Evjen c11.tex V1 - 01/28/2008 2:21pm Page 567 Chapter 11: IIS7 Figure 11-3 Command-Line Setup Options Windows Vista and Windows Server 2008 come with a new command line tool named pkgmgr.exe that you can use to custom install IIS7. The following table describes the available options on this command-line tool: Option Description /iu:update1; update2 Run the tool with this option to install the specified updates. Notice that the update list contains a semi-colon separated list of the update names discussed in the previous sections. /uu:update1; update2 Run the tool with this option to uninstall the specified updates. Notice that the update list contains a semi-colon separated list of update names discussed in the previous sections. /n:unattend.xml Run the tool with this option to install or uninstall the updates specified in the specified unattend.xml file. You’ll learn about this file in the following section. 567 Evjen c11.tex V1 - 01/28/2008 2:21pm Page 568 Chapter 11: IIS7 When you use the pkgmgr.exe command-line tool to install specified updates, you must also explicitly specify and install the updates that your specified updates depend on. For example, if you decide to install the IIS-CommonHttpFeatures update, you must also install its parent update, that is, IIS-WebServer. To install the IIS-WebServer update you must also install its parent update, IIS-WebServerRole, and the update that it depends on, WAS-ProcessModel (see the Update Dependencies table). To install the WAS-ProcessModel update you must also install its parent update, WAS-WindowsActivationService update: start /w pkgmgr.exe /iu:IIS-WebServerRole;WAS-WindowsActivationService; WAS-ProcessModel; IIS-WebServer;IIS-CommonHttpFeatures Notice that if you don’t specify the start /w option, the command-line tool will return immediately and process everything in the background, which means that you won’t be able to see when the setup is completed. Unattended Setup Option As mentioned earlier, the pkgmgr.exe command line tool comes with the /n:unattend.xml option. unattend.xml is the XML file that contains the updates to be installed or uninstalled. This XML file provides you with two benefits. First, you don’t have to directly enter the names of the updates on the command line. Second, you can store this file somewhere for reuse in other Web server machines. This XML file must have the same schema as the XML file shown in Listing 11-1. This listing installs the IIS-CommandHttpFeatures update and the updates that it depends on as discussed in the previous section. Listing 11-1: The unattend.xml file <?xml version="1.0" ?> <unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"> <servicing> <! Install a selectable update in a package that is in the Windows Foundation namespace > <package action="configure"> <assemblyIdentity name="Microsoft-Windows-Foundation-Package" version="6.0.5308.6" language="neutral" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" versionScope="nonSxS" /> <selection name="IIS-WebServerRole" state="true"/> <selection name="WAS-WindowsActivationService" state="true"/> <selection name="WAS-ProcessModel" state="true"/> <selection name="IIS-WebServer" state="true"/> <selection name="IIS-CommonHttpFeatures" state="true"/> </package> </servicing> </unattend> Notice that the < servicing > element contains one or more < package > elements that contain < selection > child elements, and each child element specifies a particular update. The < selection > child element features two attributes named name and state .The name attribute contains the update name to be installed or uninstalled. Set the state attribute to true to install or false to uninstall the specified update. 568 Evjen c11.tex V1 - 01/28/2008 2:21pm Page 569 Chapter 11: IIS7 Upgrade If you’re upgrading from the Windows XP to Windows Vista, or from Windows Server 2003 to Windows Server 2008, and if your old operating system has IIS installed, Windows Vista or Windows Server 2008 setup automatically scans through the capabilities of the installed IIS and ensures that the new install of IIS7 supports those features and capabilities. Unfortunately, due to the monolithic architecture of IIS 5.1 and IIS 6.0, this installation ends up installing almost all of the feature modules of IIS7. I highly recom- mend that after the upgrade you use one of the previously discussed installation options to uninstall the updates that you do not need to decrease the attack surface and footprint of your Web server. Internet Information Services (IIS) Manager In this section I’ll walk you through different features of the IIS Manager. There are two ways to launch the IIS Manager: GUI-based and command line. If you feel more comfortable with a GUI-based approach, follow these steps to launch the IIS7 Manager: 1. Launch the Control Panel 2. Click System and Maintenance 3. Click Administrative Tools 4. Click the Internet Information Services (IIS) Manager If you feel more comfortable with command line tools, use the following command line to launch the IIS Manager: %windir% \ system32 \ inetsrv \ inetmgr.exe You can also just type IIS into the new Start menu. Make sure to run the IIS7 Manager and not the legacy IIS6 Manager. Note you’ll need administration privileges to launch the IIS Manager. If you don’t login with the built-in Administrator account, when you try to launch the IIS Manager, Windows launches a dialog. The content of this dialog depends on whether your account has administration privileges. If it does, the dialog simply asks you to confirm the requested action. If it doesn’t, the dialog asks for the administrative credentials. As Figure 11-4 shows, the IIS Manager consists of three panes. The first pane, which is known as the Connections pane, contains a node that represents the Web server. This node has two child nodes: ❑ Application Pools ❑ Sites. The label of this node is ‘‘Sites’’ on Windows Server 2008 and ‘‘Web Sites’’ on Windows Vista. The second pane, which is known as workplace pane, consists of these two tabs: ❑ Features View: If you select a node in the Connections pane, the Features View tab will allow you to edit the features associated with the selected node. ❑ Content View: If you select a node in the Connections pane, the Content View tab will display all the child nodes of the selected node. 569 Evjen c11.tex V1 - 01/28/2008 2:21pm Page 570 Chapter 11: IIS7 The third pane, which is known as Actions pane, contains a bunch of links where each link performs a particular task on the node selected in the first or second pane. Figure 11-4 Application Pools Now click the Application Pools node in the Connections pane to display the available application pools as shown in Figure 11-5. Notice that the Actions pane contains an Add Application Pool link. Click this link to launch the dialog shown in Figure 11-6. This dialog allows you to add a new application pool and to specify its name. It also allows you to specify the .NET version that will be loaded into the application pool. Remember, all ASP.NET applications in the same application pool must use the same .NET version because. NET runtimes of differing versions cannot be loaded into the same worker process. The Managed pipeline mode drop-down list on this dialog contains two options, Integrated and Classic, as shown in Figure 11-6. This specifies whether the IIS should run in Integrated or Classic mode for this application pool. All applications in the same application pool use the same IIS mode. 570 Evjen c11.tex V1 - 01/28/2008 2:21pm Page 571 Chapter 11: IIS7 Figure 11-5 Figure 11-6 571 Evjen c11.tex V1 - 01/28/2008 2:21pm Page 572 Chapter 11: IIS7 After making your selection click OK to commit the changes. Now open the applicationHost.config file in %windir% \ system32 \ inetsrv \ config . You’ll need to be an administrator in order to see this file, and you might find it easiest to look for it from an Administrative Command Prompt. You should see the highlighted section shown in Listing 11-2. Listing 11-2: The applicationHost.config file <system.applicationHost> <applicationPools> <add name="MyApplicationPool" /> </applicationPools> </system.applicationHost> Click the newly created MyApplicationPool node in the middle pane. You should see new links on the Actions pane, which allow you to edit the properties of the application pool as shown in Figure 11-7. Figure 11-7 Click the Advanced Settings link to launch the Advanced Settings dialog shown in Figure 11-8. Notice that all settings of the newly created application pool have default values. However, as Listing 11-2 shows, none of these values show up in the applicationHost.config file. Where are these values stored? As you’ll see later, the new IIS7 configuration system maintains the schema of the application- Host.config file in two files named ASPNET_schema.xml and IIS_schema.xml . These schema files also 572 Evjen c11.tex V1 - 01/28/2008 2:21pm Page 573 Chapter 11: IIS7 specify and store the default values for configuration sections, including the < applicationPools > section. Storing the default configuration settings in one location as opposed to adding them to every single < add > element that represents an application pool keeps the configuration files small and more readable. If you’re running a 64-bit OS, make note of the Enable 32-bit Applications option in Advanced Settings. By default, ASP.NET applications will run as 64-bit on 64-bit OSes unless you switch them to 32-bit explicitly. Ninety-nine percent of managed applications will run fine as 64-bit, but if your application is calling i nto unmanaged code like COM objects or DLLs via P/Invoke, you might need to explicitly set aside an application pool for your 32-bit application. Figure 11-8 573 Evjen c11.tex V1 - 01/28/2008 2:21pm Page 574 Chapter 11: IIS7 Now go to the General section of the Advanced Settings dialog, change the value of the Start Automatically to false (its default of true is shown in Figure 11-8), and click OK. Now if you open the applicationHost.config file, you should see the highlighted portion shown in the following code snippet: <system.applicationHost> <applicationPools> <add name="MyApplicationPool" autoStart="false" /> </applicationPools> </system.applicationHost> In other words, the applicationHost.config file records only the values that are different from the default. Notice that the properties shown in Figure 11-8 map to the XML elements and attributes of the < applicationPools > section. When you click the OK button, the callback for this button performs the necessary XML manipulations under the hood to store the changes in the applicationHost.config XML file. Figure 11-9 574 Evjen c11.tex V1 - 01/28/2008 2:21pm Page 575 Chapter 11: IIS7 Web Sites Now click the Sites node in the Connections pane of the IIS Manager. In the Actions pane, you should see a link titled Add Web Site, as shown in Figure 11-9. Click the link to launch the dialog shown in Figure 11-10. Figure 11-10 This dialog allows you to add a new Web site. Recall that a Web site is a collection of Web applications. Notice that the properties shown in this dialog map to the XML elements and attributes of the < site > element. Next, take these steps: 1. Enter a name in the Web site name text field for the new Web site, for example, MySite. 2. Use the Select button to choose the desired application pool. 3. Choose a physical path. 4. Specify a binding including a binding type, an IP address, and a port number. 5. Click the OK button to commit the changes. 575 Evjen c11.tex V1 - 01/28/2008 2:21pm Page 576 Chapter 11: IIS7 Now open the applicationHost.config file again. You should see the highlighted portion shown in Listing 11-3. Listing 11-3: The applicationHost.config file <configuration> <system.applicationHost> <sites> <site name="MySite" id="1727416169"> <application path="/"> <virtualDirectory path="/" physicalPath="C: \ inetpub \ wwwroot \ foo" /> </application> <bindings> <binding protocol="http" bindingInformation="192.168.1.12:80:" /> </bindings> </site> </sites> </system.applicationHost> </configuration> As Listing 11-3 shows, the dialog shown in Figure 11-10 sets the XML elements and attributes of the < site > element that represents the new site. Notice that the dialog automatically created an application with a virtual directory. Every site must have at least one application with the virtual path ‘‘ / ’’ known as the root application that has at least one virtual directory with the virtual path ‘‘ / ’’ known as the root virtual directory. This dialog automatically takes care of that requirement behind the scenes. Figure 11-11 576 . application pool. 3. Choose a physical path. 4. Specify a binding including a binding type, an IP address, and a port number. 5. Click the OK button to commit the changes. 57 5 Evjen c11.tex V1. physicalPath="C: inetpub wwwroot foo" /> </application> <bindings> <binding protocol="http" bindingInformation="192.168.1.12:80:" /> </bindings> </site> </sites> </system.applicationHost> </configuration> As. the applicationHost.config file in %windir% system32 inetsrv config . You’ll need to be an administrator in order to see this file, and you might find it easiest to look for it from an Administrative Command Prompt.