Corso IIS

copyright Proge-Software 2011 all rights reserved
Building Value
Proge-Software Srl
www.progesoftware.it
info@progesoftware.it
Maggio 2012
BUILDING VALUE
Version 7 - 7.5
Internet Information Services
About This Course
Audience
Course Prerequisites
Course Objectives
Course Program
Day 1:
Introduction
Module 1: Introduction and IIS Architecture
Module 2: Installing IIS
Module 3: IIS Administration Overview
Module 4: Web Sites and Virtual Directories
Module 5: Web Applications and Application Pools

Module 6: IIS Security
Module 7: High Availability and Load Balancing
Module 8: Diagnostics and Troubleshooting
Course Evaluation
Day 2:
1 - Introduction and IIS Architecture

Introduction to IIS
History and Evolution of IIS
IIS Architecture
IIS components
Modularity and extensibility
Request Processing and Pipelines
Introduction to IIS
Web Server / Application Server

Full version native to Windows server systems
Reduced version available on Windows client systems
History and Evolution of IIS

O.S.
Type
Notes
1.0
Windows NT 3.51
Add-On
First release of IIS
2.0
Windows NT 4.0
Native
First version of IIS bundled with

Windows
3.0
Windows NT 4.0 SP3
Native
Introduced ASP scripting
4.0
Windows NT 4.0
Add-On
Available in Windows NT 4.0 Option

Pack
5.0
Windows 2000 Server
Native
Native ASP support

ASP.NET available as an add-on
6.0
Windows Server 2003
Native
Introduced Application Pools and

Worker Processes
Native ASP and ASP.NET support
7.0
Windows Server 2008
Native
Full IIS redesign

Modular Architecture
Command-line administration
7.5
Windows Server 2008 R2
Native
Current release
Version
IIS Architecture
Modular Design
Server Core
Completely modular Web

server
New native extensibility
No unnecessary overhead
Designed for remote
administration
model
Unified Pipeline
Same pipeline serves
content for all handlers
Configuration cache
.NET extensibility support
IIS Components
Web Server / Application Server
FTP Server / SMTP Server (no longer parts of IIS)
Management Tools
Web Sites
Virtual Directories
Web Applications
Application Pools
Modules
ISAPI Filters
Configuration Store (no more Metabase)
Modularity and Extensibility
Static Content
(default)
ASP.NET
Features
Static
Content
Default
Document
Directory
Browsing
HTTP Errors
ASP.NET
.NET
Extensibility
Classic ASP
ASP
Fast CGI for PHP
CGI
Full Install
All features
HTTP Logging
Logging Tools
Request
Monitor
Request
Filtering
Static Content
Compression
IIS
Management
Console
ISAPI
ISAPI
Extensions
ISAPI
Extensions
Workload

IIS 6.0 Request Processing
Web Request
Monolithic implementation
installs all or nothing
Authentication
Basic
Anon
CGI
Determin
e
Handler
Static
File
ASP.NET
ISAPI
PHP
Send Response
Log
Compress
Extend server functionality only

through ISAPI
NTLM

IIS 7.0 Request Processing
Web Request
NTLM
Authorization
ResolveCache
Determine Handler
UpdateCache
Send Response
Basic
Anon
CGI
Static
File
Modules plug into a generic

request pipeline
ISAPI
Compress
Log
Modules extend server

functionality through API
Authentication
Server functionality is split into

40 modules

Unified Pipeline
Basic
Authorization
Forms
Windows
ResolveCache
ASPX
ExecuteHandler
Static File
UpdateCache
SendResponse
Trace
Compress
Log
Authentication
Anon
2 - Installing IIS
Choosing the components to install
Installation methods
Graphical User Interface (Role Manager)
Command Line (pkgmgr.exe)
Unattended Setup
Lab
Choosing the components to install
Installation Methods
Role Manager
Unattended
Package Manager
Graphical User Interface (Role Manager)

Install IIS through the Graphical User Interface
After installing Windows Server 2008/R2:
22
In Add Roles Wizard, select Web Server (IIS)
22
Choose components to install
11 In Server Manager, navigate to Roles, and then Add Roles
Command Line (pkgmgr.exe)

Install IIS from the Command Line
11
Open a command shell with local administrator elevation
22
Type start /w pkgmgr.exe /iu:IIS-WebServerRole;

WAS-WindowsActivationService;WAS-ProcessModel;
WAS-NetFxEnvironment;WAS-ConfigurationAPI
33
Verify installation: check for errors, browse to local host
On existing installation of Windows Server 2008/R2:
Unattended Setup
Use pkgmgr.exe with unattend.xml file
11
Prepare unattend XML file

Modify lines: version & processorArchitecture
22
Open a cmd-box shell with local administrator elevation
33
Type start /w pkgmgr /n:unattend.xml
44 Verify installation: check for errors, browse to local host
To perform unattended installation of IIS:
Lab
Installing IIS
3 - IIS Administration Overview
How IIS configuration works

Configuration hierarchy
Configuration tools
3: How IIS configuration works

IIS Manager
WMI
Configuration
Interface
Configuration Reader
XML Configuration Files
Command Line
Configuration
Tools
unmanaged
API
Managed
API
Configuration hierarchy
machine.config
.NET Framework settings
root web.config
ASP.NET settings
Optional
Main IIS 7.0 settings
web.config
Sites
web.config
Applications
web.config
Virtual Directories
applicationHost.config
Configuration tools
Graphical User Interface (IIS Manager)
Command Line (appcmd.exe)
PowerShell
Remote Management
IIS 6 compatibility
4 - Web Sites and Virtual Directories

Site Bindings
The Default Web Site
Creating Web Sites
Virtual Directories
Creating Virtual Directories
Basic site and directory Settings
Lab
Site Bindings
Define a web site identity
If a web server hosts multiple sites, bindings are used to determine
which site will be used to answer a request
Binding parameters:
More specific bindings take precedence on less specific ones

If no binding matches a request, the request is denied
IP address
TCP port
Host headers
The Default Web Site

The Default Web Site is automatically created on IIS installation
The Default Web Site has no bindings:
The Default Web Site is used to answer all requests which dont
match any other web site on the server
Only one Default Web Site can exist on a server
The Default Web Site can be removed, renamed or reconfigured
Available on all server IP addresses

TCP port 80
No host headers
Creating Web Sites
Use the Add Web Site wizard under Sites
Name the Web Site
Set the content path and authentication methods
Choose the IP address/port
Set the host headers (Example: www.mysite.com)
To Create a Web Site via IIS Manager:
Virtual Directories
URL
Physical path
http://www.mysite1.com
D:\Sites\MySite1
http://www.mysite1.com/images
D:\Sites\MySite1\Images
http://www.mysite2.com
D:\Sites\MySite2
http://www.mysite2.com/images
D:\Sites\MySite2\Images
http://www.mysite1.com/shared
D:\Sites\Shared
http://www.mysite2.com/shared
D:\Sites\Shared
Virtual directories allow decoupling a sites logical structure from the

physical position of files and folders on the web server
A virtual directory is a path in the sites folder tree which is mapped
to a physical folder con disk
4: Creating Virtual Directories
Navigate to the Site that will contain the virtual directory
Click View Virtual Directories
Use the Add Virtual Directory wizard
Set the alias (Example: www.contoso.com/vdir)
Assign the content path and authentication
To Create a Virtual Directory via IIS Manager:
Basic site and directory Settings

Default Documents
Directory Browsing
Logging
Redirection
Lab
Creating Web Sites

Creating Virtual Directories
Configuring site and directory settings
5 - Web Applications and Application Pools

Web Applications Overview
Web Sites, Folders and Web Applications
Application Pools
Application Pool settings
Lab
Web Applications Overview
Compiled ASP.NET
ASP.NET scripts
Classic ASP scripts
PHP scripts
Executable files (CGI)
Web Applications use handlers to process dynamic content

Each Web Application is tied to an Application Pool
An Application Pool can contain multiple Web Applications
A Web Application is a web site or a virtual directory which contains

programs in addition to static content
Programs can be anything supported by the server:
Web Sites, Folders and Web Applications
A Web Application can be defined for the site root or for a specific
folder (physical or virtual)
Applications settings are inherited through the sites folder tree
Each folder in a site can have its custom application settings
Application Pools
Each Application Pool has

one:
W3WP.EXE
W3WP.EXE
W3WP.EXE
W3WP.EXE
Instance of W3WP.EXE
Process Identity
.NET
nnnnn
Process
ID:1234
Version of .NET
Application Pool settings

Identity
ASP.NET
Pipeline mode
Performance
Recycling
Lab
Creating Web Applications
Configuring Web Applications
Creating Application Pools
Configuring Application Pools
6 - IIS Security
Site identity and Application Pool identity
File System permissions
Authentication methods
Anonymous vs. Authenticated access
Certificates and HTTPS
IP and Domain Restrictions
Lab
Site identity and Application Pool identity

Site identity: used by the web server to access files on disk
Application Pool identity: used by the Web Applications running in
the Application Pool to access resources:
Files on web server
Files on remote servers
Databases
Default identity can be overriden by authenticated users

(impersonation)
File System permissions

Web Site identity needs access to static contents
Application Pool identity needs access to application files
Usually only read access is needed
Write access can be required in some scenarios
Authentication methods
Method
Features
Anonymous
Authentication
Allows any user to access any public content
ASP.NET
Impersonation
Authentication
Runs your ASP.NET application under a security
Basic
Authentication
Requires users to provide a valid user name and
Client Certificate
Mapping
Lets you automatically authenticate users who log
Digest
Authentication
Digest authentication uses a Windows domain
Forms
Authentication
Uses redirection to forward unauthenticated users
Windows
Authentication
Clients authenticate using the NTLM or Kerberos
without providing a user name and password
context different from the default security context

for ASP.NET application
on with client certificates
controller to authenticate users
to an form where they can enter credentials

protocols
password to access content
Anonymous vs. Authenticated access

Anonymous access:
Static content is accessed using the Web Site identity
Web Applications run in their default Application Pool identity
Authenticated access:
Static content is accessed using the users identity (impersonation)

Web Applications behavior depends on impersonation settings

Certificate Server provides security certificate to server
Certificate
Server
Web Server
Web Client
Import certificate
Configure SSL certificate and settings for a Web site
Web Site now supports HTTPS
To configure certificates:
Lab
Configuring Web Site identity
Configuring Application Pool identity
Configuring authentication methods
Configuring HTTPS
7 - High Availability and Load Balancing
Load Balancing
Design considerations
Session management
Load Balancing
Provides scalability, load balancing, and high availability
Requires access to the same data on all servers
Is software- or hardware-based
Load
Load Balancing:
Balancing:
is
is aa system
system where
where multiple
multiple servers
servers
share
share aa single
single IP
IP address
address and
and where
where
clients
clients access
access services
services through
through the
the
shared
shared IP
IP address
address
Design considerations
Stateful vs. Stateless
No data should be stored locally on the web server
Avoiding single points of failure
High availability for network access
High availability for back-end systems
What about user sessions?
Session management
Session management can get difficult when running on multiple loadbalanced web servers
Sessions should be able to failover between web servers without
forcing the user to start over
ASP.NET provides built-in support for storing session state in a SQL
Server database
Non- ASP.NET Web Applications need to be developed with proper
session management if they are to be deployed on multiple servers
8 - Diagnostics and Troubleshooting
Logging
Tracing
Debugging
8: Logging
IIS Logs
Windows Event Logs
In order to properly diagnose issues, you must know the standard

logs generated by successful requests and be able to identify the
failed ones
Tracing
How the Tracing Infrastructure Works
w3core
Any
pipeline
module
TRACE_EVENT
Read
trace config
Trace
config
Trace event
consumers
Consumer
Module
Trace
output
Trace event
sources
Tracing
To Add a Failed Request Tracing Rule:
Add Failed Request Tracing Rule Wizard
Choose Error Conditions
Choose Modules and Verbosity
Use specific error numbers and ranges (500, 404)
Choose relevant modules (ASP.NET, CGI and ISAPI)
Specify the minimal amount of data needed
To Configure a Failed Request Tracing Rule:
Debugging
Enabling detailed error messages
Local and Remote debugging
Enabling Visual Studio remote debugging
Debugging Web Applications
Course Evaluation

Corso IIS

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Corso IIS

Diunggah oleh

Hak Cipta:

Format Tersedia

copyright Proge-Software 2011 all rights reserved

Internet Information Services

About This Course

copyright Proge-Software 2011 all rights reserved

Module 5: Web Applications and Application Pools

copyright Proge-Software 2011 all rights reserved

1 - Introduction and IIS Architecture

copyright Proge-Software 2011 all rights reserved

Web Server / Application Server

History and Evolution of IIS

First release of IIS

First version of IIS bundled with

Windows NT 4.0 SP3

Introduced ASP scripting

Available in Windows NT 4.0 Option

Windows 2000 Server

Native ASP support

Windows Server 2003

Introduced Application Pools and

Windows Server 2008

Full IIS redesign

Windows Server 2008 R2

copyright Proge-Software 2011 all rights reserved

Completely modular Web

New native extensibility

Same pipeline serves

content for all handlers

copyright Proge-Software 2011 all rights reserved

.NET extensibility support

copyright Proge-Software 2011 all rights reserved

Modularity and Extensibility

Fast CGI for PHP

copyright Proge-Software 2011 all rights reserved

Request Processing and Pipelines

Extend server functionality only

copyright Proge-Software 2011 all rights reserved

Request Processing and Pipelines

Modules plug into a generic

Modules extend server

copyright Proge-Software 2011 all rights reserved

Server functionality is split into

Request Processing and Pipelines

copyright Proge-Software 2011 all rights reserved

copyright Proge-Software 2011 all rights reserved

Choosing the components to install

copyright Proge-Software 2011 all rights reserved

Graphical User Interface (Role Manager)

After installing Windows Server 2008/R2:

In Add Roles Wizard, select Web Server (IIS)

Choose components to install

copyright Proge-Software 2011 all rights reserved

11 In Server Manager, navigate to Roles, and then Add Roles

Command Line (pkgmgr.exe)

Open a command shell with local administrator elevation

Type start /w pkgmgr.exe /iu:IIS-WebServerRole;

Verify installation: check for errors, browse to local host

copyright Proge-Software 2011 all rights reserved

On existing installation of Windows Server 2008/R2:

Prepare unattend XML file

Open a cmd-box shell with local administrator elevation

Type start /w pkgmgr /n:unattend.xml

44 Verify installation: check for errors, browse to local host

copyright Proge-Software 2011 all rights reserved

To perform unattended installation of IIS: