Figure 1-1: Use the Windows Component Wizard to select components to add or remove.
Figure 1-2: Use the IIS snap-in to manage local and remote IIS installations.
Figure 1-3: Use Remote Administration to manage remote IIS installations.
Chapter 2: Core IIS Administration
Figure 2-1: Here is a conceptual view of the IIS 5 isolation mode.
Figure 2-2: Use DLL Host (Dllhost.exe) to manage out-of-process ISAPI applications.
Figure 2-3: Use the IIS snap-in to manage Web, FTP, SMTP, and NNTP resources.
Figure 2-4: Stop, start, and restart all Internet Services.
Figure 2-5: Use the Services node to manage IIS services.
Figure 2-6: For troubleshooting, you might want to change the service startup option.
Figure 2-7: You can configure services to recover automatically in case of failure.
Chapter 3: Configuring Web Sites and Servers
Figure 3-1: You can use multiple IP addresses to host multiple Web sites on a single server.
Figure 3-2: Another technique is to use multiple port numbers to host multiple Web sites on a single server.
Figure 3-3: You can use host headers to support multiple Web sites on a single server, with a single IP address.
Figure 3-4: Use the Internet Protocol (TCP/IP) Properties dialog box to view and configure TCP/IP settings.
Figure 3-5: Set the IP address and port values for the new site in the Web Site Creation Wizard.
Figure 3-6: Set access permissions for the Web site in the Web Site Creation Wizard.
Figure 3-7: You can change a site’s home directory at any time.
Figure 3-8: You modify a site’s identity through the Web Site tab in the Properties dialog box.
Figure 3-9: Web sites can have multiple identities.
Chapter 4: Customizing Web Server Content
Figure 4-1: Use the Web Service Extensions node to allow or prohibit IIS to process various types of nonstatic content.
Figure 4-2: You can redirect requests for files in one directory to another directory.
Figure 4-3: Another redirection technique is to redirect all requests for files to a specific location at another Web site.
Figure 4-4: Network shares can be used as source directories for content. To map to a share, you must use redirection.
Figure 4-5: The Custom Errors tab shows the error settings for the site, directory, or file you’ve selected for editing.
Figure 4-6: The Edit Custom Error Properties dialog box provides an overview of the error and how it’s handled.
Figure 4-7: Use the MIME Types dialog box to view and configure computer MIME types.
Chapter 5: Running IIS Applications
Figure 5-1: ISAPI acts as a layer over IIS.
Figure 5-2: Use .NET Configuration to view and manage ASP.NET assemblies.
Figure 5-3: Use the Properties dialog box to configure custom applications.
Figure 5-4: Use the Application Configuration property sheet to control which components are available to IIS applications and how those components are managed in memory.
Figure 5-5: Add new application mappings using the Add/Edit Application Extension Mapping dialog box.
Chapter 6: Managing ASP.NET, Application Pools, and Worker Processes
Figure 6-1: ASP.NET isn’t installed by default when you install an Application Server. You must choose ASP.NET as one of the installation components.
Figure 6-2: The virtual directory alias sets the name of the application.
Figure 6-3: Use the Add New Application Pool dialog box to set the name of the application pool and determine how the default settings are obtained.
Figure 6-4: Use the options of the Identity tab to set the application pool identity to a predefined or previously configured account.
Figure 6-5: Worker processes can be recycled automatically based on time, number of requests, and memory usage.
Figure 6-6: Configure CPU monitoring to ensure that runaway processes are reported or terminated.
Figure 6-7: Pinging and rapid-fail protection are important monitoring techniques for detecting and recovering from problems.
Figure 6-8: Set the idle time-out to meet your application environment’s needs.
Chapter 7: Managing Web Server Security
Figure 7-1: Use the Log On tab to configure the service logon account.
Figure 7-2: Set the Web application account identity as Predefined or Configurable.
Figure 7-3: For IIS 5 isolation mode, set the Web application account identity in the Component Services snap-in.
Figure 7-4: Use the Security tab to configure basic permissions for the file or folder.
Figure 7-5: Use the Group Policy tab of the Properties dialog box to create and edit policies.
Figure 7-6: Set policies for passwords and general account use.
Figure 7-7: With local policies, you’ll see the current policy setting.
Figure 7-8: Define and configure global group policies using the Properties dialog box.
Figure 7-9: Manage Web server permissions globally using the Home Directory tab on the Web Sites Properties dialog box.
Figure 7-10: Manage permissions for individual sites, virtual directories, and files using the Properties dialog box for that site, virtual directory, or file.
Figure 7-11: Use the Authentication Methods dialog box to enable or disable authentication methods to meet your organization’s needs. With basic authentication, it’s often helpful to set a default domain as well.
Figure 7-12: You can grant or deny access by IP address, network ID, and domain.
Figure 7-13: Use the Security Templates snap-in to access existing security templates and to create new ones.
Chapter 8: Managing Microsoft Certificate Services and SSL
Figure 8-1: Use the Certification Authority snap-in to manage Certificate Services.
Figure 8-2: Choose the type of CA that you want to install.
Figure 8-3: Identify the CA and set an expiration date for the root CA certificate.
Figure 8-4: Use the Web-based interface to retrieve CA certificates or revocation lists, to request certificates, or to check on pending certificates.
Figure 8-5: You can connect to both local and remote CAs.
Figure 8-6: Specify the certification items that you want to back up.
Figure 8-7: Specify the certification items that you want to restore from a backup.
Figure 8-8: In the Certificate Revocation dialog box, specify the reason you’re revoking the certificate.
Figure 8-9: Set the schedule for publishing the CRL. By default, the publication interval is a week.
Figure 8-10: The Certificate dialog box shows the root CA certificate’s properties.
Figure 8-11: When you renew the root CA certificate, you can generate new public and private keys. Do this if the key has been compromised or a new key is required.
Figure 8-12: To create a certificate, select Create A New Certificate.
Figure 8-13: Specify a descriptive name and bit length for the certificate.
Figure 8-14: Type complete entries for geographic information.
Figure 8-15: When you access the Certificate Services URL, you should see the main page for the Web-based interface. If you don’t, you might not have configured Web access correctly.
Figure 8-16: Process the pending request and install the certificate file.
Figure 8-17: Specify a port value for SSL.
Figure 8-18: Web sites can have multiple SSL identities. The port that is set in the Web Site tab is the primary identity; the others are alternatives that must be specified in a URL request.
Figure 8-19: A security alert warns that the browser doesn’t trust your root CA.
Figure 8-20: In the Certificate Import Wizard, select Automatically Select The Certificate Store Based On The Type Of Certificate.
Figure 8-21: The Certificate dialog box provides summary information on the site certificate, and you can use it to modify properties and export the certificate to a file.
Figure 8-22: You can modify certificate purposes to meet your organization’s needs.
Figure 8-23: You can renew, remove, or replace a certificate at any time using the Web Server Certificate Wizard.
Figure 8-24: Sites can ignore, accept, or require client certificates.
Chapter 9: Managing FTP Servers
Figure 9-1: Set the IP address and port values for the new FTP site.
Figure 9-2: Set user isolation mode for the FTP site.
Figure 9-3: You can change a site’s home directory at any time.
Figure 9-4: You modify a site’s identity through the FTP Site tab in the Properties dialog box.
Figure 9-5: Current FTP user sessions are displayed by user name, IP address, and connection duration.
Figure 9-6: Use the Security Accounts tab to configure anonymous access.
Figure 9-7: Use the FTP Sites Properties dialog box to configure FTP permissions.
Figure 9-8: Use the site’s Properties dialog box to configure FTP permissions.
Figure 9-9: You can grant or deny access by IP address, network identification, and domain.
Chapter 10: Configuring and Maintaining E-Mail Services
Figure 10-1: Use the New SMTP Virtual Server Wizard to create additional virtual servers.
Figure 10-2: You modify a site’s identity through the General tab in the SMTP Virtual Server Properties dialog box.
Figure 10-3: SMTP virtual servers can respond on multiple IP addresses and ports. Configure additional identities using the Advanced dialog box.
Figure 10-4: SMTP virtual servers can have local alias, local default, and remote service domains.
Figure 10-5: The Drop directory is used by the default domain and all alias domains configured on the virtual server. You can change the directory location and quota configuration at any time.
Figure 10-6: You can configure remote domains to allow or prevent mail relaying. Mail relaying is prevented by default.
Figure 10-7: You can queue messages addressed to specific users in a remote domain; then the user’s mail client can trigger delivery of those messages.
Figure 10-8: Select the outbound security options and add TLS encryption if it’s supported by the remote domain.
Figure 10-9: Use the Properties dialog box to configure properties for all POP3 domains on a server.
Figure 10-10: Domain statistics provide a quick overview of mailboxes, messages, and state of the mailboxes for each domain.
Figure 10-11: Use the Add Mailbox dialog box to create mailboxes for the e mail domain. Mailboxes should follow the same naming and strict password requirements as any other type of account.
Chapter 11: Advanced E-Mail Service Configuration Options
Figure 11-1: You can control connections by IP address, subnet, or domain.
Figure 11-2: You can enable or disable authentication methods to meet your organization’s needs. With basic authentication it’s often helpful to set a default domain as well.
Figure 11-3: Connection limits and time-outs can help reduce server load. They can also help to resolve connection problems.
Figure 11-4: As with incoming connections, limits and time-outs on outbound connections can help reduce server load and resolve connection problems.
Figure 11-5: You can use messaging limits to control SMTP usage and to improve performance.
Figure 11-6: If necessary, you can grant or deny computers, groups of computers, or domains the right to relay mail through your organization.
Figure 11-7: Use the options in the Delivery tab to control message delivery in the organization.
Figure 11-8: Domain name options play an important role in determining how mail is delivered.
Chapter 12: Administering the Indexing Service
Figure 12-1: Use the Indexing Service node in the Computer Management console to manage the Indexing Service.
Figure 12-2: Use the Add Catalog dialog box to create a new catalog on the server.
Figure 12-3: Use the Indexing Service Usage dialog box to optimize indexing and querying.
Figure 12-4: You can customize the way indexing and querying are performed by using the Desired Performance dialog box.
Figure 12-5: You can add physical directories to a catalog and map them to aliases using the Add Directory dialog box.
Figure 12-6: Specify the site to index in the Tracking tab.
Figure 12-7: After you configure indexing, check the configuration using the predefined query form.
Chapter 13: Performance Tuning and Monitoring
Figure 13-1: The Logging Properties dialog box tells you where logs are being written.
Figure 13-2: Event Viewer displays events for the selected log.
Figure 13-3: You can filter events so that only warnings and errors are displayed.
Figure 13-4: Select the counter you want to monitor.
Figure 13-5: Current performance logs are listed with summary information.
Figure 13-6: Configure the log file format and usage.
Figure 13-7: Specify when logging starts and stops.
Figure 13-8: Use the General tab to select the provider to use in the trace.
Figure 13-9: Use the Alert dialog box to configure counters that trigger alerts.
Figure 13-10: Set actions that are executed when the alert occurs.
Figure 13-11: Use the Local Area Connection Properties dialog box to configure file and printer sharing settings for the Web server.
Figure 13-12: Use the Service tab to configure HTTP compression.
Chapter 14: Tracking User Access and Logging
Figure 14-1: Use the common log format when you have basic logging requirements.
Figure 14-2: Use the IIS log format when you have additional logging requirements but don’t need to customize settings.
Figure 14-3: Use the extended log file format when you need to customize the logging process.
Figure 14-4: Use the Create A New Data Source To SQL Server dialog box to configure the data source.
Figure 14-5: Set the authentication method for the DSN connection.
Figure 14-6: Use ODBC logging when you need to write to a database.
Chapter 15: IIS Optimization and the Metabase
Figure 15-1: Configure the IIS Admin Service to run the IIS Reset utility.
Figure 15-2: MetaBase.xml is a structured XML file that can be viewed in any standard text editor.
Chapter 16: IIS Backup & Recovery
Figure 16-1: Use Configuration Backup/Restore to create, restore, and delete IIS configuration backups.
Figure 16-2: Use the Import Configuration dialog box to create and restore sites from backups.
Figure 16-3: The Windows Backup utility provides a user-friendly interface for backup and restore operations.
Figure 16-4: You can view existing file exclusions for users in the Exclude Files tab.
Figure 16-5: Use the Add Excluded Files dialog box to set file exclusions for users.
Figure 16-6: Use the Backup tab to configure backups and then click Start Backup.
Figure 16-7: Specify the files and folders to restore.