Health and DiagnosticsHighly invaluable in aiding debugging and resolving issues with IIS 7.0, the Health and Diagnostics feature allows administrators and developers to monitor and mana
Trang 1Health and Diagnostics
Highly invaluable in aiding debugging and resolving issues with IIS 7.0, the Health and Diagnostics feature allows administrators and developers to monitor and manage server, site, and applications Many administrators might not want to load this module on production systems due to performance considerations Instead, these features may be installed on test servers, therefore not affecting user access and performance Table 13.5 lists the modules for Health and Diagnostics and a description
of each
Performance Features
Performance features provide for output caching by integrating dynamic output-caching capabilities
of ASP.NET with the static output-caching capabilities that were present in IIS 6.0 Administrators can more effectively and effi ciently use networking bandwidth by using compression mechanisms such as Gzip and Defl ate Table 13.6 lists the Performance modules and their descriptions
Table 13.4 Continued
Module Description
DirectoryListingModule Allows clients to see the contents
of a directory on a Web server CustomErrorModule Installs HTTP error fi les; allows you
to customize the error messages returned to clients
HttpRedirect Provides support to redirect client
requests to a specifi c destination
Table 13.5 Health and Diagnostics Modules
Module Description
HttpLoggingModule Enables logging of Web site
activity for a particular server CustomLoggingModule Enables support for custom logging for
Web servers, sites, and applications RequestMointorModule Monitors server, site, and application health
HTTPTracingModule Enables tracing for ASP.NET applications
and failed requests ODBCLogging Enables support for logging to
an ODBC-compliant database LoggingLibraries Installs IIS 7.0 logging tools and scripts
Trang 2Table 13.6 Performance Modules
Module Description
HTTPStaticCompression Compresses static content before
returning it to a client HTTPDynamicCompression Compresses dynamic content before
returning it to a client
Security
Probably the most important of all feature sets, the Security feature requires administrators to install the right modules to be assured that security in their Web servers is effective and not compromised
The Security feature set secures the Web server from both users and requests Here is where the
authentication mechanisms such as Windows Authentication, Basic Authentication, and others for IIS 7.0 are supported The ability to fi lter any incoming requests and reject them without ever processing them is supported Table 13.7 lists the modules available under the Security feature set and their
descriptions
Table 13.7 Security Modules
Module Description
BasicAuthModule Requires a valid Windows username
and password for connection DigestAuthModule Authenticates clients by sending a
password hash to a Windows domain controller WindowsAuthModule Authenticates users by using NTLM or Kerberos
Certifi cateAuthModule Authenticates client certifi cates with
Active Directory accounts AnonymousAuthModule Performs Anonymous authentication
when no other method succeeds IPSecurityModule Allows or denies content access based
on IP address or domain name UrlAuthorizationModule Authorizes client access to the URLs
that comprise a Web application RequestFilteringModule Confi gures rules to block selected client requests
IISCertifi cateMapping- Performs Certifi cate Mapping authentication
AuthenticationModule using IIS certifi cate confi guration
Trang 3IIS 7.0 is modular in design, allowing administrators to take more control over the features they require This allows them to decrease the memory footprint that IIS 7.0 uses, improving security and performance while also minimizing the amount of patching required Administrators can install IIS 7.0 using various methods In Windows Vista they can use the user interface via Programs and Features Longhorn Server’s Server Manager serves the same purpose through Role Services Both Windows Vista and Longhorn Server support the use of pkgmgr.exe, a command-line tool used for installing IIS 7.0 and its various features Administrators looking to conduct mass IIS rollouts and deployments will want to take advantage of unattended installations This method also uses pkgmgr exe but streamlines the installation by using an unattended XML fi le
It is important that administrators understand in detail the feature sets available in
IIS 7.0, their modules, and any dependencies they require Not doing so puts their installations at risk and can cause instability and a lack of functionality at the server IIS 7.0 empowers administrators
to make it what they want, but it also gives them a great deal of responsibility as well
Solutions Fast Track
Installation Types Available in IIS 7.0
˛ In Windows Vista, IIS 7.0 can be installed using Programs and Features in Control Panel
˛ Server Manager in Longhorn Server allows IIS 7.0 to be installed via its user interface
˛ Pkgmgr.exe is a command-line tool that can be used for installing IIS 7.0 and can save time over using the user interface when kicked off from a script
˛ Administrators deploying numerous servers should use unattended installations that
employ an unattended XML fi le and pkgmgr.exe
Installation Features
˛ FTP Publishing Service is the same as it was in IIS 6.0 in that it looks for the existence
of the metabase
˛ Web Management Tools installs the new IIS Manager, WMI support, remote
management, and IIS 6.0 Management Compatibility
˛ World Wide Web Services provides support for Web sites using HTML, ASP.NET, ASP, and other extensions It is made up of fi ve sections
Trang 4IIS 7.0 Modules
˛ Modules perform specifi c functions; they can stand alone or be part of a feature set
˛ Modules allow the footprint of IIS 7.0 to be small while providing the required
functionality
˛ Administrators must understand each module in IIS 7.0’s setup, along with its
dependencies, before using pkgmgr.exe and unattended installations
Trang 5Frequently Asked Questions
Q: What is the best method of installation for IIS 7.0?
A: Depending on your situation, any one of the methods mentioned in this chapter could be the best For large installations it is recommended that you use the unattended installation method If you are installing one of two Web servers, it might be better to go through the user interface, such as Server Manager for Longhorn Server or Programs and Features for Windows Vista
Q: Why should I learn each and every feature set, their modules, and their dependencies?
A: Administrators using pkgmgr.exe with or without an unattended XML fi le should know these components in great detail Not knowing them puts at risk the stability of their servers and their performance
Q: Why don’t I simply install all the features? That way I won’t miss anything
A: You can do that, but you are putting at risk your IIS 7.0 installation by increasing the footprint
in memory, possibly making it more vulnerable to attack You are also degrading performance by loading unneeded modules and increasing the amount and frequency of patching
Q: I thought the metabase was gone Why does the FTP Publishing Service look for it?
A: The metabase is no longer the central repository for confi guration in IIS FTP Publishing is the same as it was in IIS 6.0, and in IIS 7.0 it believes that the metabase exists IIS 7.0 actually translates the calls to the “old” metabase to the ApplicationHost.confi g fi le; therefore, the
metabase doesn’t actually exist—legacy applications and features only think it does
Q: After I enabled IIS 6 Management Compatibility, I got the IIS 6 Management Console Now I have two—one for IIS 7.0 and one for IIS 6.0 Why is that?
A: IIS 6.0 servers and their features must still be managed by the old IIS 6 Management Console, whereas IIS 7.0 servers can only be managed by the IIS 7 Management Console