+ All Categories
Home > Documents > IIS6 Lab Guide

IIS6 Lab Guide

Date post: 09-Apr-2018
Category:
Upload: -
View: 220 times
Download: 0 times
Share this document with a friend

of 18

Transcript
  • 8/8/2019 IIS6 Lab Guide

    1/18

  • 8/8/2019 IIS6 Lab Guide

    2/18

    2 Table of Contents

    Table of Contents

    Internet Informat ion Services 6.0.............................................................................................................. 3Exercise 1 Installation and Lockdown of IIS 6.0 ................................................................................................4

    Exercise 2 Application Pools, Worker Processes and Web Gardens ..................................................................9

    Exercise 3 XML MetaBase ...............................................................................................................................15

  • 8/8/2019 IIS6 Lab Guide

    3/18

    Internet Information Services 6.0 3

    Internet Information Services 6.0

    Objectives After completing this lab, you will be able to:

    Install IIS and create a simple Active Server Page file. Use of Application Pools, Worker Processes and Web Gardens in IIS 6.0. Back up and edit the IIS 6.0 metabase files, while IIS 6.0 is running.

    Windows

    Server

    2003 Active Directory

    has improvements in such areas as

    performance, management and security. Over the course of the next hour, wewill step through some of the improvements available through Internet

    Information Services 6.0, which provides significantly improved security. Toreduce the attack surface of systems, IIS 6.0 is not installed by default onWindows Server 2003 administrators must explicitly select and install it. IIS

    6.0 ships in a locked-down state, serving only static content. Using the Webservice extension node, Web site administrators can enable or disable IIS

    functionality based on the individual needs of the organization.

    Scenario

    The IIS 6.0 fault-tolerant process architecture isolates Web sites andapplications into self-contained units called application pools. IIS 6.0 worker

    process isolation mode also enables multiple worker processes to be configuredto service requests for a given application pool, a configuration known as a

    Web garden.

    IIS 6.0 features many new management tools designed to reduce the amount oftime it takes to manage your Web server infrastructure. These features include a

    plain text XML configuration file that can be modified without having to stopthe server.

    Estimated tim e tocomplete this lab: 50minutes

  • 8/8/2019 IIS6 Lab Guide

    4/18

    4 Internet Information Services 6.0

    Computers used in this Lab:

    Paris

    Madrid

    Exercise 1Installation and Lockdown of IIS 6.0

    ScenarioIn this exercise, you will install IIS 6.0 and examine the default configuration. The Remote DesktopWeb Connection is used as a sample Web site. Additionally, we will create a simple Active ServerPage (ASP) file.

    Complete this Exercise using:

    Paris

    Madrid

    Tasks Detailed steps

    Complete the following 4 tasks

    on:

    Paris

    1. First, we will use Manage

    Your Server to examine the

    current server roles.

    a. Click the Paris link in the My Machines browser.

    b. Click in the virtual machine window.

    c. Press Right-ALT + DEL.

    d. Log on as CONTOSO/Administrator with a password ofpassword.

    e. ClickStart | Manage Your Server.

    Note: The Manage Your Server window shows that Paris currently has two

    roles: Domain Controller (Active Directory) and DNS Server.

    f. In the Manage Your Server window, clickAdd or remove a role.Info: The Configure Your Server wizard starts. This wizard is also

    available from the Administrative Tools menu.

    g. On the Preliminary Steps screen, clickNext.

    h. On the Server Role screen, in the Server Role list box, selectApplication server (IIS, ASP.NET).

    Info: When IIS is installed on Windows Server 2003, the server is said to

    have the Application server role. By default, IIS is NOT installed on

    Windows Server 2003.

    i. On the Server Role screen, clickCancel to close the Configure Your

  • 8/8/2019 IIS6 Lab Guide

    5/18

    Internet Information Services 6.0 5

    Server wizard.

    Info: In order to see and install custom configurations of components for

    IIS 6.0, you must use Add or Remove Programs from the Control Panel.

    j. Close Manage Your Server.

    2. Now we will perform a

    manual install ofIIS 6.0 sothat we can take a closer

    look at its components. We

    will also install another Web

    site to use as an example

    during these exercises.

    a. ClickStart | Control Panel and clickAdd or Remove Programs.

    b. In Add or Remove Programs, clickAdd/Remove WindowsComponents.

    c. On the Windows Components screen, select Application Server (doNOT select the check box) and clickDetails.

    d. In the Application Server dialog box, select the Internet InformationServices (IIS) subcomponent (do NOT select the check box) and clickDetails.

    e. In the Internet Information Services (IIS) dialog box, select WorldWide Web Service (do NOT select the check box) and clickDetails.

    f. In the World Wide Web Service dialog box, click to select the WorldWide Web Service and the Remote Desktop Web Connection check

    boxes and clickOK.

    Note: The Remote Desktop Web Connection is used as a sample Website inthis exercise.

    g. In the Internet Information Services (IIS) dialog box, ensure that thefollowing subcomponents are enabled:

    Common Files

    Internet Information Services Manager

    World Wide Web Service (partly enabled)

    h. ClickOK.

    i. In the Application Server dialog box, ensure that the followingsubcomponents are enabled:

    Enable network COM+ access

    Internet Information Services (IIS) (partly enabled)

    j. ClickOK.k. On the Windows Components screen, clickNext.

    Note: Please wait a few minutes while Setup installs and configures the

    selected components.

    l. On the Completing the Windows Components Wizard screen, clickFinish.

    m. Close Add or Remove Programs.

    3. We must use the new IIS

    Manager to examine or

    modify the default IIS 6.0

    configuration.

    a. ClickStart | Administrative Tools and clickInternet InformationServices (IIS) Manager.

    b. In Internet Information Services (IIS) Manager, ensure that Paris(local computer) is expanded and, in the left pane, select Web Service

    Extensions.

    Info: By default, IIS is not installed on Windows Server 2003. And after it

    is installed, only static Web content will be available. All other

    functionality, such as Active Server Pages and WebDAV, has to be enabled

    explicitly before it can be used.

    c. In the left pane, right-clickWeb Sites and clickProperties.

    d. In the Web Sites Properties dialog box, clickService.

    Note: IIS 6.0 has two distinct modes of operation, called isolation modes.

    The default for new installations of IIS 6.0 is worker process isolation

    mode. For compatibility reasons, upgrades from earlier version of IIS

    default to IIS 5.0 isolation mode.Worker process isolation mode (and

  • 8/8/2019 IIS6 Lab Guide

    6/18

    6 Internet Information Services 6.0

    application pools) is examined in more detail in a later exercise.

    e. ClickCancel to close the Web Sites Properties dialog box.

    4. In IIS Manager, we

    examine the virtual

    directory name for the

    Remote Desktop Web

    Connection Web page.

    a. In Internet Information Services (IIS) Manager, expand Web Sites,expand Default Web Site and select tsweb.

    Note: The virtual directory name for the Remote Desktop Web Connection

    Web page is tsweb.

    Complete the following task

    on:

    Madrid5. Now we will connect to and

    open the Remote Desktop

    Web Connection Web

    page.

    a. Click the Madrid link in the My Machines browser.

    b. Click in the virtual machine window.

    c. Press Right-ALT + DEL.

    d. Log on as CONTOSO\Administrator with a password ofpassword.

    e. Click the Internet Explorer icon in the Quick Launch menu.

    f. The Internet Explorerenhanced Security Configuration is Enabledscreen appears.

    g. In Internet Explorer, type http://paris/tsweb in the Address field andpress Enter.

    Note: Paris has already been entered as a trusted site. You will see theRemote Desktop Web Connection screen.

    Complete the following 3 tasks

    on:

    Paris

    6. With the task manager, we

    can see exactly what IIS is

    using to host the Web page

    viewed on the remote

    machine, including the

    account name for the worker

    process w3wp.exe.

    a. Click the Paris link in the My Machines browser.

    b. On the Paris computer, right-click the current time in the System Trayand clickTask Manager.

    c. In the Windows Task Manager dialog box, clickProcesses.

    d. Click to select the Show processes from all users check box.

    e. In the Image Name column, select the w3wp.exe process.

    Info: In worker process isolation mode, the IIS process that handles the

    Web requests (in this case for the Remote Desktop Web Connection Web

    page) is called w3wp.exe. In the default configuration, it runs as a low

    privileged account, named NETWORK SERVICE. This is a built-in account

    that has fewer privileges than the Local Systemaccount, the default

    account used in IIS 5.0 isolation mode.

    f. Close Task Manager.

    7. Now we will create a new

    Web site to demonstrate the

    default settings for a new

    IIS 6.0 installation.

    a. In Internet Information Services (IIS) Manager, right-clickDefaultWeb Site, point to New and clickVirtual Directory.

    b. On the Welcome to the Virtual Directory Creation Wizard screen,clickNext.

    c. On the Virtual Directory Alias screen, in the Alias text box, typesampleweb and clickNext.

    d. On the Web Site Content Directory screen, clickBrowse.

    e. In the Browse For Folder dialog box, expand Local Disk (C:), select

    Inetpub and clickMake New Folder.f. In the New Folder text box, type sample and press Enter.

    g. ClickOK to close the Browse For Folder dialog box.

    h. On the Web Site Content Directory screen, clickNext.

    i. On the Virtual Directory Access Permissions screen, ensure thatRead and Run scripts (such as ASP) are enabled and clickNext.

    j. On the You have successfully completed the Virtual DirectoryCreation Wizard screen, clickFinish.

    8. Now we will create a simple

    HTML page that will give

    a. In Internet Information Services (IIS) Manager, right-click

  • 8/8/2019 IIS6 Lab Guide

    7/18

    Internet Information Services 6.0 7

    us a title and show the

    Application Pool servicing

    the Web site.

    sampleweb and clickOpen.

    The C:\Inetpub\sample folder opens in Windows Explorer.

    b. In the C:\Inetpub\sample folder, right-click the empty space, point toNew and clickText Document.

    c. In the New Text Document.txt text box, type Pool.htm and pressEnter.

    d. ClickYes to confirm that you want to change the file name extension.

    e. Right-clickPool.htm and clickEdit.

    Note: Pool.htm is opened in Notepad.

    f. In Notepad, type the following three lines:Sample Web page

    The application pool is:

    Note: The text between the characters is Active Server Pages

    (ASP) code to display the current application pool name.

    g. ClickFile | Save.

    h. Close Notepad.

    Complete the following task

    on:

    Madrid9. Now we will view the Web

    page we just created.

    a. Click the Madrid link in the My Machines browser.

    b. In Internet Explorer, type http://paris/sampleweb/pool.htm in theAddress field and press Enter.

    Note: The sample web page Pool.htm is displayed. Notice that the result of

    the ASP code () in the file is not displayed, because the file does

    not have the .asp extension.

    Complete the following task

    on:

    Paris

    10. Lets make the HTML page

    into an ASP page so that wecan view the Application

    Pool ID.

    a. Click the Paris link in the My Machines browser.

    b. On the Paris computer, in the C:\Inetpub\sample folder, right-click

    Pool.htm, and clickRename.

    c. Type Pool.asp and press Enter.

    d. ClickYes to confirm that you want to change the file name extension.Info: The file name extension is changed from .htm (HTML Document) to

    .asp (ASP File).

    e. Close the C:\Inetpub\sample folder.

    f. In the Internet Information Services (IIS) Manager console, right-

    clicksampleweb and clickExplore.

    Note: Pool.asp is displayed in the right pane.

    Complete the following task

    on:

    Madrid

    11. Now we navigate to the newWeb page.

    a. Click the Madrid link in the My Machines browser.

    b. In Internet Explorer, type http://paris/sampleweb/pool.asp in the

    Address field and press Enter.

    Note: Internet Explorer reports that the page cannot be found. The

    Pool.asp file is present on the Paris, but by default IIS 6.0 has disabled

    access to Active Server Pages (.asp) files.

    Complete the following task

    on:

    Paris

    12. Because ASP is disabled by

    default in IIS 6.0

    installations, we need to

    a. Click the Paris link in the My Machines browser.

    b. In Internet Information Services (IIS) Manager, select Web

    Service Extensions in the left pane.

    c. In the right pane, select Active Server Pages and clickAllow.

    Note: The Active Server Pages status changes from Prohibited to Allowed.

  • 8/8/2019 IIS6 Lab Guide

    8/18

    8 Internet Information Services 6.0

    enable it to view the page.

    Complete the following task

    on:

    Madrid13. We can now view the page.

    a. Click the Madrid link in the My Machines browser.

    b. In Internet Explorer, clickRefresh.

    Note: The content of the Pool.asp file is displayed correctly. The result of

    the ASP code () appears as DefaultAppPool. That is the name of

    the default application pool.c. Close Internet Explorer.

  • 8/8/2019 IIS6 Lab Guide

    9/18

    Internet Information Services 6.0 9

    Exercise 2Application Pools, Worker Processes and Web Gardens

    ScenarioIn this exercise, you will examine the use of Application Pools, Worker Processes and WebGardens in IIS 6.0.

    Application pools are used to isolate Web applications. One or more worker processes handle

    requests for those applications. The number of worker processes, their identity and other workerprocess parameters related to health monitoring, are configured per application pool.

    Complete this Exercise using:

    Paris

    Madrid

    Tasks Detailed steps

    Complete the following 3 tasks

    on:

    Paris

    1. To begin, we will look at

    two diagrams explaining the

    differences between worker

    process isolation mode and

    IIS 5.0 isolation mode in

    IIS 6.0.

    a. Click the Paris link in the My Machines browser.

    b. In Information Services (IIS) Manager, right-clickWeb Sites in theleft pane and clickProperties.

    c. In the Web Sites Properties dialog box, clickService.

    d. In the Web Sites Properties dialog box, clickHelp.

    e. In the Internet Information Services (IIS) 6.0 help window, scroll tothe Related Topics section at the end of the text and clickIsolationModes.

    The Internet Information Services 6.0 Administrator Guide opens on the IIS

    Isolation Modes page.

    f. Close the small Internet Information Services (IIS) 6.0 help windowthat stayed on top.

    g. In the Internet Information Services 6.0 Administrator Guide, clickin the right pane, and scroll down the IIS 5.0 Isolation Modes text to

    see the two diagrams that show the fundamentally different architecture

    between worker process isolation mode and IIS 5.0 isolation mode.

    Info: In both modes, for performance reasons, the HTTP listener (http.sys)

    runs in kernel mode. It stores responses in a kernel-mode cache. In workerprocess isolation mode, IIS 6.0 runs multiple Web applications in isolated

    environments, called application pools. Worker processes (w3wp.exe)

    assigned to the application pool handle the Web requests for each

    application. In a separate process (svchost.exe), the WWW Service only

    manages and monitors all the worker processes. In IIS 5.0 isolation mode,

    the HTTP listener sends Web requests to the WWW Service, which are then

    handled in-process (inetinfo.exe) or out-of-process (dllhost.exe).

    h. Close the Internet Information Services 6.0 Administrator Guide.

    Info: You can open the IIS 6.0 Administrator Guide on any Windows

  • 8/8/2019 IIS6 Lab Guide

    10/18

    10 Internet Information Services 6.0

    Server 2003 computer, by typing hh iismmc.chm in the Run dialog box.

    i. ClickCancel to close the Web Sites Properties dialog box.

    2. We can easily create a new

    application pool named

    Sample Pool to use with our

    Web application.

    a. In Internet Information Services (IIS) Manager, expandApplication Pools.

    b. Right-clickApplication Pools, point to New and clickApplicationPool.

    c. In the Add New Application Pool dialog box, type Sample Pool in theApplication pool ID text box and clickOK.

    3. Now that we have a new

    application pool for

    servicing Web applications,

    we will move the

    sampleweb application to

    this new application pool.

    a. Under Default Web Site, clicksampleweb, right-clicksampleweband clickProperties.

    b. In the sampleweb Properties dialog box, clickVirtual Directory,select Sample Pool in the Application pool dropdown box and clickOK.

    c. In the left pane, expand Sample Pool.

    Note: The sampleweb application is still part of the Default Web Site (and

    communicates on port 80, the default for the Default Web Site). However,

    worker processes in the Sample Pool application pool now handle Web

    requests for sampleweb.Complete the following task

    on:

    Madrid4. We will now connect to

    both Web sites currently

    hosted on the Paris server.

    a. Click the Madrid link in the My Machines browser.

    b. In Internet Explorer, type http://paris/sampleweb/pool.asp in theAddress field and press Enter.

    Note: The contents of the Pool.asp file shows that the application is in the

    Sample Pool application pool.

    c. ClickStart | All Programs and clickInternet Explorer to open asecond instance of the Web browser.

    d. In the second Internet Explorer, type http://paris/tsweb in theAddress field and press Enter.

    Note:Internet Explorer displays the Remote Desktop Web Connection Web

    page. This request is still handled by the default application pool. Please

    leave both Internet Explorer windows open for use in the next tasks

    Complete the following 4 tasks

    on:

    Paris

    5. Since we have live

    connections to both web

    sites, we can view the

    processes that are hosting

    them.

    a. Click the Paris link in the My Machines browser.

    b. ClickStart | Command Prompt.

    c. Type cscript.exe %windir%\system32\iisapp.vbs and press Enter.

    Info: The iisapp.vbs script lists the process IDs (PID) for all the current

    worker processes (w3wp.exe), and the associated application pool name

    (AppPoolId). (The System32 folder contains eight iis*.vbs scripts to

    administer IIS 6.0.)

    Note: The output of iisapp.vbs shows that two worker processes are

    started. One for sampleweb in Sample Pool, and one for tsweb in

    DefaultAppPool.

    6. Now we will create a Web

    application for the TS Web

    site so that we can move it

    into our new application

    pool.

    a. Switch to Internet Information Services (IIS) Manager, clicktswebunder Default Web Site, right-clicktsweb and clickProperties.

    b. In the tsweb Properties dialog box, clickVirtual Directory, clickCreate and type TS Web in the Application name text box.

    c. In the Application pool dropdown box, select Sample Pool and clickOK.

    Note: We have created new application named TS Web for thetsweb

    virtual directory and moved it to the Sample Pool application pool.

    7. We must stop and start the a. Under Application Pools, right-clickDefaultAppPool and click

  • 8/8/2019 IIS6 Lab Guide

    11/18

    Internet Information Services 6.0 11

    DefaultAppPool

    application pool to shut

    down the current worker

    process in this application

    pool.

    Properties.

    b. In the DefaultAppPool Properties dialog box, clickPerformance.

    Info: The Idle timeout setting shows that worker processes are shut down

    after being idle for 20 minutes. That is the default setting for

    DefaultAppPool and other application pools.

    c. ClickCancel to close the DefaultAppPool Properties dialog box.

    Note: Instead of waiting 20 minutes, we stop and start the DefaultAppPool

    to shut down the current worker process in this application pool.

    d. Right-clickDefaultAppPool and clickStop.

    Info: Do NOT click Recycle. That command restarts worker processes. It is

    not the combination of Stop and Start for the application pool.

    e. Right-clickDefaultAppPool and clickStart.

    8. Again, we will view the

    current worker processes

    used by IIS 6.0.

    a. Switch to the Command Prompt window, type cscript.exe%windir%\system32\iisapp.vbs and press Enter.

    Note: The output of iisapp.vbs shows that only the worker processes in

    Sample Pool is started. (If worker processes do not return refresh the

    pages on Madrid and run command prompt again.)

    Complete the following task

    on:

    Madrid9. We need to refresh our

    browser instances to

    reconnect to IIS on Paris

    and start the appropriate

    worker processes.

    a. Click the Madrid link in the My Machines browser.

    b. In the Internet Explorer window that displays the contents ofhttp://paris/sampleweb/pool.asp clickRefresh.

    c. In the Internet Explorer window that displays the contents ofhttp://paris/tsweb, clickRefresh.

    Note:Internet Explorer connects to IIS on Paristo refresh the contents of

    both Web pages.

    Complete the following task

    on:

    Paris

    10. Lets list the current worker

    processes.

    a. Click the Paris link in the My Machines browser.

    b. In the Command Prompt window, type cscript.exe

    %windir%\system32\iisapp.vbs and press Enter.Note: The output of iisapp.vbs shows that a single worker processes in

    Sample Pool responded to the requests for sampleweb and for tsweb.

    11. Now we will set up another

    new feature ofIIS 6.0. We

    use IIS Manager to

    configure the Sample Pool

    application pool to be a Web

    garden with two worker

    processes.

    a. In Internet Information Services (IIS) Manager, right-clickSamplePool and clickProperties.

    b. In the Sample Pool Properties dialog box, clickPerformance and setthe Maximum number of worker processes to 2 in the Web garden

    section.

    Info: By default a single worker process handles the request in an

    application pool. You can configure an application pool to have more than

    one worker process. An application pool that uses more than one worker

    process is called a Web garden. This is an analogy to a Web farm that usesmore than one server for a Web site.

    c. ClickOK to close the Sample Pool Properties dialog box.

    Complete the following task

    on:

    Madrid12. We need to refresh our

    browser instances to

    reconnect to IIS on Paris

    a. Click the Madrid link in the My Machines browser.

    b. In the Internet Explorer window that displays the contents ofhttp://paris/sampleweb/pool.asp, clickRefresh.

    c. In the Internet Explorer window that displays the contents ofhttp://paris/tsweb, clickRefresh.

  • 8/8/2019 IIS6 Lab Guide

    12/18

    12 Internet Information Services 6.0

    and start the appropriate

    worker processes.

    Complete the following 6 tasks

    on:

    Paris

    13. Lets list the current worker

    processes to see how the

    Web garden functions.

    a. Click the Paris link in the My Machines browser.

    b. In the Command Prompt window, type cscript.exe%windir%\system32\iisapp.vbs and press Enter.

    Note: The output of iisapp.vbs shows thattwo worker processes in Sample

    Pool responded to the requests. One for sampleweband one for tsweb.

    Remember the two process IDs (PID) of the current worker processes for

    use in the next task.

    14. Use IIS Manager to recycle

    the worker processes in the

    Sample Pool application

    pool.

    a. In Internet Information Services (IIS) Manager, right-clickSamplePool and clickRecycle.

    Note: IIS starts two new worker processes in Sample Pool and shuts down

    the existing two worker processes. The mechanism ensures that faulty Web

    applications will not use up all system resources.

    Info: Web requests continue to be serviced during the recycle period,

    because an overlapped recycle is done. The existing worker processes keep

    running, until after the new worker process is started up. Also, TCP/IP

    connections from the Web browser on the client computers are maintainedby the WWW service, not by the individual worker processes.

    15. Lets list the current worker

    processes.

    a. In the Command Prompt window, type cscript.exe%windir%\system32\iisapp.vbs, and press Enter.

    Note: The output of iisapp.vbs shows that Sample Pool now has two

    worker processes with other process IDs (PID) than before. This indicates

    that these are two new processes.

    16. Use IIS Manager to

    examine automatic

    recycling options for an

    application pool.

    a. In Internet Information Services (IIS) Manager, right-clickSamplePool and clickProperties.

    b. In the Sample Pool Properties dialog box, ensure that the Recyclingtab is selected.

    Info: Instead of manually starting the Recycleaction, an application pool

    can be configured to automatically recycle its worker processes based on

    elapsed time, number of request, time of day and memory usage.

    c. ClickCancel to close the Sample Pool Properties dialog box.

    17. In the next tasks, we will

    configure the process

    identity of the worker

    processes. We will start by

    creating a new application

    pool and moving the TS

    Web application into it.

    a. In Internet Information Services (IIS) Manager, right-clickApplication Pools, point to New and clickApplication Pool.

    b. In the Add New Application Pool dialog box, type TS Pool in theApplication pool ID text box, and clickOK.

    c. Under Default Web Site, right-clicktsweb and clickProperties.

    d. In the tsweb Properties dialog box, clickVirtual Directory, select TSPool in the Application pool dropdown box and clickOK.

    The TS Web application is moved to the new TS Pool application pool.

    e. In the left pane, expand TS Pool.

    18. Now we configure the TS

    Pool to use the Local

    Service account identity.

    a. In the left pane, right-clickTS Pool and clickProperties.

    b. In the TS Pool Properties dialog box, click the Identity tab and selectLocal Service in the Predefined list box.

    Info: The application pool identity is the user account that the worker

    processes run under. All actions taken by the worker process are performed

    with the privileges of this user account.The default identity for application

    pools is Network Service. This is a built-in account in Windows Server

    2003 that has the same privileges as a normal user account. Another new

    built-in account, Local Service, is similar to Network Service, but has no

  • 8/8/2019 IIS6 Lab Guide

    13/18

    Internet Information Services 6.0 13

    network access.

    c. ClickOK to close the TS Pool Properties dialog box.

    Complete the following task

    on:

    Madrid

    19. We need to refresh ourbrowser instances to

    reconnect to IIS on Paris

    and start the appropriate

    worker processes.

    a. Click the Madrid link in the My Machines browser.

    b. In the Internet Explorer window that displays the contents ofhttp://paris/sampleweb/pool.asp, clickRefresh.

    c. In the Internet Explorer window that displays the contents ofhttp://paris/tsweb, clickRefresh.

    Complete the following 3 tasks

    on:

    Paris

    20. Now we can use the

    iisapp.vbs command to

    determine the process ID(PID) of the worker process

    in the TS Pool.

    a. Click the Paris link in the My Machines browser.

    b. In the Command Prompt window, type cscript.exe%windir%\system32\iisapp.vbs and press Enter.

    c. Remember the process ID (PID) for the AppPoolId for TS Pool foruse in the next task.

    d. Close the Command Prompt window.

    21. We use Task Manager to

    verify the process identity of

    the worker process in the TS

    Pool application pool.

    a. Right-click the current time in the System Tray and clickTaskManager.

    b. In the Windows Task Manager dialog box, clickView and clickSelect Columns.

    c. In the Select Columns dialog box, click to select the PID (ProcessIdentifier) check box and clickOK.

    d. On the Processes tab, select the worker process (w3wp.exe) with thePID corresponding to the AppPoolId for the TS Pool that the

    iisapp.vbs command displayed in the previous task.

    Note: Task Manager shows that the worker process in the TS Poolapplication pool run under the LOCAL SERVICE account. The other

    worker processes (w3wp.exe) in the process list runs under the Network

    Service account.

    e. Close Task Manager.

    22. To see what permissions are

    set on a Web site, use IIS

    Manager to examine the

    default permissions of the

    IIS_WPG group.

    a. In Internet Information Services (IIS) Manager, right-clickTS

    Pool and clickProperties.

    b. In the TS Pool Properties dialog box, click the Identity tab.

    Info: Instead of using one of the three predefined accounts, you can

    configure the application pool identity to use a custom (configurable) user

    account. When you configure a custom user account, also add the account

    to the IIS_WPG group. The IIS_WPG group provides the minimum set of

    rights and permissions required to run as worker process and to run Web

    applications. An example of a custom user account that can be used as

    application pool identity is the IWAM_PARIS user account.

    c. ClickCancel to close the TS Pool Properties dialog box.

    d. In the left pane, right-clickDefault Web Site and clickPermissions.

    Note: A dialog box appears, containing the Security tab for the NTFS

    permissions of the c:\inetpub\wwwroot folder.

    e. In the c:\inetpub\wwwroot dialog box, select the IIS_WPG group.

    Note: By default the IIS_WPG group has Read & Execute, List Folder

  • 8/8/2019 IIS6 Lab Guide

    14/18

    14 Internet Information Services 6.0

    Contents and Read permissions on the Default Web Site folder.

    f. ClickAdvanced.

    Info: When a worker process is processing a client request, it uses

    impersonation. It creates a thread that uses the authenticated user's

    identity, or that uses the IUSR_PARIS (IUSR_machinename) account if the

    client request is anonymous.

    g. In the Advanced Security Settings for wwwroot dialog box, ensure

    that Internet Guest Account (CONTOSO\IUSR_PARIS) is

    selected and clickEdit.

    Info: In the Permission Entry for wwwroot dialog box, notice that

    anonymous Web requests (impersonated as IUSR_PARIS) are explicitly

    denied permissions to Create Files / Write Data, Create Folders / Append

    Data, Write Attributes, Write Extended Attributes, Delete Subfolders and

    Files and Delete on the Default Web Site.

    h. ClickCancel to close the Permission Entry for wwwroot dialog

    box.

    i. ClickCancel to close the Advanced Security Settings for wwwroot

    dialog box.

    j. ClickCancel to close the c:\inetpub\wwwroot dialog box.

  • 8/8/2019 IIS6 Lab Guide

    15/18

    Internet Information Services 6.0 15

    Exercise 3XML MetaBase

    ScenarioIn this exercise, you will back up the IIS 6.0 metabase files and edit the contents of theXML-formatted metabase file, while IIS is running.

    Complete this Exercise using:

    Paris

    Tasks Detailed steps

    1. First we will use IIS

    Manager to save the current

    metabase changes to disk.

    a. In Internet Information Services (IIS) Manager console, right-clickParis (local computer), point to All Tasks and clickSave

    Configuration to Disk.

    b. ClickOK to confirm that the configuration changes have been saved.

    Info: When IIS starts up, it reads all the configuration information for all

    its Web sites and application pools from a file on the hard disk. This is

    called the metabase. While running, IIS keeps this configuration

    information in memory, and periodically saves configuration changes to

    the metabase file. You can save the current configuration changes to the

    metabase immediately by running the Save Configurationto Disk

    command.

    2. By browsing to the proper

    directory, we can identify

    the metabase files and the

    backup and history versions

    of the metabase files.

    a. ClickStart | Windows Explorer.

    b. Browse to C:\WINDOWS\system32\inetsrv.

    Info: The two files MBSchema.xml and MetaBase.xml in the inetsrv folder

    form the metabase. MBSchema.xml contains the metabaseschema

    information. MetaBase.xml contains the actual IIS configuration

    information. IIS 4.0 and IIS 5.0 used a binary file named Metabase.bin to

    store the schema and configuration information. IIS 6.0 uses two plain text

    XML-formatted files.

    c. Browse to C:\WINDOWS\system32\inetsrv\History.

    d. Expand the Name column.

    Info: By default, IIS saves copies of the last 10 versions of the

    MBSchema.xml and MetaBase.xml files. The file names include increasing

    version numbers of the form Name_major#_minor#.xml. The major versionnumber increases when IIS saves a new copy of the metabase. The minor

    version number increases when the administrator manually edits the

    metabase.xml file.

    e. Browse to C:\WINDOWS\system32\inetsrv\MetaBack.

    Info: This is the default location to store backups of the metabase.

    3. Now we will use the IIS

    Manager to backup the

    current metabase.

    a. In Internet Information Services (IIS) Manager, right-clickParis(local computer) point to All Tasks and clickBackup/Restore

    Configuration.

    Info: The Configuration Backup/Restore dialog box lists the current

  • 8/8/2019 IIS6 Lab Guide

    16/18

    16 Internet Information Services 6.0

    metabase backups from the MetaBack folder, plus the 10 automatic

    backups from the History folder.

    b. In the Configuration Backup/Restore dialog box, clickCreateBackup.

    c. In the Configuration Backup dialog box, type Lab Backup in theConfiguration backup name text box.

    Info: If you specify a password, the secure properties in the backup file are

    encrypted. All other information in the backup remains unencrypted.

    d. ClickOK to close the Configuration Backup dialog box.

    Info: IIS creates a backup of the metabase files, and stores the backup in

    the MetaBackfolder. (The backup version number is used to distinguish

    backup sets with the same name.)

    e. ClickClose to close the Configuration Backup/Restore dialog box.

    Info: You can restore metabase backups on the same computer, or if

    needed, on another computer.

    4. IIS 6.0 allows us to edit the

    metabase live and it updates

    the configuration while still

    running. We use IIS

    Manager to enable this

    feature.

    a. In Internet Information Services (IIS) Manager, right-click Paris(local computer) and clickProperties.

    b. In the Paris (local computer) Properties dialog box, click to select theEnable Direct Metabase Edit check box.

    Info: Even though IIS keeps a copy of the metabase content in memory, this

    option allows us to edit the metabase.xml file while IIS is running (not the

    MBSchema.xml file). IIS uses Windows file change notification to update its

    configuration in memory, when the metabase.xml file is changed manually.

    c. ClickOK to close the Paris (local computer) Properties dialog box.

    5. First lets look at the last

    copy of the metabase so that

    we can see that it was

    recently changed, when we

    allowed direct editing.

    a. Switch to Windows Explorer and browse to theC:\WINDOWS\system32\inetsrv\Historyfolder.

    Note: The last saved copy of the metabase files is from less than a minute

    ago.

    Info: The option to allow editing the metabase directly while IIS isrunning, is itself a change in the configuration and causes IIS to

    immediately update the metabase file on the hard disk.

    6. Now all we need to edit the

    metabase is Notepad.

    a. In the C:\WINDOWS\system32\inetsrv folder, right-clickMetaBase.xml and clickEdit.

    b. In the IIsComputer node, change the value ofMaxHistoryFiles to"12". (On line ~20 in the file.)

    Info: The value of the MaxHistoryFiles property indicates how many saved

    metabase history versions IIS must keep in the History folder.

    c. ClickFile | Save.

    d. Close Notepad.

    7. Now we can see that the editwe made was implemented

    because IIS created a copy

    of the metabase.

    a. In Windows Explorer browse toC:\WINDOWS\system32\inetsrv\History folder.

    Note: The last saved copy of the metabase files only increased the minor

    version number in the file names (Name_major#_minor#.xml) to indicate

    that the metabase.xml file was edited directly.

    8. Lets look at the schematic

    structure of the metabase

    file.

    a. ClickStart | Run.

    b. In the Run dialog box, type hh iismmc.chm and clickOK.

    c. In the Internet Information Services 6.0 Administrator Guide, onthe Contents tab, expand Internet Information Services | Server

    Administration Guide | IIS Metabase | Metabase Structure and

  • 8/8/2019 IIS6 Lab Guide

    17/18

    Internet Information Services 6.0 17

    select Metabase Configuration File.

    Info: In the right pane, the Metabase Configuration File page provides a

    good description of the structure of the metabase.xml file.

    d. In the left pane, right-clickMetabase Configuration File (or any othernode), and clickClose all.

    e. Expand Internet Information Services | Reference | MetabaseProperty Reference and select MaxHistoryFiles.

    Info: The Metabase Property Reference node contains a list of all the

    properties in the metabase.xml file. The MaxHistoryFiles property was

    changed in the previous task.

    f. Close the Internet Information Services 6.0 Administrator Guide.

    9. Now we will see what

    happens if we accidentally

    make an incorrect entry to

    the metabase file.

    a. In the C:\WINDOWS\system32\inetsrv folder, right-clickMetaBase.xml and clickEdit.

    Note: A disadvantage of using a generic text editor like Notepad, to

    change the contents of a critical configuration file like metabase.xml, is the

    possibility of making editing mistakes.

    b. In the IIsComputer node, "accidentally" remove the = (equal) sign

    after MaxBandwidth. (On line ~20 in the file.)Note: This editing change makes this an incorrect metabase.xml file.

    c. ClickFile | Save.

    d. Close Notepad.

    10. We examine the System log

    in Event Viewer to

    determine how IIS handles

    an editing error in the

    metabase.xml file.

    a. ClickStart | Administrative Tools and clickEvent Viewer.

    b. In Event Viewer, select the System log in the left pane.

    c. In the right pane, right-click the error event from IIS Config with eventID 4275 and clickProperties.

    Note: The description of the error event states that the XML parser found

    an invalid character on row (line) 19.

    d. In the Error Properties dialog box for event ID 4275, click the Up

    arrow button.

    Note: The description of the next error event (event ID 51220) states that

    the new metabase file was not applied.

    k. In the Error Properties dialog box for event ID 51220, click the Up

    arrow button.

    Note: The description of the next error event (event ID 51219) states that

    the incorrect metabase file is copied to the History folder. The

    metabase.xml file is replaced by the last-known-good configuration.

    l. ClickOK to close the Error Properties dialog box.

    m. Close Event Viewer.

    11. We can see how IIS handled

    the error we introduced by

    viewing the current contents

    of the metabase.xml file.

    a. In the C:\WINDOWS\system32\inetsrv folder, right-click

    MetaBase.xml and clickEdit.

    Note: The = (equal) sign after the MaxBandwidth property on line 19, is

    still in the file.

    b. Close Notepad.

    12. Further, we can find the

    error file to identify the

    incorrect metabase.xml file.

    a. In Windows Explorer, browse to

    C:\WINDOWS\system32\inetsrv\Historyfolder.

    Note: The folder contains aMetaBaseError_#.xml file. This is the

    incorrect metabase.xml file, with the missing = (equal) sign.

  • 8/8/2019 IIS6 Lab Guide

    18/18

    18 Internet Information Services 6.0

    b. Right-clickMetaBaseError_#.xml and clickEdit.

    c. On line 19, the = (equals) sign is not there.

    d. Close all open windows.


Recommended