A brand new IIS community portal by Microsoft, try it out @ www.iis.net

www.iiswebcastseries.com

 The IIS Webcast Series team is very happy to inform everyone about this week’s very cool presentations that will be happening this week.  The series is very happy to have back the talented engineers from the Microsoft.com Operations Debug Team to drill-down on the very technical topic of “Debugging in the Real-World.”

 Week-long Series:  Microsoft.com Operations Introdces Real World Debugging

•    Monday, March 27th:  Determining When you have a Problem and Beginning the Initial Debugging
     Tuesday, March 28th:  Debugging CLR Internals
•    Wednesday, March 29th:   Diagnosing Memory Leaks in ASP.NET Applications
•    Thursday, March 30th:  How to Tackle Problems in Dynamically Generated Assemblies
•    Friday, March 31st:  Debugging Without the Debugger in IIS and ASP.NET

 IIS 6.0 & Windows Server 2003 R2

•    Tuesday, March 28th:  Rapid Deployment of Large Sharepoint Intranets and Extranets on IIS 6.0
•    Thursday, March 30th:  Efficient Deployment and Management of ASP.NET 2.0 Applications on IIS 6.0

Learn IIS 6 Best Practices
Let the experts who keep www.Microsoft.com up and running, teach you their IIS 6 tricks in a five-part webcast series Nov 7-11

In the Events section (as well as in the Web Seminar section) box it will say,

MSCOM Ops Webcast Week

MSCOM Ops wants to show you how they run IIS 6 to keep www.Microsoft.com the most reliable site on the Web.  The MSCOM Ops Webcast Week is a 5 day webcast series from Nov 7-11 that will cover IIS 6 Best Practices for a full range of topics including – High Availability Architecture, Configuration Management of Web Farms, Change & Release Management Strategies, Monitoring & Management of Enterprise Platforms, and Troubleshooting & Debugging Web Hosting Environments.  Register at http://www.microsoft.com/windowsserver2003/iis/support/webcasts.mspx.

Have you seen this? It's really worth checking out.

http://www.microsoft.com/downloads/details.aspx?FamilyID=61a41d78-e4aa-47b9-901b-cf85da075a73&displaylang=en

-brett

Very nice flow diagram of a request moving the IIS.

http://www.adopenstatic.com/faq/IISRequestProcessing.aspx.

Thanks to Raymon at Micron for the link.

-brett

FYI: I've opened a blog at IISanswers.com. You can find it at http://iisanswers.com/brettblog

-brett

You can find the IIS webcasts now in one place: www.iiswebcastseries.com . You'll find these an incredible resource with hard to find details about important topics. Check it out.

-brett

If your're intrested in IIS 7 details, see http://blog.coryisakson.com/.

-brett hill

Today, Windows Server 2003 SP1 is released. IIS is impacted in significant ways. Metabase auditing is part of the update. Also included is SSL for terminal services, which is often used to manage IIS server remotely. Additionally, and most importantly, are the event tracing capabilities. This are multiple steps involved, but you will want to check it out as this is a very poweful diagnostic tool.

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032268450&Culture=en-US

Also, be sure you make a backup of your httperr(x).log files as the log file format will change. With a registry edit, you can add the Applicaiton Pool name to the log - very useful.

-brett

Due to moving to Redmond from Boulder, there have been problems with IISlists.com, IISAnswers.com, and IISFaq.com. The servers are back online now and I apologize for any inconvenience.

-brett hill

Dare to take a mini IIS quiz from the IIS Product team? you might stand a chance to win something :)
Click here for more detail...
-------------------

Update: 21/2/05
The IIS team has removed the posting at their blog site http://weblogs.asp.net/iishints, hope you had win something :)  For those who missed it, here's the question list at my blog.

Microsoft has released an update to “web folders” for all OSs. It fixes a couple of problems as detailed in http://support.microsoft.com/default.aspx?scid=kb;en-us;892211. In addition, the update provides SSL and unspecified “security enhancements”. Don't you love it when the enhancements are so good they are worth mentioning but not good enough to say what they are? That aside, providing SSL with web folders is a big deal as that has not been available when using XP and 2003 Server and the web client service (ie, not a web folder created with IE). The full story on Web Folders and WebDAV/FPSE is a long one but this update does help to unravel the problem by providing equivalent functionality across all platforms.

http://www.microsoft.com/downloads/details.aspx?FamilyID=17C36612-632E-4C04-9382-987622ED1D64&displaylang=en

-brett

A worm that attacks MySQL installations, which includes a great many IIS servers, has been discovered. http://it.slashdot.org/article.pl?sid=05/01/27/1546222&from=rss for a place to start.

-brett

The long awaited, much heralded release of Log Parser 2.2 has arrived. Get it and be amazed.

http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en

-brett

The topic of installing PHP on IIS came up on our bulletin board and one post included a link to this “how to” article on installing PHP on IIS. It could come in handy for those intrested in using PHP with IIS.

http://www.peterguy.com/php/install_IIS6.txt

DiIWM (Di IIs Web Manager) is a web application written in VB.NET to manage IIS6.0. Both WMI and ADSI is used. DiIWM can connect and manage local and remote IIS. DiIWM also provides an assembly (Di) written in C# to manage IIS6.0. Development Status: 4 - Beta Intended Audience: Developers, System Administrators License: GNU General Public License (GPL), GNU Library or Lesser General Public License (LGPL) Operating System: Microsoft Windows Server 2003 Programming Language: C#, Visual Basic .NET Topic: Internet, System User Interface: Web-based

Microsoft has released Version 3.0 of its web hosting tools. You have to be a member of the hosting program to access the tools. This and other tools to come in the area are part of an effort by Microsoft to more effectively support IIS as a web hosting platform.

http://www.microsoft.com/serviceproviders/hosting/default.asp

Papers from Microsoft are often hit and miss. Some are stellar and some are overbroad overviews filled with marketing jargon. This one, however, is well worth the read. He's an excerpt from Web and Application Server Infrastructure - Performance and Scalability http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/iis6perf.mspx

COM+ General

With the new IIS 6.0 architecture, it is important to question some of the existing guidelines where COM+ is concerned. A major consideration is that, before Windows Server 2003, COM+ application components were configured (by default) to run out-of-processes from the caller. The default for COM+ applications is for them to run as Server Applications, executing in a DLLHost.exe process called into from the object instantiate, or over DCOM.

The performance downside of doing this for every method call, is that there are extra threads running on the system, and every call to a method must be marshaled across process boundaries. This is not noticeable on a small implementation with low request/transaction rates, but on a high volume, large multiprocessor, this kind of overhead can greatly decrease the overall scalability of the system.

Therefore, on Windows Server 2003, it is best to change the default configuration for a COM+ Server Application to Library Application to aid scalability of the calling per use of that application

This bulletin from the SANS security newsletter. Aren't these guys supposed to show the way?

-brett

--DHS Security Audit Finds Problems

http://www.fcw.com/fcw/articles/2004/1025/web-dhsig-10-28-04.asp

For almost 2 years, I've been lecurting about using passphrases instead of passwords. This is not my idea, I picked it up from some Microsoft guys and now there are some good articles coming out about it. Check out:

http://www.microsoft.com/technet/security/secnews/articles/itproviewpoint091004.mspx

http://www.microsoft.com/technet/security/secnews/articles/itproviewpoint100504.mspx

IISLogs is excited to announce the release of IISLogs Lite version. This is a free stand-alone EXE that will ZIP and/or Delete original log files for one specific directory (I.E. -- C:\Windows\System32\Logfiles\W3svc1).  Other features include using IISLogsGUI for configuration, email reporting, alternative file ZIP file location and more.   IISLogs Lite is the same technology used in our full product line.  IISLogs Lite is perfect for someone who has a single domain or evaluating IISLogs ZIP capabilities.  IISLogs Lite can be deployed in a production environment, also can be deployed to more than one machine.  We ask however that only one instance is installed per machine; this is the only licensing restriction.  Feel free to email info@iislogs.com with any questions about IISLogs Lite.


Download IISLogs Lite version
http://iislogs.com/forum/eval2.aspx

Setup & Configuration of  IISLogs Lite version
http://www.iislogs.com/help/configure_iislogs_lite_version.htm

IISLogs Discussion Board
http://www.iislogs.com/forum/default.aspx?f=12

It's patch day again, October security bulletin is out ! few are directly related to IIS:
MS04-030 - Affected components: WebDAV
                 IIS versions: IIS5.0, IIS5.1 and IIS6.0
                 XP Pro SP2 (IIS5.1) not affected.  

MS04-035 - Affected components: SMTP
                 IIS versions: IIS6.0
                 W2K (IIS 5.0) and NT4.0 (IIS4.0) are not affected, however the vulnerability will exists if you deploy Microsoft Exchange Server 2003 Routing Engine component on Windows Server 2000.
   
MS04-036 - Affected components: NNTP
                 IIS versions: IIS4.0, IIS5.0 and IIS6.0
                 W2k Pro (IIS5.0) and XP Pro (IIS5.1) are not affected as NNTP component is not available.

************************

* IIS Answers Bulletin

* Update on ASP.net vulnerability
* Immediate action required

**************************

Information in this bulletin was posted to the IISlists by:
Scott Forsyth
Microsoft MVP - ASP/ASP.NET
ASPInsider Member - MCP
http://www.orcsweb.com/

If you have been using IIS SMTP, you will notice that it is actually quite hard to troubleshoot SMTP related issues. Ranging from event id 4000, to mail stuck in pickup, queue and bad mail folders. Normally, I would suggest users to try the following:
XFOR: How to Test Outbound Mail Flow With a File in the Pickup Folder
http://support.microsoft.com/?id=297700

The above simply test the basic function of SMTP. Just create a plain text file with the specified format. If SMTP is working, the mail will be delivered. Now, normally when mails get stuck in the server, it is mostly due to DNS issue. Meaning the SMTP component can't resolve the recipient's email domain MX record....

Microsoft has released yet another in a series of useful tools. The Port Reporter Tool runs as a service on XP, 2000, and 2003 and logs TCP and UPD activity. This log could be quite useful for studies, foresnics, troubleshooting, and intrusion detection. Check it out.

http://support.microsoft.com/default.aspx?scid=kb;en-us;837243

Security problems relating to authentication and access control problems are costing Microsoft customers a lot of time and money.  The product group took that action from their meetings and embarked on building a tool that will help aid our customer’s in resolving these problems much faster.

The Authentication and Access Control Diagnostics (AuthDiag) tool offers many IIS administrators and developers the ability to determine why authentication (native to IIS – not forms based) is failing or why access checks are returning failure result.

This is actually a section from a module of the IIS 5 FastTrack Training found at www.iistraining.com. In this paper, you will find the complete details about the actions of the IIS Lockdown tool, what it does and doesn't do including undocumented details. It includes tips on how to use the tool, troubleshoot, and reverse actions without having to completely undo the tool. There are a lot of misconceptions about the IIS Lockdown tool that this paper will hopefully clarifly.

You'll find it a http://www.iisanswers.com/articles/IIS_Lockdown/IISLockdown.htm

Tad Fleshman from Port80 software (makers of serveral useful IIS utilities) recently posted this article to the IIS 5 discussion list (iislists.com). Considering that Port80 is deeply involved with compression technology, it is no surprise to find Tad's summary concise and to the point with some good tips for any IIS admin considering compression.

IISLogs Beta Component is Released
Http://iislogs.com

Steve Schofield (ASP.Net MVP, IISAnswers newsletter co-editor, formerly of ASPFree.com fame) has launched http://iislogs.com.  IISLogs is a component 100% written using the Microsoft .NET Framework. It's developed to help effectively manage all log files related to Microsoft Internet Information Server 5.0 and 6.0. No more writing and supporting your own custom scripts. Never worry about managing your logfiles again! 

There are two products to chose from, (Stand-alone EXE or A Windows Service version).  IISLogs is developed to automatically compress, copy and remove log files on a scheduled basis.  In keeping with best practices for a secure IIS server, IISLogs by default runs in a low privileged account (LOCAL SERVICE) and does NOT require administrative privileges!  Very easy to configure, get started recovering disk space today!  Download evaluation copy today. As a service to IISFAQ readers, you can join the beta program!

UrlScan 2.5 and IIS 6.0 (Level 200)
Wednesday, August 11, 2004 11:30 AM - Wednesday, August 11, 2004 1:00 PM (GMT-08:00) Pacific Time (US & Canada)
The UrlScan security tool goes hand-in-hand with IIS 4.0, 5.0, and 5.1, but how does the latest version of the tool apply to IIS 6.0? Join this webcast and find out!

Effectively Using IIS Diagnostics Tools (Level 200)
Wednesday, August 18, 2004 11:30 AM - Wednesday, August 18, 2004 1:00 PM (GMT-08:00) Pacific Time (US & Canada)
Enhance your ability to diagnose and troubleshoot problems within the IIS core server by using several versatile tools developed by the IIS team. SSLDiag, AuthDiag, IIS Debug Toolkit, and WFetch can save administrators hours of painful research and diagnostics work.

Using AuthDiag to Diagnose Problems with Authentication and Authorization in IIS (Level 200)
Wednesday, August 25, 2004 11:30 AM - Wednesday, August 25, 2004 1:00 PM (GMT-08:00) Pacific Time (US & Canada)
Learn how to use the Authentication and Access Control (AuthDiag) tool to help simplify the diagnostic process for logon failures and "Access Denied" errors (401.1 and 401.3) on servers running IIS version 4.0, 5.0, 5.1, or 6.0.

In particular when ASP.net is installed, the .net application mappings are added to IIS presuming the web server is being used for application development. The function of ASP.net file extensions are not obvious and it is quite a task to figure out what each of them do. You will want to remove most of the extensions on a productions server.

Use this list to guide your selection. If you aren't sure if an application mapping is in use on your server, I would suggest you use the Log Parser tool to parse your live IIS logs looking for the extension.

Thanks to Rich Durso for this list.

This new article lists 21 things to do when you migrate IIS 5 applications to IIS 6. The list includes several “gotchas” that can be difficult to troubleshoot if overlooked as well as some best practices for configuring IIS 6. If you need a shortcut to avoiding problems during your migration, this is it.

http://www.iisanswers.com/IIS6_Tasks.htm