You are previewing Professional IIS 7.0.
O'Reilly logo
Professional IIS 7.0

Book Description

As the first update to Microsoft's server operating system in nearly five years, Windows Server 2008 boasts the new Internet Information Services 7.0 (IIS 7), which is the largest departure from previous versions of IIS ever. Written by an author team that includes four Microsoft MVPs, this book shows you how to take advantage of these exciting new features of IIS 7. With a clear understanding of IIS 7, you'll learn to deploy, install, monitor, manage, and secure an IIS environment with confidence and ease.

Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

Table of Contents

  1. Copyright
  2. About the Authors
  3. Credits
  4. Introduction
    1. Who This Book Is For
    2. How This Book Is Structured
    3. What You Need to Use This Book
    4. Conventions
    5. Sidebar
    6. Source Code
    7. Errata
    8. p2p.wrox.com
  5. I. Introduction and Deployment
    1. 1. Background on IIS and New Features in IIS 7.0
      1. 1.1. IIS Versions 1.0 to 4.0
      2. 1.2. IIS 5.0 and 5.1
      3. 1.3. IIS 6.0
        1. 1.3.1. Secure by Default
        2. 1.3.2. Request Processing
        3. 1.3.3. Additional Features
          1. 1.3.3.1. HTTP Compression
          2. 1.3.3.2. Kernel Mode and Persistent Caching
          3. 1.3.3.3. XML Metabase
          4. 1.3.3.4. Application Pools
          5. 1.3.3.5. FTP Service
          6. 1.3.3.6. SMTP and POP Services
      4. 1.4. IIS 7.0 Versions
      5. 1.5. IIS 7.0 Features
        1. 1.5.1. Integrated Request Pipeline
        2. 1.5.2. Configurability
          1. 1.5.2.1. Using applicationHost.config
          2. 1.5.2.2. Extensible Configuration Schemas
        3. 1.5.3. Componentization
        4. 1.5.4. Security
          1. 1.5.4.1. Minimal Installation
          2. 1.5.4.2. Management Delegation
          3. 1.5.4.3. Unified Authentication and Authorization
          4. 1.5.4.4. Request Filtering
          5. 1.5.4.5. Remote Management
        5. 1.5.5. IIS Administration Tools
          1. 1.5.5.1. IIS Manager
          2. 1.5.5.2. AppCmd.exe Command-Line Utility
          3. 1.5.5.3. ASP.NET Management Namespace
          4. 1.5.5.4. Windows Management Instrumentation
        6. 1.5.6. Diagnostics
          1. 1.5.6.1. Run-Time State and Control API
          2. 1.5.6.2. Request Tracing
        7. 1.5.7. Compatibility
        8. 1.5.8. Additional Features
          1. 1.5.8.1. FTP
          2. 1.5.8.2. SMTP
      6. 1.6. Summary
    2. 2. IIS 7.0 Architecture
      1. 2.1. IIS 4.0 and Previous Versions
        1. 2.1.1. Inetinfo.exe
        2. 2.1.2. ISAPI versus CGI
        3. 2.1.3. Active Server Pages
      2. 2.2. IIS 5.0
        1. 2.2.1. Application Protection
      3. 2.3. IIS 6.0
        1. 2.3.1. Http.sys
          1. 2.3.1.1. Kernel Mode versus User Mode
          2. 2.3.1.2. Other Http.sys Functions
        2. 2.3.2. IIS Admin Service
        3. 2.3.3. Web Administration Service
        4. 2.3.4. Worker Process
          1. 2.3.4.1. Process Isolation
        5. 2.3.5. Application Pools
      4. 2.4. IIS 7.0 Architecture
        1. 2.4.1. Integrated Pipeline Mode
          1. 2.4.1.1. Classic Mode
          2. 2.4.1.2. Integrated Pipeline Mode
          3. 2.4.1.3. Moving an Application to the Integrated Pipeline
          4. 2.4.1.4. Application Pools and the Pipeline
        2. 2.4.2. Extensibility and Modularity
          1. 2.4.2.1. Modules
        3. 2.4.3. IIS Manager Extensibility
        4. 2.4.4. Metabase—Going, Going, Gone!
          1. 2.4.4.1. applicationHost.config and web.config
          2. 2.4.4.2. Other XML Configuration Files
          3. 2.4.4.3. Metabase Compatibility
        5. 2.4.5. WAS and the Worker Process
      5. 2.5. Windows Server 2008 Architecture
        1. 2.5.1. Server Core
        2. 2.5.2. Virtualization
        3. 2.5.3. Failover Clustering
        4. 2.5.4. WCF
        5. 2.5.5. BitLocker Encryption
        6. 2.5.6. Network Access Protection
      6. 2.6. Summary
    3. 3. Planning Your Deployment
      1. 3.1. Windows 2008 Server Deployment Planning
        1. 3.1.1. Windows Server 2008 Requirements
        2. 3.1.2. 32 Bit or 64 Bit?
        3. 3.1.3. Which Server Edition?
          1. 3.1.3.1. Windows Server 2008 Standard Edition
          2. 3.1.3.2. Windows Server 2008 Web Edition
          3. 3.1.3.3. Windows Server 2008 Enterprise and Datacenter Editions
          4. 3.1.3.4. Server Core
          5. 3.1.3.5. Server Virtualization
          6. 3.1.3.6. Windows Server 2008 for Itanium-Based Systems
          7. 3.1.3.7. Licensing
        4. 3.1.4. Upgrade or New Installation?
          1. 3.1.4.1. New Installations
          2. 3.1.4.2. Upgrades
            1. 3.1.4.2.1. Upgrade Paths
        5. 3.1.5. Planning Your Hardware
          1. 3.1.5.1. Hardware Compatibility
          2. 3.1.5.2. Hardware Requirements and Recommendations
        6. 3.1.6. Planning Your Network
          1. 3.1.6.1. Active Directory or Stand-Alone?
          2. 3.1.6.2. Server Location
          3. 3.1.6.3. Server Farms
            1. 3.1.6.3.1. Network Load Balancing
            2. 3.1.6.3.2. Clustering
            3. 3.1.6.3.3. Virtualization
            4. 3.1.6.3.4. Common Scenarios
        7. 3.1.7. Planning Your Security
          1. 3.1.7.1. Network Security
            1. 3.1.7.1.1. Network User Accounts
            2. 3.1.7.1.2. Firewalls and Proxy Servers
            3. 3.1.7.1.3. Network Access Protection
            4. 3.1.7.1.4. IPv6
            5. 3.1.7.1.5. Logging and Auditing
          2. 3.1.7.2. Windows Server Security
            1. 3.1.7.2.1. Application Security
            2. 3.1.7.2.2. Physical Security
        8. 3.1.8. Planning Backup and Recovery
          1. 3.1.8.1. Volume Shadow Copy Services
          2. 3.1.8.2. Windows Server 2008 Backup
      2. 3.2. IIS 7.0 Deployment Planning
        1. 3.2.1. IIS 7.0 Requirements
        2. 3.2.2. Installation Decisions
        3. 3.2.3. Planning for IIS-Specific Security
          1. 3.2.3.1. Security Changes from IIS 6.0
          2. 3.2.3.2. Management Accounts and Delegation
          3. 3.2.3.3. IIS 7 Access Policies
        4. 3.2.4. Planning Development Environments
        5. 3.2.5. Planning Production Environments
        6. 3.2.6. Shared Configuration
        7. 3.2.7. Content Replication
      3. 3.3. Application Deployment Planning
      4. 3.4. Automation and Deployment Tools
        1. 3.4.1. Windows Deployment Services
        2. 3.4.2. Volume Activation
      5. 3.5. Capacity Planning
        1. 3.5.1. Traffic
        2. 3.5.2. WCAT
        3. 3.5.3. IIS 7.0 Request Tracing
        4. 3.5.4. Scalability
        5. 3.5.5. Application Capacity Planning
      6. 3.6. Summary
    4. 4. Installing IIS 7.0
      1. 4.1. Clean Installation
        1. 4.1.1. With Windows Server 2008 Installation
          1. 4.1.1.1. Default Installation with Operating System
          2. 4.1.1.2. Testing Your Installation
        2. 4.1.2. From DVD to an Existing Server
          1. 4.1.2.1. Default IIS 7.0 Installation
      2. 4.2. Upgrade Installation
        1. 4.2.1. In-Place Upgrade
          1. 4.2.1.1. Current Server
          2. 4.2.1.2. Upgrading Windows Server 2003 to Windows Server 2008
          3. 4.2.1.3. Upgrading Applications and Settings
            1. 4.2.1.3.1. Metabase Compatibility
            2. 4.2.1.3.2. Integrated Pipeline Mode versus Classic Pipeline Mode
        2. 4.2.2. Migration Upgrade
      3. 4.3. Adding Features to an Existing Installation
        1. 4.3.1. Installing New Features
        2. 4.3.2. Configuring and Testing New Features
          1. 4.3.2.1. ASP.NET 1.1 on IIS 7.0
            1. 4.3.2.1.1. IIS 6.0 Metabase Compatibility
            2. 4.3.2.1.2. Installing ASP.NET 1.1 Framework and Updates
            3. 4.3.2.1.3. Enabling ASP.NET 1.1 ISAPI Extensions
            4. 4.3.2.1.4. Configuring ASP.NET 1.1 Machine.config File
            5. 4.3.2.1.5. Configuring ASP.NET 1.1 Application Pool
      4. 4.4. Automated Installation and Configuration
      5. 4.5. Server Core Command-Line Installation
        1. 4.5.1. Pkgmgr.exe
          1. 4.5.1.1. Testing IIS Installations on Server Core
        2. 4.5.2. Unattended Installations Using Pkgmgr.exe
        3. 4.5.3. Installation Using Windows Deployment Services
      6. 4.6. Hosting Service Recommendations
        1. 4.6.1. Directory Structure
        2. 4.6.2. Web Server Accounts and Application Pools
        3. 4.6.3. Configuring Shared Hosting with Managed Code
          1. 4.6.3.1. Creating Users
          2. 4.6.3.2. Setting Directory Permissions
          3. 4.6.3.3. Creating Application Pools
          4. 4.6.3.4. Creating Sites
          5. 4.6.3.5. Setting IIS Properties
          6. 4.6.3.6. Setting the ASP.NET Compilation Directory
          7. 4.6.3.7. Further Information for Shared Hosting
      7. 4.7. Shared Configuration
      8. 4.8. Installing IIS 7.0 on Windows Vista
        1. 4.8.1. IIS 7.0 Support
        2. 4.8.2. IIS 7.0 Installation
      9. 4.9. Summary
  6. II. Administration
    1. 5. Administration Tools
      1. 5.1. Key Characteristics
      2. 5.2. IIS Manager
        1. 5.2.1. Appearance
        2. 5.2.2. Feature Scopes
        3. 5.2.3. Features View
          1. 5.2.3.1. List Pages
          2. 5.2.3.2. Property Grid Pages
          3. 5.2.3.3. Dialog Pages
          4. 5.2.3.4. Web-Site- and Application-Specific Settings
        4. 5.2.4. Content View
        5. 5.2.5. Feature Delegation
      3. 5.3. IIS Manager Extensibility
      4. 5.4. Configuration Settings
        1. 5.4.1. Configuration File Hierarchy
        2. 5.4.2. Configuration Levels
        3. 5.4.3. Location Tags
        4. 5.4.4. Configuration File Structure
        5. 5.4.5. Configuration Schema
          1. 5.4.5.1. Schema Organization
          2. 5.4.5.2. configSections
        6. 5.4.6. Locking and Unlocking Sections
      5. 5.5. Command-Line Management
        1. 5.5.1. Using AppCmd.exe
        2. 5.5.2. Getting Help
        3. 5.5.3. Using the list Command
          1. 5.5.3.1. Listing All Object Instances
          2. 5.5.3.2. Listing Unique Object Instances
          3. 5.5.3.3. Listing Object Instances by Criteria
          4. 5.5.3.4. AppCmd.exe Output
            1. 5.5.3.4.1. Listing Detailed Information
            2. 5.5.3.4.2. Listing by Property
            3. 5.5.3.4.3. Listing Configuration Objects
        4. 5.5.4. AppCmd.exe Attributes and Values
        5. 5.5.5. Managing Objects with add, delete, and set
          1. 5.5.5.1. Adding New Objects
          2. 5.5.5.2. Deleting Existing Objects
          3. 5.5.5.3. Modifying Existing Objects
        6. 5.5.6. Determining Which Attributes Are Associated with an Object
          1. 5.5.6.1. Controlling Object State
          2. 5.5.6.2. Determining Site and Application Pool State
          3. 5.5.6.3. Determining Worker Process State
          4. 5.5.6.4. Monitoring Currently Executing Requests
        7. 5.5.7. Backing Up and Restoring
          1. 5.5.7.1. Setting the Configuration
          2. 5.5.7.2. Listing the Configuration
          3. 5.5.7.3. Editing Configuration Properties
          4. 5.5.7.4. Editing Configuration Collections
          5. 5.5.7.5. Configuration Location
          6. 5.5.7.6. Locating Configuration Settings
        8. 5.5.8. Locking and Unlocking the Configuration
        9. 5.5.9. Piping with XML
      6. 5.6. Web Management Service and Remote Administration
      7. 5.7. Summary
    2. 6. Web-Site Administration
      1. 6.1. Web Sites, Applications, and Virtual Directories
        1. 6.1.1. Web Sites
        2. 6.1.2. Applications
        3. 6.1.3. Virtual Directories
      2. 6.2. Creating a New Web Site
        1. 6.2.1. Creating a Web Site Using IIS Manager
        2. 6.2.2. Creating a New Application Pool for Your Site
        3. 6.2.3. Creating a Web Site Using AppCmd
        4. 6.2.4. Creating a Web Site Using Microsoft.Web.Administration
        5. 6.2.5. Changes to the applicationHost.config File
      3. 6.3. Configuring Logging
        1. 6.3.1. Enabling Logging
          1. 6.3.1.1. Failed Request Tracing Logs
            1. 6.3.1.1.1. Enabling Failed Request Tracing Logs Using IIS Manager
            2. 6.3.1.1.2. Enabling Failed Request Tracing Logs Using AppCmd
          2. 6.3.1.2. W3C Logging
            1. 6.3.1.2.1. Enabling W3C Logs using AppCmd
            2. 6.3.1.2.2. Enabling W3C Logs Using Microsoft.Web.Administration
          3. 6.3.1.3. Centralized Logging
            1. 6.3.1.3.1. Centralized Binary Logging
            2. 6.3.1.3.2. Centralized W3C Logging
      4. 6.4. Configuring Host Headers
        1. 6.4.1.
          1. 6.4.1.1. Adding/Removing Host Headers Using IIS Manager
          2. 6.4.1.2. Setting Host Headers Using AppCmd
          3. 6.4.1.3. Setting Host Headers Using Microsoft.Web.Administration
          4. 6.4.1.4. SSL and Host Headers
      5. 6.5. Administering Applications
        1. 6.5.1. Adding Applications Using IIS Manager
        2. 6.5.2. Adding Applications Using AppCmd
        3. 6.5.3. Adding Applications Using Microsoft.Web.Administration
        4. 6.5.4. Deleting Applications Using IIS Manager
        5. 6.5.5. Deleting Applications Using AppCmd
        6. 6.5.6. Deleting Applications Using Microsoft.Web.Administration
      6. 6.6. Administering Virtual Directories
        1. 6.6.1. Creating Virtual Directories Using IIS Manager
        2. 6.6.2. Creating Virtual Directories Using AppCmd
        3. 6.6.3. Adding Virtual Directories Using Microsoft.Web.Administration
        4. 6.6.4. Removing Virtual Directories
      7. 6.7. Authentication
      8. 6.8. Configuring Compression
        1. 6.8.1.
          1. 6.8.1.1. Configuring Compression with IIS Manager
          2. 6.8.1.2. Configuring Compression with AppCmd.exe
      9. 6.9. Configuring Default Document Settings
        1. 6.9.1.
          1. 6.9.1.1.
            1. 6.9.1.1.1. Reordering a Document
            2. 6.9.1.1.2. Adding a Default Document
      10. 6.10. Configuring MIME Settings
        1. 6.10.1. Adding MIME Types
          1. 6.10.1.1. Adding MIME Types Using IIS Manager
          2. 6.10.1.2. Adding MIME Types Using AppCmd
        2. 6.10.2. Editing MIME Types
          1. 6.10.2.1. Editing MIME Types Using IIS Manager
          2. 6.10.2.2. Editing MIME Types Using AppCmd
        3. 6.10.3. Removing MIME Types
          1. 6.10.3.1. Removing MIME Types Using IIS Manager
          2. 6.10.3.2. Removing MIME Types Using AppCmd
      11. 6.11. Basic Administration Tasks
        1. 6.11.1. Configuring Default Options for IIS
        2. 6.11.2. Starting and Stopping Services and Web Sites
          1. 6.11.2.1. Stopping and Starting Web Services
          2. 6.11.2.2. Stopping and Starting Web Sites
        3. 6.11.3. Enabling Dynamic Content—ASP.NET and Classic ASP
        4. 6.11.4. Isolating Applications
      12. 6.12. Summary
    3. 7. Web Application Administration
      1. 7.1. Application Administration
      2. 7.2. ASP
      3. 7.3. ASP.NET
        1. 7.3.1. IIS 6.0 and Previous Architecture
        2. 7.3.2. IIS 7.0 Architecture
        3. 7.3.3. IIS 7.0 and ASP.NET Modules
          1. 7.3.3.1. .NET Compilation
          2. 7.3.3.2. .NET Globalization
          3. 7.3.3.3. .NET Trust Levels
          4. 7.3.3.4. Application Settings
          5. 7.3.3.5. Connection Strings
          6. 7.3.3.6. Machine Keys
          7. 7.3.3.7. Pages and Controls
          8. 7.3.3.8. Providers
          9. 7.3.3.9. Session State
            1. 7.3.3.9.1. Modes
          10. 7.3.3.10. Cookie Settings
            1. 7.3.3.10.1. Auto Detect
            2. 7.3.3.10.2. Use Cookies
            3. 7.3.3.10.3. Use Device Profile
            4. 7.3.3.10.4. Use URI
          11. 7.3.3.11. Configuring Session State
          12. 7.3.3.12. SMTP e-Mail
      4. 7.4. ISAPI
      5. 7.5. CGI
      6. 7.6. FastCGI
        1. 7.6.1. Installing PHP
        2. 7.6.2. Installing QDig
        3. 7.6.3. Installing FastCGI Module
        4. 7.6.4. Enabling FastCGI for Use with PHP
      7. 7.7. Windows Process Activation Service
      8. 7.8. Summary
    4. 8. Web Application Pool Administration
      1. 8.1. A Background of Web-Site Separation
      2. 8.2. Defining Applications
      3. 8.3. Comparing Virtual Directories to Applications
      4. 8.4. Understanding the w3wp.exe Process
        1. 8.4.1. Recycling Application Pools
        2. 8.4.2. Web Gardens
      5. 8.5. Working with Application Pools
        1. 8.5.1. Creating Application Pools
        2. 8.5.2. Managing Settings
        3. 8.5.3. Assigning Applications and Sites to Application Pools
          1. 8.5.3.1. Three Folder Right-Click Choices
          2. 8.5.3.2. AppCmd Method
          3. 8.5.3.3. applicationHost.config
          4. 8.5.3.4. Microsoft.Web.Administration
        4. 8.5.4. Specifying the .NET Framework Version
        5. 8.5.5. Specifying the Managed Pipeline Mode
          1. 8.5.5.1. Classic Mode
          2. 8.5.5.2. Integrated Mode
          3. 8.5.5.3. Configuration Differences between Modes
        6. 8.5.6. Managing Active Application Pools
          1. 8.5.6.1. Viewing Running Processes in IIS 7.0
          2. 8.5.6.2. Viewing Running Processes in Task Manager
          3. 8.5.6.3. Viewing Running Processes using AppCmd.exe
          4. 8.5.6.4. Viewing Running Page Requests
          5. 8.5.6.5. Starting, Stopping, and Recycling Application Pools
      6. 8.6. Application Pool Security
        1. 8.6.1. Application Pool Configuration Isolation
        2. 8.6.2. Application Pool SID Injection
        3. 8.6.3. Site Anonymous User
      7. 8.7. Noteworthy Advanced Settings
        1. 8.7.1. Bitness
        2. 8.7.2. CPU Limits
        3. 8.7.3. Processor Affinity
      8. 8.8. Application Pool Users
        1. 8.8.1. Network Service Account
        2. 8.8.2. Local Service Account
        3. 8.8.3. Local System Account
        4. 8.8.4. Custom User Account
      9. 8.9. Summary
    5. 9. Delegating Remote Administration
      1. 9.1. Introducing the Main Characters
        1. 9.1.1. Server Administrator
        2. 9.1.2. Site Administrator
        3. 9.1.3. The Two Shall Work as One
      2. 9.2. IIS Manager Remote Access
        1. 9.2.1. Installing the IIS 7.0 Management Service
        2. 9.2.2. Enabling Remote Connections
        3. 9.2.3. Authentication Types
          1. 9.2.3.1. IIS Manager Authentication
          2. 9.2.3.2. Windows Authentication
          3. 9.2.3.3. Build Your Own
        4. 9.2.4. Authorization at Three Levels
          1. 9.2.4.1. Server Level Authorization
          2. 9.2.4.2. Site and Application Level Authorization
        5. 9.2.5. Remote Installation and Usage
          1. 9.2.5.1. Connecting to the Server/Site/Application
          2. 9.2.5.2. Connecting to IIS 7.0 Remotely
        6. 9.2.6. Extending IIS Manager
      3. 9.3. Delegation Settings
        1. 9.3.1. Delegation of Sections
          1. 9.3.1.1. Default Delegation versus Custom Web Site Delegation
          2. 9.3.1.2. <section> Settings
          3. 9.3.1.3. The Role of the Configuration Files
          4. 9.3.1.4. Customizing Application Folders Using Location Tags
          5. 9.3.1.5. Where Settings Are Applied
          6. 9.3.1.6. IIS Manager
            1. 9.3.1.6.1. Read Only
            2. 9.3.1.6.2. Read/Write
            3. 9.3.1.6.3. Not Delegated
            4. 9.3.1.6.4. Configuration Read/Write and Read Only
            5. 9.3.1.6.5. Reset to Inherited
            6. 9.3.1.6.6. Reset All Delegation
            7. 9.3.1.6.7. Copy Delegation
          7. 9.3.1.7. AppCmd.exe and Delegation
        2. 9.3.2. Delegating the Small Details
          1. 9.3.2.1. Elements/Collections/Attributes
          2. 9.3.2.2. Locking Attributes
          3. 9.3.2.3. Locking Elements
          4. 9.3.2.4. Locking Collections
          5. 9.3.2.5. Locking Individual Items
          6. 9.3.2.6. Locking All Attributes and Elements Except Those You Specify
      4. 9.4. Summary
    6. 10. Configuring Other Services
      1. 10.1. FTP — Shipping Version
        1. 10.1.1. FTP Basics
          1. 10.1.1.1. User Isolation
            1. 10.1.1.1.1. Do Not Isolate Users
            2. 10.1.1.1.2. Isolate Users
            3. 10.1.1.1.3. Isolate Users Using Active Directory
          2. 10.1.1.2. Directory Structure
            1. 10.1.1.2.1. Structure if You Do Not Isolate Users
            2. 10.1.1.2.2. Structure if You Isolate Users without Active Directory
            3. 10.1.1.2.3. Structure if You Isolate Users Using Active Directory
          3. 10.1.1.3. Installing the FTP Service
          4. 10.1.1.4. Creating an FTP Site
            1. 10.1.1.4.1. Setting Site Properties
        2. 10.1.2. Automating FTP Site Creation and Management
          1. 10.1.2.1. IISFtp.vbs
            1. 10.1.2.1.1. Creating and Managing FTP Sites Using IISFTP.VBS
            2. 10.1.2.1.2. Configuring Active Directory Isolation Using IISFTP.VBS
            3. 10.1.2.1.3. Examples
        3. 10.1.3. The FTP Command-Line Client
      2. 10.2. FTP 7
        1. 10.2.1. Installing FTP 7
        2. 10.2.2. Creating a New FTP 7 Site
        3. 10.2.3. Adding an FTP 7 Site to an Existing Web Site
        4. 10.2.4. Configuring FTP 7 Security
        5. 10.2.5. Configuring FTP 7 over SSL
        6. 10.2.6. Configuring FTP 7 User Isolation
        7. 10.2.7. Configuring FTP 7 Host Name Support
        8. 10.2.8. Administering FTP 7 with Configuration Files
          1. 10.2.8.1. Adding FTP Publishing to a Web Site
          2. 10.2.8.2. Adding FTP over SSL to an Existing Site
          3. 10.2.8.3. Configuring Host Name Support
          4. 10.2.8.4. Testing FTP with Telnet
      3. 10.3. FrontPage Server Extensions
        1. 10.3.1. Installing FPSE
        2. 10.3.2. Adding FPSE to a Web Site
        3. 10.3.3. Configuring FPSE
        4. 10.3.4. Securing an FPSE-Extended Web Site
        5. 10.3.5. Connecting Using a Client
        6. 10.3.6. Uninstalling FPSE
      4. 10.4. SMTP
        1. 10.4.1. How SMTP Works
        2. 10.4.2. Installing SMTP
        3. 10.4.3. Configuring the Default SMTP Server
          1. 10.4.3.1. General Settings
          2. 10.4.3.2. Messaging Limit Configurations
          3. 10.4.3.3. Delivery Configurations
          4. 10.4.3.4. LDAP Routing
        4. 10.4.4. SMTP Security and Authentication
          1. 10.4.4.1. Authentication
          2. 10.4.4.2. TLS Encryption
          3. 10.4.4.3. Connection Control
          4. 10.4.4.4. Relay Restrictions
        5. 10.4.5. Configuring Additional Domains
        6. 10.4.6. SMTP Folders
          1. 10.4.6.1. Badmail
          2. 10.4.6.2. Drop
          3. 10.4.6.3. Pickup
          4. 10.4.6.4. Queue
        7. 10.4.7. Testing and Troubleshooting SMTP
          1. 10.4.7.1. Testing with Telnet
          2. 10.4.7.2. SMTP Log Files
            1. 10.4.7.2.1. Configuring SMTP Logging
            2. 10.4.7.2.2. Interpreting SMTP Logs
      5. 10.5. LogParser
        1. 10.5.1.
          1. 10.5.1.1. Installing LogParser
          2. 10.5.1.2. LogParser Command Line
          3. 10.5.1.3. LogParser Examples
            1. 10.5.1.3.1. Files Not Found
            2. 10.5.1.3.2. Daily Bandwidth Use
            3. 10.5.1.3.3. Maximum Time Taken
            4. 10.5.1.3.4. File Leaching
            5. 10.5.1.3.5. Additional Examples
      6. 10.6. Summary
  7. III. Advanced Administration
    1. 11. Core Server
      1. 11.1. Background
      2. 11.2. Core Server and Modules
        1. 11.2.1. HTTP Modules
          1. 11.2.1.1. Native Modules
            1. 11.2.1.1.1. HTTP Modules
            2. 11.2.1.1.2. Security Modules
            3. 11.2.1.1.3. Content Modules
            4. 11.2.1.1.4. Compression Modules
            5. 11.2.1.1.5. Caching Modules
            6. 11.2.1.1.6. Logging and Diagnostics Modules
            7. 11.2.1.1.7. Extensibility Support Modules
          2. 11.2.1.2. Managed Modules
      3. 11.3. Server Workload Customization
        1. 11.3.1. Eliminating Overheads
        2. 11.3.2. A Basic Real-World Example
        3. 11.3.3. A More Complex Real-World Example
        4. 11.3.4. Customizing Individual Web Sites
        5. 11.3.5. Customization Using IIS Manager
      4. 11.4. ASP.NET and the IIS Pipeline
        1. 11.4.1. Configuring ASP.NET Execution Mode
          1. 11.4.1.1. Selecting the Execution Mode
          2. 11.4.1.2. Setting an Application to Run in Legacy or Integrated Mode
        2. 11.4.2. Migrating Legacy ASP.NET Applications to IIS 7.0
        3. 11.4.3. Selecting the ASP.NET Version
      5. 11.5. Legacy ISAPI Support
      6. 11.6. Summary
    2. 12. Core Server Extensibility
      1. 12.1. Extensibility Overview
      2. 12.2. IIS Module Concepts
        1. 12.2.1. Events
        2. 12.2.2. Notifications
        3. 12.2.3. Return Codes
        4. 12.2.4. Notification Priority
      3. 12.3. An Example Native Module
        1. 12.3.1. Native Module Design
        2. 12.3.2. Native Module Creation
          1. 12.3.2.1. Including SDK Files
          2. 12.3.2.2. Creating a New Project
          3. 12.3.2.3. Defining the HttpModule Class
          4. 12.3.2.4. Exporting the RegisterModule Method
          5. 12.3.2.5. Registering for Event Notifications
          6. 12.3.2.6. Implementing the Notification Method(s)
          7. 12.3.2.7. Setting Notification Priority
          8. 12.3.2.8. Building the Module
          9. 12.3.2.9. Installing the Module
          10. 12.3.2.10. Testing the Module
        3. 12.3.3. Native Module Wrap-Up
      4. 12.4. Managed Code Modules
        1. 12.4.1. Managed Event Notifications
        2. 12.4.2. Further Reading
      5. 12.5. An Example Managed Module
        1. 12.5.1. Managed Module Design
        2. 12.5.2. Managed Module Creation
          1. 12.5.2.1. Defining the IHttpModule Interface
          2. 12.5.2.2. Registering for Notifications
          3. 12.5.2.3. Implementing the Notifications
          4. 12.5.2.4. Installing the Module
          5. 12.5.2.5. Testing the Module
        3. 12.5.3. Managed Module Wrap-Up
      6. 12.6. Event Tracing from Modules
        1. 12.6.1. Adding Tracing Support to a Managed Code Module
          1. 12.6.1.1. Including a Namespace Reference
          2. 12.6.1.2. Declaring a Global TraceSource Variable
          3. 12.6.1.3. Initializing the TraceSource Object
          4. 12.6.1.4. Adding Trace Events
          5. 12.6.1.5. Compiling and Deploying the Module
          6. 12.6.1.6. Adding a Trace Listener to IIS
          7. 12.6.1.7. Enabling Tracing and Routing Trace Events to IIS
          8. 12.6.1.8. Viewing Trace Results
      7. 12.7. Extending IIS Configuration
        1. 12.7.1. Adding Configuration Support to Custom Modules
          1. 12.7.1.1. Extending the Schema
          2. 12.7.1.2. Registering the Extension with IIS Config
          3. 12.7.1.3. Creating the Configuration Entry
          4. 12.7.1.4. Accessing Configuration Information
          5. 12.7.1.5. Including the Namespace Reference
          6. 12.7.1.6. Defining a Global Configuration Variable
          7. 12.7.1.7. Extracting the Configuration Attribute
          8. 12.7.1.8. Adding Processing Logic
          9. 12.7.1.9. Installing and Testing the Module
      8. 12.8. Extending the IIS Administration Tool
        1. 12.8.1. Creating an IIS Administration Tool Extension
          1. 12.8.1.1. Creating a New Project
          2. 12.8.1.2. Adding Namespace References
          3. 12.8.1.3. Creating the Configuration Control
          4. 12.8.1.4. Creating an IIS Administration Tool Module Container
          5. 12.8.1.5. Build and Install
          6. 12.8.1.6. Viewing the Result
      9. 12.9. Summary
    3. 13. Securing the Server
      1. 13.1. What Is Security?
        1. 13.1.1. Managing Risk
        2. 13.1.2. Security Components
      2. 13.2. Types of Attacks
        1. 13.2.1. Denial-of-Service Attacks
        2. 13.2.2. Privilege Escalation Attacks
        3. 13.2.3. Passive Attacks
      3. 13.3. Securing the Server
        1. 13.3.1. Securing the Environment
        2. 13.3.2. IPsec (IP Security)
        3. 13.3.3. Network Access Protection
        4. 13.3.4. Active Directory Federation Services
      4. 13.4. Securing IIS 7.0
        1. 13.4.1. IP and Domain Restrictions
          1. 13.4.1.1. Default Policy and Domain Name Restrictions
          2. 13.4.1.2. Configuring Rules
          3. 13.4.1.3. Rule Priority
          4. 13.4.1.4. Comparing IP and Domain Name Restrictions
        2. 13.4.2. Configuring MIME-Type Extensions
          1. 13.4.2.1. Adding a New MIME Type
          2. 13.4.2.2. Removing an Existing MIME Type
          3. 13.4.2.3. Configuring MIME Types using AppCmd
        3. 13.4.3. Configuring ISAPI Extensions and CGI Restrictions
          1. 13.4.3.1. Adding a New ISAPI Extension or CGI Restriction
          2. 13.4.3.2. Changing Default Settings
          3. 13.4.3.3. Configuring ISAPI and CGI Restrictions with AppCmd
          4. 13.4.3.4. Additional Configuration for ISAPI Extensions and CGI Applications
        4. 13.4.4. Configuring Request Filtering
          1. 13.4.4.1. Filtering by File Extension
          2. 13.4.4.2. Filtering by HTTP Verb
          3. 13.4.4.3. Configuring Request Limits
          4. 13.4.4.4. Filtering by URL Sequence
          5. 13.4.4.5. Filtering by Segment
          6. 13.4.4.6. Request Filtering Logging
        5. 13.4.5. Application Layer Security
        6. 13.4.6. Configuring Logging
      5. 13.5. Summary
    4. 14. Authentication and Authorization
      1. 14.1. Authentication in IIS 7.0
        1. 14.1.1. How IIS 7.0 Authenticates a Client
      2. 14.2. Configuring Anonymous Authentication
      3. 14.3. Configuring Basic Authentication
      4. 14.4. Configuring Digest Authentication
      5. 14.5. Configuring NTLM Authentication
        1. 14.5.1. Configuring Kerberos Authentication
          1. 14.5.1.1. How Kerberos Authentication Works
          2. 14.5.1.2. Service Principal Names
          3. 14.5.1.3. Enabling Kerberos Authentication
      6. 14.6. Configuring UNC Authentication
      7. 14.7. Configuring Client Certificate Authentication
      8. 14.8. Configuring Forms-Based Authentication
        1. 14.8.1. Forms-Based Authentication
      9. 14.9. Configuring Delegation
      10. 14.10. Configuring Protocol Transition
      11. 14.11. Configuring Authorization
        1. 14.11.1. URL Authorization
          1. 14.11.1.1. Configuring the Managed (ASP.NET) URL Authorization Module
          2. 14.11.1.2. Configuring the Native (IIS 7.0) URL Authorization Module
        2. 14.11.2. Configuring Application Pool Sandboxing
      12. 14.12. Understanding IIS 7.0 User Accounts
      13. 14.13. Summary
    5. 15. SSL and TLS
      1. 15.1. Securing a Web Site with TLS
        1. 15.1.1. The SSL/TLS Handshake
        2. 15.1.2. Generating a Certificate Request
        3. 15.1.3. Submitting the Certificate Request
        4. 15.1.4. Importing the Certificate into IIS 7.0
        5. 15.1.5. Configuring Web-Site Bindings
        6. 15.1.6. Generating a Certificate Using Domain Certificate Request
        7. 15.1.7. Generating a Self-Signed Certificate
        8. 15.1.8. Managing an SSL/TLS-Secured Web Site
          1. 15.1.8.1. Configuring Additional SSL/TLS Options
          2. 15.1.8.2. Exporting and Importing Certificates
          3. 15.1.8.3. Configuring SSL and HTTP Host Headers
        9. 15.1.9. Managing a PKI
      2. 15.2. Securing an SMTP Virtual Server with TLS
      3. 15.3. Securing an FTP Site with TLS
      4. 15.4. Summary
    6. 16. Configuring and Load-Balancing Web Farms
      1. 16.1. IIS 7.0 and Web Farms
        1. 16.1.1. Shared Configuration
          1. 16.1.1.1. Exporting the Configuration Files
          2. 16.1.1.2. Relocating the Configuration Files
          3. 16.1.1.3. Creating Machine-Neutral Configuration Files
            1. 16.1.1.3.1. ACLs
            2. 16.1.1.3.2. Environment Variables
            3. 16.1.1.3.3. Handling IP Addresses
            4. 16.1.1.3.4. Diversified web.config files
            5. 16.1.1.3.5. configSource
            6. 16.1.1.3.6. childSource
      2. 16.2. Content Configuration
        1. 16.2.1. Local Content
        2. 16.2.2. Shared Network Content
        3. 16.2.3. Shared SAN Content
      3. 16.3. Content Replication
        1. 16.3.1. Distributed File System
          1. 16.3.1.1. DFS Replication
          2. 16.3.1.2. DFS Namespaces
          3. 16.3.1.3. DFSR and the IIS Configuration Files
          4. 16.3.1.4. DFSR and Content Replication
        2. 16.3.2. Robocopy
        3. 16.3.3. Offline Folders
        4. 16.3.4. Additional Tools
        5. 16.3.5. Microsoft Web Deployment Tool
      4. 16.4. Complete Redundancy
      5. 16.5. Load Balancing
        1. 16.5.1. Network Load Balancer (NLB)
        2. 16.5.2. Round-Robin DNS Load Balancing
        3. 16.5.3. Third-Party Load Balancing
      6. 16.6. Other Considerations
        1. 16.6.1. Replication
          1. 16.6.1.1. SSL Certificates
          2. 16.6.1.2. Registry Settings
          3. 16.6.1.3. GAC
          4. 16.6.1.4. Installing IIS Features and Third-Party Tools
          5. 16.6.1.5. COM+
        2. 16.6.2. .NET Configuration Files and machineKey
        3. 16.6.3. Session State
          1. 16.6.3.1. InProc
          2. 16.6.3.2. StateServer
          3. 16.6.3.3. SQLServer
          4. 16.6.3.4. Custom
          5. 16.6.3.5. Off
        4. 16.6.4. Security
          1. 16.6.4.1. CAS
      7. 16.7. Summary
    7. 17. Programmatic Configuration and Management
      1. 17.1. Direct Configuration
        1. 17.1.1. Configuration File Hierarchy
        2. 17.1.2. Order of Operation
        3. 17.1.3. Collection Items
        4. 17.1.4. Section Structure
          1. 17.1.4.1. applicationHost.config
          2. 17.1.4.2. administration.config
          3. 17.1.4.3. redirection.config
          4. 17.1.4.4. machine.config
          5. 17.1.4.5. web.config (Root)
        5. 17.1.5. location Tag
        6. 17.1.6. Inheritance
        7. 17.1.7. Locking
        8. 17.1.8. childConfig/sourceConfig
        9. 17.1.9. Configuration Path
        10. 17.1.10. Schema Extensibility
      2. 17.2. Programmatic Configuration
        1. 17.2.1. My First IIS 7.0 Programming Walkthrough
          1. 17.2.1.1. System Requirements
          2. 17.2.1.2. Getting Started with Visual Web Developer
          3. 17.2.1.3. Designing the Web Form
          4. 17.2.1.4. Writing the Code
          5. 17.2.1.5. Running the Create Web Site Web Site
        2. 17.2.2. Microsoft.Web.Administration (MWA)
          1. 17.2.2.1. Configuration Classes
          2. 17.2.2.2. Dynamic Runtime Classes
          3. 17.2.2.3. Accessing a Remote Server
          4. 17.2.2.4. Direct Attribute and Element Editing
          5. 17.2.2.5. Dealing with location Tags
        3. 17.2.3. Microsoft.Web.Management (MWM)
        4. 17.2.4. ABO, ADSI, and Legacy API Support
        5. 17.2.5. IIS 7.0 WMI Provider
          1. 17.2.5.1. CIM Studio
          2. 17.2.5.2. WMI Walkthrough
        6. 17.2.6. AHAdmin
      3. 17.3. Summary
  8. IV. Managing and Operating IIS 7.0
    1. 18. IIS and Operations Management
      1. 18.1. Management Approaches and Principles
        1. 18.1.1. ITIL Standards
        2. 18.1.2. MOF: Microsoft's ITIL Superset
        3. 18.1.3. Applying MOF to IIS Operations Management
          1. 18.1.3.1. Role-Based Administration
          2. 18.1.3.2. Change Management
          3. 18.1.3.3. MOF Example: Change Management for Emergency Updates
            1. 18.1.3.3.1. Appoint CAB Members
            2. 18.1.3.3.2. Notify CAB Members
            3. 18.1.3.3.3. CAB Members Review the Request for Change
            4. 18.1.3.3.4. CAB Members Vote on the RFC
          4. 18.1.3.4. MOF Example: Change Management for Applying Hotfixes
      2. 18.2. Operational Tasks
        1. 18.2.1. Backup and Restore Program
          1. 18.2.1.1. Backup Scope
          2. 18.2.1.2. Back-up Methods and Media
          3. 18.2.1.3. Approaches
            1. 18.2.1.3.1. Low Service Expectations
            2. 18.2.1.3.2. Moderate Expectations
            3. 18.2.1.3.3. High Availability
          4. 18.2.1.4. Conducting Backups
      3. 18.3. Summary
    2. 19. Monitoring and Performance Tuning
      1. 19.1. Monitoring Web Sites
        1. 19.1.1. How to Monitor IIS 7.0
          1. 19.1.1.1. Task Manager
            1. 19.1.1.1.1. Managing Services from Task Manager
            2. 19.1.1.1.2. Managing Performance from Task Manager
          2. 19.1.1.2. New Command-Line Tools
          3. 19.1.1.3. Reliability and Performance Monitor
            1. 19.1.1.3.1. Performance Monitor
            2. 19.1.1.3.2. Reliability Monitor
            3. 19.1.1.3.3. Data Collector Sets
            4. 19.1.1.3.4. Reports
        2. 19.1.2. What to Monitor
          1. 19.1.2.1. Memory Usage
          2. 19.1.2.2. Processor Utilization
          3. 19.1.2.3. Disk I/O
          4. 19.1.2.4. Network Bandwidth
          5. 19.1.2.5. Web Service Counters
          6. 19.1.2.6. ASP.NET Counters
          7. 19.1.2.7. Centralized Binary Logging
      2. 19.2. Performance Tuning
        1. 19.2.1. Operating System Optimizations
          1. 19.2.1.1. Disable Unnecessary Services
          2. 19.2.1.2. Application Performance
          3. 19.2.1.3. TCP Stack Tuning Options
          4. 19.2.1.4. Storage Tuning Options
        2. 19.2.2. IIS Service Optimizations
          1. 19.2.2.1. Http.sys
          2. 19.2.2.2. Application Pool Optimizations
        3. 19.2.3. Web-Site Optimizations
          1. 19.2.3.1. HTTP Page Headers
            1. 19.2.3.1.1. HTTP Keep-Alives
            2. 19.2.3.1.2. Content Expiration
            3. 19.2.3.1.3. Enabling HTTP Header Tuning
          2. 19.2.3.2. Bandwidth Throttling
          3. 19.2.3.3. Output Caching
          4. 19.2.3.4. HTTP Compression
          5. 19.2.3.5. Web-Site Connections
      3. 19.3. Summary
    3. 20. Diagnostics and Troubleshooting
      1. 20.1. Types of Issues
        1. 20.1.1. Specific Errors
        2. 20.1.2. Hang/Time-out Issues
        3. 20.1.3. Resource-Intensive and Slowness Issues
      2. 20.2. Runtime Status and Control API (RSCA)
        1. 20.2.1. Viewing Worker Processes
        2. 20.2.2. Viewing Page Requests
        3. 20.2.3. Viewing Application Domains
      3. 20.3. IIS 7.0 Error Pages
        1. 20.3.1. Customizing Custom Error Pages
        2. 20.3.2. Multiple Language Support
        3. 20.3.3. HTTP Status Codes
        4. 20.3.4. FTP Status Codes
      4. 20.4. Failed Request Tracing
        1. 20.4.1. Failed Request Tracing Rules Setup
          1. 20.4.1.1. Specify Content to Trace
          2. 20.4.1.2. Define Trace Conditions
        2. 20.4.2. Select Trace Providers
        3. 20.4.3. Reading the XML Trace Logs
      5. 20.5. Logging
      6. 20.6. ASP.NET Tracing
        1. 20.6.1. Enabling ASP.NET Tracing
        2. 20.6.2. The ASP.NET Trace Viewer
          1. 20.6.2.1. Accessing the ASP.NET Trace Viewer
          2. 20.6.2.2. Password Protecting the ASP.NET Trace Viewer
          3. 20.6.2.3. Extending Output Data
      7. 20.7. Troubleshooting Tips
        1. 20.7.1. Reproduce
        2. 20.7.2. Isolate
          1. 20.7.2.1. Reproduce Trick
          2. 20.7.2.2. Fail Trick
          3. 20.7.2.3. Only 1 Trick
          4. 20.7.2.4. Binary Halves Isolation Trick
          5. 20.7.2.5. All but 1 Trick
        3. 20.7.3. Fix
        4. 20.7.4. Test
      8. 20.8. Additional Built-in Tools
        1. 20.8.1. Task Manager
        2. 20.8.2. Event Viewer
          1. 20.8.2.1. Attach Task to This Event
          2. 20.8.2.2. Applications and Services Logs
          3. 20.8.2.3. Subscriptions
          4. 20.8.2.4. Custom Views
        3. 20.8.3. Reliability and Performance Monitor
          1. 20.8.3.1. Resource Overview
          2. 20.8.3.2. Performance Monitor
          3. 20.8.3.3. Reliability Monitor
          4. 20.8.3.4. Logging Historical Data to Disk
            1. 20.8.3.4.1. User Defined Data Collector Sets
            2. 20.8.3.4.2. System Data Collector Sets
            3. 20.8.3.4.3. Creating a Template from Real-Time Counters
            4. 20.8.3.4.4. Reports
            5. 20.8.3.4.5. Perfmon /Report
            6. 20.8.3.4.6. Alerts and Threshold Starts
            7. 20.8.3.4.7. Viewing Logged Data
          5. 20.8.3.5. Overlaying Multiple Servers
        4. 20.8.4. Logging NTFS Failures to Disk
        5. 20.8.5. Ping/Tracert/Pingpath
          1. 20.8.5.1. Ping
          2. 20.8.5.2. Tracert
          3. 20.8.5.3. PathPing
        6. 20.8.6. Telnet
      9. 20.9. Installable Tools
        1. 20.9.1. IIS 6.0 Resource Kit Tools
          1. 20.9.1.1. IISState
          2. 20.9.1.2. WFetch
          3. 20.9.1.3. Web Capacity Analysis Tool (WCAT)
          4. 20.9.1.4. Log Parser
        2. 20.9.2. DelegConfig
        3. 20.9.3. Process Explorer
        4. 20.9.4. IIS Diagnostics Toolkit
          1. 20.9.4.1. SSLDiag
          2. 20.9.4.2. DebugDiag
          3. 20.9.4.3. TraceDiag
        5. 20.9.5. ELMAH
        6. 20.9.6. Where to Go Next
      10. 20.10. Summary
    4. A. Module Reference
      1. A.1. Utility Modules
      2. A.2. Managed Engine: ASP.NET Integration
      3. A.3. IIS 7.0 Native Modules
      4. A.4. Managed Modules
    5. B. IIS Status Codes
      1. B.1. HTTP
        1. B.1.1. 1xx—Informational
        2. B.1.2. 2xx—Success
        3. B.1.3. 3xx—Redirection
        4. B.1.4. 4xx—Client Error
        5. B.1.5. 5xx—Server Error
      2. B.2. FTP
        1. B.2.1. 1xx—Positive Preliminary Reply
        2. B.2.2. 2xx—Positive Completion Reply
        3. B.2.3. 3xx—Positive Intermediate Reply
        4. B.2.4. 4xx—Transient Negative Completion Reply
        5. B.2.5. 5xx—Permanent Negative Completion Reply
    6. C. WCF Primer
      1. C.1. Service-Oriented Applications
      2. C.2. WCF and ASP.NET Web Services
      3. C.3. WAS and WCF
      4. C.4. Configuring a WCF Application
    7. D. Resources
      1. D.1. IIS Product Group Resources
      2. D.2. IIS Public Newsgroups
      3. D.3. Standards Documents
      4. D.4. Blogs
      5. D.5. Microsoft Documentation
      6. D.6. Third-Party Products and Tools
      7. D.7. Security Documentation