What is IIS?
IIS Manager is a graphical interface for configuring your application pools or your
Web, FTP, SMTP, or NNTP sites. With IIS Manager, you can configure IIS security,
performance, and reliability features. You can add or delete sites; start, stop,
and pause sites; back up and restore server configurations; and create virtual directories
for better content management, to name only a few of the administrative capabilities.
In previous releases of IIS, this tool was called the Internet Service Manager.
What is the full form of IIS?
Internet Information Server.
What is a Web service extension and how do I use the Web Service Extensions
folder? (IIS 6.0)
The Web Service Extensions folder is the user interface for the new IIS 6.0 lockdown
feature. This feature is a manifest of ISAPI extensions and CGIs with user-specified
permissions, meaning, administrators must set the permissions to allow specific
ISAPIs and CGIs to run on your server. Administrators can also specify the names
of ISAPIs or CGIs that are forbidden to run on your server. Before loading an ISAPI
extension .dll file or CGI .exe file, IIS checks this manifest for the permissions
on the file. If the file is permitted to run, then the request proceeds normally.
If the file is not permitted to run, then IIS returns a 404.2 error response to
the client machine. The HTML page for a 404.2 error looks like a standard 404 error
page, so the client machine processes the request as though the file did not exist.
IIS logs the 404.2 error, which administrators can view to assess problems or potential
threats against the server.
How do I publish documents or Web pages? (IIS 6.0)
1.Move your files to the \Inetpub\Wwwroot directory.
2.Type http://servername/filename in the address bar of your Internet browser to
see your published files.
How do I create a virtual directory on a Web or FTP site? (IIS 6.0)
You can use IIS Manager to create virtual directories on your Web site.
How do I create a Web site?
When you install IIS on a computer running a member of the Windows Server 2003 family,
a default Web site is set up for you. You can publish your content here immediately.
How do I create multiple Web sites?
To create multiple Web sites, you must first ensure that each site has unique identification.
To accomplish this, you need to contact your network administrator to either obtain
multiple IP addresses or to assign multiple host header names.
How do I stop and restart Internet services?
By using the "IISRESET" command
Can I change the name of my Web site and also redirect requests for the old
site name to the new one?
You can configure your Web site to respond to both the old name and the new name,
provided your network correctly routes both requests to your computer. This way,
visitors can still reach your site by using the old name, and will be informed of
the new name.
How can I confirm that a server certificate is attached to a Web site?
1.In IIS Manager, right-click the Web site, and click Properties.
2.Click the Directory Security tab.
3.Under Secure communications, if the View Certificate button is activated, there
is a certificate attached to the Web site. If the button is not activated, you must
attach a server certificate to the site to use the Secure Sockets Layer (SSL) features.
Can I attach more than one server certificate to a Web site?
No. Each Web site can have only one server certificate attached to it.
Can I attach the same server certificate to more than one site?
Yes. A server certificate can be attached to as many Web sites as needed.
Can I attach a server certificate to an FTP site?
No. FTP sites do not support Secure Sockets Layer (SSL) features.
Should I create a backup copy of my server certificate?
Yes. Your server certificate is a valuable investment, and is the key to your server's
Secure Sockets Layer features. To create a backup copy of your server certificate,
copy the entire certificate on to a floppy disk and store it in a safe place.
Does ASP debugging work in IIS 6.0 worker process isolation mode?
Yes, when you configure Launch and Access permissions to enable ASP debugging in
worker process isolation mode for Script Debugger and Visual InterDev.
What are the new features in IIS7?
1. Simple, Configurable Command Line Setup · Install only the IIS components needed
to run your site Example: start /w pkgmgr /l:log.etw /iu:IIS-WebServerRole;IIS-WebServer;IIS-CommonHttpFeatures;IIS-StaticContent;IIS-DefaultDocument;IIS-DirectoryBrowsing;IIS-HttpErrors;IIS-HttpRedirect;IIS-ApplicationDevelopment;IIS-ASPNET;IIS-NetFxExtensibility;IIS-ASP;IIS-ISAPIExtensions;IIS-ISAPIFilter;IIS-ServerSideIncludes;IIS-HealthAndDiagnostics;IIS-HttpLogging;IIS-LoggingLibraries;IIS-RequestMonitor;IIS-HttpTracing;IIS-Security;IIS-ClientCertificateMappingAuthentication;IIS-IISCertificateMappingAuthentication;IIS-RequestFiltering;IIS-IPSecurity;IIS-Performance;IIS-HttpCompressionStatic;IIS-HttpCompressionDynamic;IIS-WebServerManagementTools;IIS-ManagementConsole;IIS-ManagementScriptingTools;IIS-ManagementService;IIS-IIS6ManagementCompatibility;IIS-Metabase;IIS-WMICompatibility;IIS-LegacyScripts;IIS-LegacySnapIn;WAS-WindowsActivationService;WAS-ProcessModel;WAS-NetFxEnvironment;WAS-ConfigurationAPI
2. Great Compatibility Story · Most (99%+) ASP and ASP.NET applications just worked.
ü One application encountered breaking change ü Handful of applications required
config migration to run in Integrated (We have about 260 applications running on
www.microsoft.com as defined by IIS, there are thousands of pages of code that could
have broken but didn’t.) · Integrated Pipeline is the new unified request processing
pipeline. Benefits include: ü Allowing services provided by both native and managed
modules to apply to all requests, regardless of handler. For example, managed Forms
Authentication can be used for all content, including ASP pages, CGIs, and static
files. ü Empowering ASP.NET components to provide functionality that was previously
unavailable to them due to their placement in the server pipeline. For example,
a managed module providing request rewriting functionality can rewrite the request
prior to any server processing, including authentication, takes place. ü A single
place to implement, configure, monitor and support server features. For example,
single module and handler mapping configuration, single custom errors configuration,
single url authorization configuration. · Classic ASP mode allows for easy app migration
ü ASP.NET Setup provides a “Classic .NET AppPool” ü For more information on check
out the article ASP.Net Integration With IIS7 · Use AppCmd to migrate apps to Integrated
mode ü %windir%\system32\inetsrv\APPCMD.EXE migrate config <application path>
ü For more information about AppCmd.exe see Getting Started With AppCmd.exe · IIS
6.0 Metabase compatibility layer ü Allows you the run old ADSI scripts ü IIS6.0
Metabase Compatibility module must be installed
3. No More Metabase! · Clean clear-text schema · IIS settings stored in XML configuration
file (applicationHost.config) ü Metabase exists for SMTP/NNTP/FTP only · Site-wide
changes made easily ü Update central applicationHost.config and copy to all web
servers ü Replaces our bulky ADSI based script solution for metabase changes · Microsoft.com
considerations ü Careful copying to production servers under load: (Know Thy Environment!
When you push out a new applicationHost.config those affected worker process need
to reload the new configuration. It comes down to the scope of the change. For example,
if you are making a global change that that affectes all the worker processes, and
you are heavily dependent on caching then you could cause some grief in your environment
as those new configurations are reloaded by the worker processes.)
4. Centralized Configuration · applicationHost.config stored on UNC share · Allows
us to copy to two (maybe four) servers rather than 80 ü Potential gotcha - managing
password changes for account used to connect to config store (This is because that
currently you cannot use the UNC share that is running under the Network service,
which we use heavily. It currently requires a domain account, which our security
policy mandates a periodic password change.)
5. Delegated Configuration · Admin can now delegate IIS settings to application
owner · Settings defined in web.config file in application directory · Example of
setting to delegate include: ü System.webServer section of applicationHost.config
ü Caching, defaultDocument, httpErrors, security
6. AppCmd and Other New Management Options · Managing via the UI ü New modular,
task-based look and feel ü Moving away from the right-click/properties paradigm
· Managing via the Command Line ü AppCmd § Command line utility which replaces adsutil.vbs,
iisapp.vbs, and others § Allows command line management of sites, applications,
vdirs, apppools, modules, tracing, and more ü Powershell § IIS community creating
IIS-specific Powershell cmdlets · MSCOM Considerations ü AppCmd limitations – no
remote ü No IIS provider for Powershell
7. Failed Request Tracing · Buffers the trace events for requests and flushes them
to disk if they meet your failure criteria · Captures trace data while you’re sleeping
· Very little perf impact when targeting failing requests · Quick test: Enabling
tracing for all file extensions and errors results in approx 5% fewer requests/sec
at full stress load (please don’t do this in production) · View Currently Executing
Requests via AppCmd ü appcmd list requests (for all request) ü appcmd list requests
/apppool.name:DefaultAppPool REQUEST "3e00000080012675" (url:GET /casestudies/casestudy.aspx?casestudyid=201269,
time:2954 msec, client:127.0.0.1) · New Task Scheduler ü Trigger tasks on events
8. Request Filtering · No more URLScan · settings in applicationHost.config
· Gotcha for Microsoft.com: If filename includes “+” then allowDoubleEscaping must
be set to “true” ü
· Allow or disallow specific file extensions and verbs
· RequestLimits ü maxAllowedContentLength="1000000“ ü maxUrl="260“ ü maxQueryString="2048"
9. UNC Content · Simplified content synchronization · Reduced H/W footprint (potentially
less cost) ü Common industry pain point 10. Output Caching of Dynamic Content ·
Fewer off-box calls to backend dependencies · Significant performance gains · Simple
WCAT (Web Capacity Analysis Tool) Stress Test against www.microsoft.com/en/us/default.aspx
Not appropriate for all applications (e.g. not effective for those with very personalized