content
            1. Accessing and Executing Remote Content
              1. Logging On
              2. Accessing the Remote Server
              3. Executing the Remote Content
              4. Working in a Domain Environment
              5. Working in a Workgroup Environment
            2. Troubleshooting File Caching Problems
              1. ASP and Static File Caching Changes
              2. Troubleshooting Problems with Stale Content
            3. Troubleshooting Performance Problems with UNC Content
            4. Troubleshooting IIS Manager and UNC Content Problems
            5. Troubleshooting Errors That Occur When UNC Content Is Under High Load
              1. Modifying the MaxUserPort Registry Entry
              2. Checking the File Server Setting
              3. Modifying the Work Item Configuration
            6. Troubleshooting Logging Problems
              1. Logging Security Configuration
                1. Configuration process
                2. Event ID 15000, 15001, and 15003
                3. Event ID 15002 and Event ID 15004
              2. Logging Headers
              3. "…" Present in Log Files
              4. UTF-8 Logging Problems
        7. Troubleshooting HTTP.sys Problems
          1. Configuring the IP Inclusion List
            1. Event ID 15014
            2. Event ID 15015
            3. Troubleshooting HTTP.sys Communication Problems
        8. Troubleshooting Miscellaneous Problems
          1. Metabase Site IDs Are Unexpected Numbers
          2. Anonymous Users Performance Counters in IIS 6.0
          3. CGI Processes Will Not Start
          4. Clients Cannot Connect to the Server
          5. Client Requests Error Out or Time Out
        9. Advanced Troubleshooting
          1. Troubleshooting with a Debugger
          2. Troubleshooting Low CPU Hangs
          3. Troubleshooting High CPU Hangs
          4. Troubleshooting Crashes
          5. Troubleshooting Memory Problems
          6. IIS 6.0 Debugging Features
            1. Enabling Debugging
            2. Limitations of Health Detection
        10. Additional Resources
          1. Related Information
          2. Related IIS 6.0 Help Topics
          3. Related Windows Server 2003 Help Topics
          4. Related Tools
      12. C. Common Administrative Tasks
        1. Overview of Common Administrative Tasks
        2. Important First Tasks in IIS 6.0
          1. Starting IIS Manager
          2. Starting and Stopping Services and Sites
            1. Saving Your Configuration to Disk
            2. If You Receive an Error Stating That IISReset Is Disabled
            3. Starting or Stopping IIS Services and Sites
          3. Enabling and Disabling Dynamic Content
            1. Enabling ASP Pages
            2. Installing and Enabling ASP.NET
          4. Creating a Web Site or an FTP Site
          5. Creating Virtual Directories
        3. Tasks New to IIS 6.0
          1. Creating and Isolating Applications
          2. Creating Application Pools
          3. Configuring Recycling
          4. Backing Up and Restoring the Metabase
          5. Saving and Copying Site Configurations
        4. Security-Related Tasks
          1. Setting Web Site Authentication
            1. Configuring Anonymous Authentication
            2. Configuring Basic Authentication
            3. Configuring Digest Authentication
              1. Configuring the Realm Name
            4. Configuring Advanced Digest Authentication
              1. Enabling Digest authentication and Configuring the Realm Name
              2. Setting the UseDigestSSP Metabase Property
            5. Configuring Integrated Windows Authentication
            6. Enabling .NET Passport Authentication
          2. Setting FTP Site Authentication
            1. Enabling Anonymous FTP Authentication
            2. Enabling Basic FTP Authentication
          3. Obtaining and Backing Up Server Certificates
            1. Issue your own server certificate
            2. Obtain a server certificate from a certification authority
          4. Controlling Access to Applications
            1. Securing Your Files with NTFS Permissions
            2. Securing Your Web Site with Web Permissions
            3. Restricting Access to Your Web Site by Using IP Addresses
        5. Tasks for Managing Servers and Applications
          1. Using Host Header Names to Host Multiple Web Sites
          2. Redirecting Web Sites
          3. Assigning Resources to Applications
        6. Tasks for Administering Servers
          1. Administering Servers from the Command Line
            1. Supported Command-Line Scripts
            2. Adsutil.vbs IIS Administration Utility
          2. Administering Servers Remotely
      13. D. Unattended Setup
        1. Creating an Answer File
        2. Installing IIS 6.0 with the Operating System
        3. Installing IIS 6.0 After the Operating System
      14. E. Using FrontPage 2002 Server Extensions with IIS 6.0
        1. Overview of FrontPage 2002 Server Extensions
          1. Why Use FrontPage 2002 Server Extensions?
          2. FrontPage Server Extensions Terminology
        2. Preparing to Extend Web Sites
          1. Installing and Enabling FrontPage Server Extensions
            1. IIS 6.0 Application Isolation Modes
            2. Installing FrontPage 2002 Server Extensions
            3. Enabling Web Service Extensions
              1. To enable Web service extensions
          2. Creating Web Sites to Extend as Virtual Servers
          3. Securing FrontPage 2002 Server Extensions
            1. User Authentication
            2. File System Security
        3. Extending and Configuring Web Sites
          1. Extending Web sites
            1. To extend a Web site by using the Server Administration pages
          2. Configuring Extended Web Sites
          3. Configuring Web Sites
          4. Using Command-Line Tools
        4. Configuring Advanced Security and Customization
          1. Using Roles to Manage User Rights
          2. Authenticating Users Separately for Each Extended Web Site
          3. Connecting Web Sites to UNC Network Shares
      15. F. IIS 6.0 Performance Counters
        1. Web Service Counters for the WWW Service
        2. Web Service Cache Counters for the WWW Service
        3. FTP Service Counters
        4. Internet Information Services Global Counters
        5. SNMP Counters
          1. SNMP FTP Service Counters
          2. SNMP HTTP Service Counters
        6. Active Server Pages Performance Counters
        7. ASP.NET Performance Counters
          1. ASP.NET Counters
          2. ASP.NET Applications Performance Counters
      16. G. IIS 6.0 Event Messages
        1. Event Logging Overview
        2. WWW Service Events
        3. WWW Service Worker Process Events
        4. ASP Events and Errors
          1. AspLogErrorRequests
            1. AspErrorsToNTLog
          2. ASP Events
          3. ASP Errors
        5. FTP Service Events
        6. WWW Service Performance Counter Events
      17. H. Centralized Binary Log File Format
        1. Centralized Binary Logging
          1. File Names
          2. Record Order
          3. Record Types
            1. Header Record
            2. File Footers
            3. Inline Records
              1. Unique identifier for URLs
              2. IP address type
            4. Cache or User-Mode Request
            5. Cache-Hit Record
            6. Cache-Miss Record
            7. Log File Index Mapping Record
            8. Cache Flushes
      18. I. IPv6 and IIS 6.0
        1. Summary of Protocol Changes from IPv4 to IPv6
        2. Comparing IPv4 and IPv6 Addresses
          1. Comparing Address Formats
            1. Compressing Zeros in IPv6 Addresses to the Double-Colon Format
            2. Understanding Prefixes
          2. Comparing Address Types
            1. Unicast Addresses
            2. Types of Transition IPv6 Addresses
              1. IPv4-compatible addresses
              2. IPv4-mapped addresses
              3. 6to4 addresses
            3. Global Addresses
        3. How IIS 6.0 Supports IPv6
          1. Differences in IIS Functionality Between IPv4 and IPv6
          2. Using the IPv6-Aware ISAPI Server Variables
          3. How Installing IPv6 Affects Web Browser Use and Client Connectivity
        4. Securing IPv6 Networks
          1. General Recommendations for Securing IPv6 Networks
          2. Securing with IPSec on IPv6 Networks
        5. Installing or Removing IPv6
        6. Additional Resources
          1. Related Information
          2. Related Windows Server 2003 Help Topics
          3. Related Tools
    7. Glossary
    8. 19. Minimum System Requirements
    9. Index
    10. SPECIAL OFFER: Upgrade this ebook with O’Reilly

Product information

  • Title: Internet Information Services (IIS) 6 Resource Kit
  • Author(s):
  • Release date: September 2003
  • Publisher(s): Microsoft Press
  • ISBN: 9780735614208