The IIS team annouced a lot of new releases and tools for IIS 7. These have been coming out of the team steadily since IIS 7 was released. In the history of IIS there has never been so much activity coming out of the IIS team between major release cycles.
This is great stuff!
•Application Request Router (ARR) 2.0 beta, with disk cache and cache proxy support for edge configurations the IIS HTTP load balancer. ARR can be used as a complement to existing hardware load balancers, or as a standalone proxy.
•FTP 7.5 RTW, with extensibility support for developers who want to customize this IIS7 FTP publishing service.
•WebDav 7.5 RTW, with support for both shared and exclusive locks to prevent lost updates due to overwrites.
•Advanced Logging beta for monitoring and measuring media and Web browsing experiences, rich and flexible data collection, client-side logging and real-time logging capabilities.
•Administration Pack for IIS7 RTW, with IIS Manager support for management of FastCGI, Request Filtering, ASP.NET authorization and custom error settings, and HTTP request filtering, and Configuration Editor for easier config management.
•IIS Snap-in for Windows PowerShell RTW, for management of the IIS configuration system through Windows PowerShell, along with 60 cmdlets for common management tasks in Powershell.
•Web Deployment Tool RC, which is a platform for Web deployment of IIS servers and applications that run on servers. This extension provides a foundation for administrators who want to synchronize and migrate Web servers in a web farm. Developers use Web Deployment Tool to deploy applications to a server or integrate with the new Windows Web Application Gallery.
•Database Manager RC, providing Web database management support for local and remote databases from within IIS Manager.
•Media Services 3.0 beta, which introduces the world to live streaming on IIS with multiple extensions extensions, including Smooth Streaming and Advanced Logging. Our media extensions bring high quality media delivery to IIS customers as well as CDNs like Akamai.
and more...

SANs published a list of the top 25 reasons systems are hacked. Evidently, a consortium of people participate in this list including Microsoft. The list is a whose who of problems that continually plauge systems and range from improper coding, to improper permissions, to running processes in privledged accounts.

It is a solid list and I would recommend that you inspect it for anything you aren't already looking for:

http://www.sans.org/top25errors/#s4

Wanted to postback to this article by Wade on the IIS team.

He summarizes this issue really well - in particular that topics lose focus due to a the many posts and lack of the ability to see information chronologically sorted in searching.

http://blogs.iis.net/wadeh/archive/2008/12/18/how-iis-can-help-with-sql-injection.aspx

Keep in mind that as he points out early on, request filtering for SQL inhections is a band-aid. Your appliciations should be written so they do not allow passing of invalid or risky strings to the server.

Thanks!

-brett

 

 

Somehow I started revisiting Log Parser resources and links today and wanted to post a few things. If you don't know about Logparser and you manage an IIS server or set of servers (almost any type), then stop what you're doing and go to http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1287 , download and smile.

It slices , it dices, it reads multiple log file formats using a SQL like syntax and outputs into multiple formats. The guys at Microsoft.com swear by this jewel.  (PS read anything, ANYTHING written by Jeffery Johnson).  

Here's a visual wrapper that may be helpful. I haven't used it and it's still beta, so don't know how buggy it is or not. http://www.codeplex.com/visuallogparser 

Don't miss this as free online logparser resource that appears to be very active forum.

http://forums.iis.net/default.aspx?GroupID=51

And check this out: http://www.amazon.com/Microsoft-Parser-Toolkit-Gabriele-Giuseppini/dp/1932266526 by Gabriele Giuseppini, who wrote the first 3 version of the tool.

Hope the holidays are treating you well!

-brett

 

 

IIS Admins. I am shamelssly pasting this anncoucment from the IIS team here. Very nice tool that leverages the new extensible IIS 7 pipeline, configuraiton system, and UI.

-brett

-----------------------------------------------------------

 

Install the URL Rewrite Module for IIS 7.0 RTW today!

Microsoft URL Rewrite Module for IIS 7.0 RTW (x86)

Microsoft URL Rewrite Module for IIS 7.0 RTW (x64)

Upgrade from Go Live release

If you already have Go Live release of URL Rewrite module installed then the installation package will upgrade it to RTW release. All rewrite rules in applicationHost.config and web.config files will be preserved. Note that system reboot may be necessary when upgrading from Go Live to RTW release.

ASP.NET update

The installer for URL Rewrite module includes an update for ASP.NET runtime. The update has fixes for bugs specific to URL rewriting. The update is applied only if the machine where URL Rewrite module is being installed has .NET Framework version 3.5 SP1 or higher. If required version of .NET Framework is installed after URL Rewrite module has been installed, then the ASP.NET update can be applied by re-running URL Rewrite module installer in repair mode.

Features

Here is the complete list of features supported by URL Rewrite module:

·         Rules-based URL rewriting engine. Rewrite rules are used to express the logic of what to compare/match the request URL with and what to do if comparison was successful. Web server and site administrators can use rewrite rule sets to define URL rewriting logic.

·         Regular expression pattern matching. Rewrite rules can use ECMA-262 compatible regular expression syntax for pattern matching.

·         Wildcard pattern matching. Rewrite rules can use Wildcard syntax for pattern matching

·         Global and distributed rewrite rules. Global rules are used to define server-wide URL rewriting logic. These rules are defined within applicationHost.config file and they cannot be overridden or disabled on any lower configuration levels. Distributed rules are used to define URL rewriting logic specific to a particular configuration scope. This type of rules can be defined on any configuration level by using web.config files.

·         Access to server variables and http headers. Server variables and HTTP headers provide additional information about current HTTP request. This information can be used to make rewriting decisions or to compose the output URL.

·         Various rule actions. Instead of rewriting a URL, a rule may perform other actions, such as issue an HTTP redirect, abort the request, or send a custom status code to HTTP client.

·         Support for IIS kernel mode and user mode output caching. IIS 7.0 output caching provides significant performance improvements for web applications. URL rewrite module is fully compatible with both types of output caching. This means that it is possible to safely cache responses for rewritten URL's and thus boost the performance of web applications that rely on URL rewriting.

• Rewrite maps. Rewrite map is an arbitrary collection of name-value pairs that can be used within rewrite rules to generate the substitution URL during rewriting. Rewrite maps are particularly useful when you have a large set of rewrite rules, all of which use static strings (i.e. there is no pattern matching used). In those cases, instead of defining a large set of simple rewrite rules, you can put all the mappings between input URL and substitution URL as keys and values into the rewrite map, and then have one rewrite rule which references this rewrite map to look up substitution URL based on the input URL.

·         Failed Request Tracing support. IIS7.0 Failed Request Tracing can be used to troubleshoot errors related to URL rewriting.

·         Extensible Rule templates. Rule template is an extension for URL rewrite module user interface, that simplifies creation of rewrite rules for a particular task.  The GoLive release of the module includes 3 built-in rule templates, plus it allows plugging in any number of custom templates.

·         UI for testing of regular expression and wildcard patterns. A GUI tool for testing rule patterns is included into the module's user interface. The tool can be used to quickly check how the regular expression or wildcard pattern works. Also, it can be used for troubleshooting and debugging of problems related to pattern matching.

·         UI for managing rewrite rules and rewrite maps. Rewrite rules and rewrite maps can be added, removed and edited by using "URL Rewrite Module" feature in IIS Manager.

• GUI tool for importing of mod_rewrite rules. URL rewrite module includes a GUI tool for converting rewrite rules from mod_rewrite format into an IIS format.

·         String manipulation functions. Built-in string manipulation functions can be used to convert URLs to lowercase and to perform URL encoding and decoding.

More information

The following resources related to Microsoft URL Rewrite Module are available on IIS.net:

Walkthroughs:

• Creating rewrite rules
• Using Failed Request Tracing to trace rewrite rules
• Using global and distributed rules
• Using rewrite maps
• Importing rewrite rules
• Enabling "Pretty Permalinks" in WordPress
• Rule templates
• User Friendly URL
• Rule with Rewrite Map
• Request Blocking
• Testing rule and condition patterns
• Using URL rewrite module - video walkthrough

References and guidance:

• URL Rewrite Module configuration reference
• URL Rewriting and ASP.NET routing
• URL Rewriting and Request Filtering
• URL Rewriting for ASP.NET Web Forms
• Developing rule templates for URL Rewrite module

Bill Staples posted an important annoucment about the availability of the Web Deployment tool release Beat 2.

When Bill says something like this "It is one of the fundamental building blocks that IIS will be building on the next several years.", that means "Hey you - IIS admin - pay attention to this cause it's going to REALLY important and some very cool features that you can't live without".

He goes on to say that current features include:

Migrate entire servers or individual sites from one machine to another (IIS6 –> IIS7)

Sync Servers, Sites, and Applications (IIS6 –> IIS6, and IIS7 –> IIS7)

Create offline packages that can be used as backups, version control, and deployment units

as well as:

- Support for SQL Server 2008 database deployment with sites
- Integration into the IIS Manager
- Upcoming support for Web Deploy built into Vistual Studio 2008

Check it out!

 http://blogs.iis.net/bills/archive/2008/10/30/iis-web-deployment-tool-beta-2-released.aspx

The IIS team continues to deliver on the promise of the modular pipeline. One often requested module was URL re-writing, which was released today.

-brett

 

Install the URL Rewrite Module for IIS 7.0 Go Live today!

Microsoft URL Rewrite Module for IIS 7.0 Go Live (x86)

Microsoft URL Rewrite Module for IIS 7.0 Go Live (x64)

New Features

Here are the features that are new since CTP release (for a complete list of features refer to this article):

·         Support for IIS kernel mode and user mode output caching. IIS 7.0 output caching provides significant performance improvements for web applications. URL rewrite module is fully compatible with both types of output caching. This means that it is possible to safely cache responses for rewritten URL's and thus boost the performance of web applications that rely on URL rewriting.

·         Lower case conversion. A lower case conversion function called "ToLower" can be used within rewrite rule to convert any rule input string or substitution URL to lower case.

·         Rule templates. Rule template is an extension for URL rewrite module user interface, that simplifies creation of rewrite rules for a particular task.  The Go Live release of the module includes 3 built-in rule templates, plus it allows plugging in any number of custom templates.

·         UI for testing of regular expression and wildcard patterns. A GUI tool for testing rule patterns is included into the module's user interface. The tool can be used to quickly check how the regular expression or wildcard pattern works. Also, it can be used for troubleshooting and debugging of problems related to pattern matching.

·         UI for managing rewrite rules and rewrite maps. Rewrite rules and rewrite maps can be added, removed and edited by using "URL Rewrite Module" feature in IIS Manager.

More information

New and updated walkthroughs: http://learn.iis.net/page.aspx/460/using-url-rewrite-module/

Updated configuration reference: http://learn.iis.net/page.aspx/465/url-rewrite-module-configuration-reference/

URL Rewriter Forum on IIS.NET: http://forums.iis.net/1152.aspx

Bill Staples sent this annoucment out about the release of this new tool. I know they worked on this for a loooong time. looking forward to feedback!

-brett

 

IIS is thrilled to announce the Beta 1 (Go Live) release of the Microsoft Web Deployment Tool! The tool provides deployment and migration support for IIS 6.0 and 7.0. It incorporates many features that enable web server administrators to deploy, sync and migrate sites, including configuration, content, SSL certificates and other types of content associated with a Web server.

 

This tool can be used on Windows Server 2008 and IIS 7.0 as well as Windows Server 2003 and IIS 6.0. Please note that this is a Beta release, support is available on the forums.

 

How to Get Started

Download the x86 version: http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1602

Download the x64 version: http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1603

Read the walkthroughs: http://go.microsoft.com/?linkid=8100895

 

Web Deployment Tool forum: http://forums.iis.net/1144.aspx

Web Deployment Team blog: http://blogs.iis.net/msdeploy/

 

Features

We've loaded this version with many great new features such as:

• PowerShell Support - We have PowerShell cmdlets so that you can integrate MS Deploy commands with PowerShell directly.
• Enhanced Dependency Checking - We have IIS7 dependency information listed, plus the ability to see where a dependency is being triggered from. For example, if you have a dependency on Windows Authentication, you can now determine where this is set in the configuration.
• Detailed Help File - We have a Help chm file included in the tool so that you can browse through all the functionality and flexibility offered by the tool, instead of looking through online walkthroughs.

 

The IIS team has released another preview of even more additions to IIS 7.

This time its the IIS 7 admin pack which adds some UI features that enhance the administration experience beyond what you get out of the box. This is possible due to the overhaul of the IIS  configuriation system which allows UI extensibility as well control over the request processing pipeline.

The admin pack adds (quote from Carlos' blog)

Request Filtering UI - This UI exposes the configuration of the IIS runtime feature called Request Filtering.

• Configuration Editor UI - This UI provides an advanced generic configuration editor entirely driven by our configuration schema. It includes things like Script Generation, Search functionality, advanced information such as locking and much more.
• Database Manager UI - This UI allows you to manage SQL Server databases from within IIS Manager, including the ability to create tables, execute queries, add indexes, primary keys, query data, insert rows, delete rows, and much more.
• IIS Reports UI - This extensible platform exposes a set of reports including some log parser based reports, displaying things like Top URL's, Hits per User, Page Performance, and many more.
• FastCGI UI - This UI exposes the configuration for the FastCGI runtime feature.
• ASP.NET Authorization UI - This UI allows you to configure the ASP.NET authorization settings.
• ASP.NET Custom Errors UI - This UI allows you to configure the Custom errors functionality of ASP.NET

Pay particularly close attention to the Database Manager UI. Carlos' had this idea a while back and did some very cool demos with it while IIS 7 was in beta. You can manage your SQL database right in the IIS 7 UI! Sweet.

Check it out http://blogs.msdn.com/carlosag/archive/2008/03/21/IISAdminPackTP1Released.aspx

-brett

Sukesh has developed and released on codeplex, a mobile application that lets your manage an IIS 7 server from your cell phone!

This is very cool application that shows off some of the great technology that is built into IIS 7 and .NET. This app uses the hostable web core, and LINQ plus the new management API, ,microsoft.web.adminsitration.

You can find his blog at http://www.awesomeideas.net/page/IIS7-Mobile-Admin.aspx which links into codeplex where you can download the source code!

Very  nice Sukesh! Keep em comin.

Thanks,

Brett

 

I can tell from the log files that webdav and IIS 7 is one of the hot search items.

So, here ya go! - here's an email I got at Microsoft annoucing it

---------------------------

After a year and a half of work and hundreds of hours of labor, we shipped the new WebDAV Extension for IIS 7.0 earlier today!

 

The new module is now available from the following URLs:

 

·         Microsoft WebDAV Extension for IIS 7.0 (x86)

o   http://www.iis.net/go/1621/

·         Microsoft WebDAV Extension for IIS 7.0 (x64)

o   http://www.iis.net/go/1618/

 

This new WebDAV module specifically targets RFC compliance, better integration into IIS, easier configuration, and more configurable security options.

 

 

The following walkthroughs have been published on the http://learn.iis.net/ web site to help people get started using the new WebDAV module:

 

• Getting Started:
• Installing and Configuring WebDAV on IIS 7.0
• What’s New for Microsoft and WebDAV?
• Using the WebDAV Redirector
• Advanced Administrative Features:
• How to manage WebDAV using APPCMD
• How to use custom properties with WebDAV
• How to configure WebDAV and Request Filtering
• Migrating FPSE Sites to WebDAV

Looking over the logs for search queries that wind up here, there's a need to post some FAQs now that IIS 7 is out.

Q: Can I install IIS 7 on XP or Windows Server 2003?
A: No.

Q: Where do I download IIS 7?
A: It's on the Vista or Windows Server 2008 DVD. Don't look for IIS7 on microsoft.com, it's not there.

Q: I have Vista, but don't see IIS 7.
A: Not all versions have IIS7.  See http://learn.iis.net/page.aspx/28/installing-iis7-on-vista/

Q: What happend to IIS_WPG?
A: See http://www.brettblog.com/2007/10/13/IISGroupsAndUsers.aspx

Q: What happened to the IUSR anonymous user?
A: See http://www.brettblog.com/2007/10/13/IISGroupsAndUsers.aspx

Q: Where is the mother lode of IIS7 info?
A: http://iis.net

Q: How do I disable IPv6?
A: Network properties for NIC

Q: How do I enable WebDAV (DAV) on IIS 7?
A: http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1579 Note that you will need to adust the URLFiltering section to allow DAV (see http://learn.iis.net/page.aspx/354/how-to-configure-webdav-with-request-filtering/ )

Q: Where do I get the updated IIS 7 FTP Server?
A: http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1619

If you have more questions you'd like see on this list, let me know!

-brett

As we near release for Windows Server 2008, the IIS team has released a beta of a very important tool called the Microsoft Web Deployment Tool.

How to replicate content and setting for web servers continually arises and is one of the most frequently asked questions I receive. Perhaps the second, and closely related question is how to migrate from IIS 6 to IIS 7. This tool has been in development for months but has not been widely discussed publicly so I personally and delighted that it is finally public.

Those of you who need something like this to replicate 6-6, 6-7 and 7-7 scenarios - please download and test this tool.  You can provide feedback to me or via the forums at iis.net. I'd be happy to connect your feedback to the managing PM on the IIS team.

Below is an email that circulated internally annoucing the tool with links.

Enjoy!

-brett

-----------

IIS is thrilled to announce the Technical Preview 1 release of the Microsoft Web Deployment Tool! The tool provides deployment and migration support for IIS 6.0 and 7.0. It incorporates many features that enable web server administrators to deploy, sync and migrate sites, including configuration, content, SSL certificates and other types of content associated with a Web server.

 

This tool can be used on Windows Server 2008 and IIS 7.0 as well as Windows Server 2003 and IIS 6.0. Please note that this is a Technical Preview release of the tool and should not be used on production servers. For a Tech Preview, only forum level support is available.  

 

How to Get Started

Download and read the walkthroughs: http://go.microsoft.com/?linkid=8100895

Download the x86 version: http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1602

Download the x64 version: http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1603

 

Web Deployment Tool forum: http://forums.iis.net/1144.aspx

Web Deployment Team blog: http://blogs.iis.net/msdeploy/

 

Features

The following list contains several of the features in this version:

·         Synchronization and Snapshot of IIS 6.0/IIS 7.0:

The sync operation provides administrators with a way to quickly synchronize a site or server and deploy changes to existing sites and servers. A synchronization allows you to synchronize one source with one destination. For example, you can synchronize two directory paths or two web servers. The sync can be performed with local or remote objects.

The snapshot, or archive, functionality allows administrators or developers to quickly take an archive of their web site or server for rollback, restore or backup purposes.

·         Migration from IIS 6.0:

The migrate operation provides administrators with a way to migrate sites or entire servers from IIS 6.0 to IIS 7.0, including their settings and content. A migration is essentially a way of synchronizing, filtered by migration rules. For example, when migrating from IIS 6.0 to IIS 7.0, MS Deploy will check the value of some properties and see if it is the IIS 6.0 default. If it is the default, such as the log files directory, it will instead use the value set on the IIS 7.0 server. This enables a server admin to maintain new settings on IIS 7.0 while moving sites or applications from IIS 6.0.

·         Analysis of IIS 6.0 Installed Features:

The analyze operation allows administrators to check what components are installed on the source server. In this way, they can determine if features are present that they will need in IIS 7.0 or that require more advanced setup than simply copying files. For example, ASP.NET requires more than a file copy and will need to be installed on the destination server.

·         Troubleshooting and Validation Features:

For validating an operation, the -whatif flag allows administrators to see what actions would happen when they perform an operation. This is especially useful for performing sync or migration, when they want to validate what changes will be made before performing them. For troubleshooting, the -verboseLevel flag allows administrators to get rich detail about what operations are being performed, and upon failure, the ability to diagnose the problem.

 

I just ran across these events sponsored by MSDN!

These are free sessions being held all over the country. Check it out!

http://www.msdnevents.com/

 

In days past, a Web server was simply a place to throw your static and dynamic pages for delivery. That’s all changed with recent releases of IIS – and IIS 7 is no exception. This session will highlight several key features of IIS that make it our most extensible, manageable and secure Web platform ever. You’ll learn about the modular design of IIS and the integrated pipeline, providing for new scenarios that involve sharing authentication across IIS, ASP.NET and other dynamic web server runtimes. We’ll explore how the new IIS protocol listeners enable IIS to host WCF services on a variety of protocols (not just HTTP), providing a scalable and manageable host for your distributed applications. You’ll see how easy it is to write modules and handlers in managed code. Plus you’ll learn about the new security aspects of IIS 7, from initial deployment to feature delegation to administrator lists. After this lively session, you’ll be raring to do much more with your Web server than simply copying over ASP.NET pages.

We’ll cover:

• Authentication methods and integration between ASP.NET and IIS 7
• Writing IIS managed handlers and modules
• How the IIS protocol listeners support hosting WCF services on TCP, Named Pipes and more
• IIS handler permissions, request filtering and administration lists
• How the XML replacement for the Metdata Config file makes it easy to duplicate Web servers
• Features and protocols that make IIS 7 secure right out of the box

Hiya,

Coming out of the Windows Server 2008 Hosting Roadshow, the same technical labs are available through MS Virtual Labs. The links to these labs are below.

Let me know what you think. Thanks!

•	TechNet Virtual Lab: Installation and the New Modular Architecture
•	TechNet Virtual Lab: Installing ASP, ASP.NET and PHP/FastCGI Applications on IIS 7
•	TechNet Virtual Lab: Using the new IIS 7 Configuration System featuring Delegated and Remote Administration
•	TechNet Virtual Lab: URL Authorization and Request Filtering in IIS 7
•	TechNet Virtual Lab: Administering the IIS 7 File Transfer Protocol (FTP) Server
•	TechNet Virtual Lab: Working with the IIS Manager
•	TechNet Virtual Lab: Implementing Preliminary Shared Hosting Guidelines and Shared Configuration
•	TechNet Virtual Lab: Rapid Troubleshooting with IIS 7 Failed Request Tracing

Let me know what you think or if you have questions.

-brett

A big shout out to IIS Pm Kanwaljeet Singla

File this under must have details for IIS 7. Very practical info on IIS 7 registry keys.

http://blogs.iis.net/ksingla/archive/2007/12/30/list-of-registry-keys-affecting-iis7-behavior.aspx

-brett

WebDAV is a way to publish files to your server. I've been a fan since I first saw it and have been teaching people about it for years. When you have everything setup correctly, you can open a web folder in Network Places (or neighborhood or whatever), or on your desktop, and when you drag and drop files into the folder, it publishes over the network using http to the server. Unfortunately, the story about DAV from Microsoft's end has been rather mottled. The specifics of what is possible using DAV, how it appears and behaves depends on the precise combination of which server you're using (DAV was supported on IIS 5 as well), the client (XP, 2000, Vista), and what application you use to do the DAV connection (Explorer, IE, Office, FrontPage).

However, in IIS 7, there is some very good news. Robert McMurray on the IIS team is the same guy that manages the FTP 7 project. He has improved, the DAV story for IIS 7 in many ways. I've had the chance to chat with him on numerous occasions about his vision and hopes for DAV and other publishing protocols and can tell you that he's the right guy for the job.

One of the biggest improvements is that DAV can be enabled per URL. In IIS 6, and 5, DAV was either functional for all sites or not. Now, you can use it just where you need it. The IIS 7 DAV provider integrates with the IIS 7 UI and leverages IIS 7 URL Authorization. URL Auth lets you allow or deny access to content using web.config files instead of ACLS.

This version of DAV is the SERVER side component. The client side will use one of the various providers mentioned earlier - but should work by simply creating a network connection to a dav enabled URL. One way to do this is in IE, using File, Open and selecting the checkbox "open as a web folder".

Once you setup DAV and get used to using it, you'll wonder how you managed without it.

http://blogs.iis.net/robert_mcmurray/archive/2007/12/22/webdav-module-for-windows-server-2008-golive-beta-is-released.aspx

 

-brett

So, say you're a developer and your thinking "gosh [like developers would say 'gosh'. How about OMG!], what If I could host IIS 7 in my application rather than have my application delivered by IIS 7".

IIS 7 has a feature that virtually no one has heard of called the hostable web core. It's purely a Developer feature but has a ton of potential so check out this blog post that has the most info released to date.

http://blogs.iis.net/ksingla/archive/2007/12/20/ins-amp-outs-of-hostable-web-core.aspx

Enjoy!

Brett

 

New IIS 7 Virtual Labs online! 

 

You can get hands on with IIS 7's new features and capabilties with these free online labs. These are IT Pro focused labs that came from the hosting roadshow and have been re-factored for online use. Enjoy!

• Installation and the Modular Architecture
• Installing ASP, ASP.NET and PHP/FastCGI Applications on IIS 7
• Using the new IIS 7 Configuration System featuring Delegated and Remote Administration 
• Troubleshooting with IIS 7 Failed Request Tracing 
• Using APPCMD with IIS 7

-Brett

 

BTW, RC1 of Windows Server 2008 is released. AFAIK, this is the last release before RTM.  Expect to see the official launch Feb 28th.

You can upgrade from RC1 to RTM! So if you've been avoiding Beta releases out of concern for stability, RC1 is is solid. (Actually, the server was really solid around beta 3).

Lots of new things to be excited about including an improved TCP/IP stack that should dramatically increase file transfers between Vista/Server and Server/Server. 

http://www.microsoft.com/windowsserver2008/audsel.mspx

BTW, the bits for SP1 of Vista share a lot in common with server as they are same the code base. As a result, Vista benefits from a lot of work done on Server and visa vera.  In the case of IIS 7, you will also get some new features.

=brett 

It's great to see this list of changes and updates to Vista coming up in SP1. Keep in mind that all of this is baked in to Windows Server 2008 as well. 

http://www.istartedsomething.com/20071208/vista-sp1-changelog/

Microsoft publishes detailed Vista SP1 “changelog” - istartedsomething

https://windowsbeta.microsoft.com/server/intro.aspx  is page that is open to the general public asking for feedback about Windows Server 2008.

I really want to encourage Microsoft to do more of this kind of thing and customer to take advantage of it!

Take a moment to respond if you can.

Thanks,

Brett

Good news!

Some of the labs we are using in the web hosting roadshow are now online. No muss no fuss, and free. The labs use the virtual labs technology that involves Virtual Server services hosted at Technet so you can explore IIS 7 on a real, bona fide, Windows Server 2008 server, over the internet right in your browser. If you haven't checked out the virtual labs, it's very cool. Check it out!

 

TechNet Virtual Lab: Installation and the New Modular Architecture

TechNet Virtual Lab: Installing ASP, ASP.NET and PHP/FastCGI Applications on IIS 7

TechNet Virtual Lab: Using the new IIS 7 Configuration System featuring Delegated and Remote Administration

TechNet Virtual Lab: Working with the IIS Manager (will be online soon)

TechNet Virtual Lab: Implementing Preliminary Shared Hosting Guidelines and Shared Configuration (will be online soon)

CTO of Applied.net sounds off about IIS 7 in production.

" I can say with confidence that we currently run IIS7 in production with Kayako Support Suite and it is extremely efficient.  We have always suffered with the challenge of deploying multiple server platforms in order to achieve a specific functionality from a php based application. This is no longer the case thanks to IIS7.   This  also means that “hybrid” developers will finally have a unified development platform."

Really, when I talk about IIS 7 being better, I'm not just making this stuff up.

Web Host Industry Review | theWHIR Blogs : The Skinny on IIS7

 

 Microsoft released the newest version of our FTP server for Windows Server 2008 Release Candidate 0 (RC0)!

 

Listed below are the links for the download pages for each of the individual installation packages:

• FTP 7 (x86) Installation Package
  http://go.microsoft.com/fwlink/?LinkId=87847
• FTP 7 (x64) Installation Package
  http://go.microsoft.com/fwlink/?LinkId=89114

 

This new FTP service incorporates many new features that enable web authors to publish content better than before, and offers web administrators more security and deployment options.

·         Integration with IIS 7.0: IIS 7.0 has a brand-new administration interface and configuration store, and the new FTP service is tightly integrated with this new design. The old IIS 6 metabase is gone, and a new configuration store that is based on the .NET XML-based *.config format has taken its place. In addition, IIS 7.0 has a new administration tool, and the new FTP server plugs seamlessly into that paradigm.

·         Support for new Internet standards: One of the most significant features in the new FTP server is support for FTP over SSL. The new FTP server also supports other Internet improvements such as UTF8 and IPv6.

·         Shared hosting improvements: By fully integrating into IIS 7.0, the new FTP server makes it possible to host FTP and Web content from the same site by simply adding an FTP binding to an existing Web site. In addition, the FTP server now has virtual host name support, making it possible to host multiple FTP sites on the same IP address. The new FTP server also has improved user isolation, now making it possible to isolate users through per-user virtual directories.

·         Extensibility and custom authentication: The new FTP server supports developer extensibility, making it possible for software vendors to write custom providers for FTP authentication. Microsoft is using this extensibility feature to implement two new methods for using non-Windows accounts for FTP authentication for IIS Managers and .NET Membership.

·         Improved logging support: FTP logging has been enhanced to include all FTP-related traffic, unique tracking for FTP sessions, FTP sub-statuses, additional detail fields in FTP logs, and much more.

·         New supportability features: IIS 7.0 has a new option to display detailed error messages for local users, and the FTP server supports this by providing detailed error responses when logging on locally to an FTP server. The FTP server also logs detailed information using Event Tracing for Windows (ETW), which provides additional detailed information for troubleshooting.

 

Additional information about new features in FTP7 is available in the "What's New for Microsoft and FTP?" topic on Microsoft's www.iis.net web site.

 

The following prerequisites are required to install this new version:

1. You must be using Windows Server 2008 (code name "Longhorn") Release Candidate 0 (RC0) or later.
2. Internet Information Services 7.0 must be installed.
3. If you are going to manage the new FTP server using the IIS 7.0 user interface, the administration tool will need to be installed.
4. You must install the new FTP server as an administrator.
5. IIS 7.0 supports a new shared configuration environment, which must be disabled on each server in a web farm before installing the new FTP server for each node. Note: Shared configuration can be re-enabled after the FTP server had been installed.
6. The FTP server that is shipped on the Windows Server 2008 DVD must be uninstalled before installing the new FTP server.

 

To help you get started using the new FTP server, the following walkthroughs have been published on the www.iis.net web site:

 

• Installing FTP7:
• Installing and Troubleshooting FTP7
• Working with FTP Sites:
• Creating a New FTP Site
• Add FTP publishing to an existing Web site
• Configuring Security Features:
• Configure FTP over SSL
• Configure FTP User Isolation
• Configure FTP virtual host names
• Configuring FTP Firewall Settings
• Advanced Administrative Features:
• Using FSRM Folder Quotas with FTP
• Configure IIS Manager Authentication
• Administering the New FTP Service using the IIS 7 Configuration Files

In case you missed it, RC0 released yesterday.

This is a very big milestone and IIS 7 with FastCGI and all the other goodness therein is included.

There are a few known issues posted on Mai-lan's blog at http://blogs.iis.net/mailant/archive/2007/09/24/windows-server-2008-rc0-available-now.aspx

You can find the bits at http://technet.microsoft.com/en-us/bb687945.aspx .There's even a VPC there so no excuses about not having hardware!

Why do I want you to check this out? Cause IIS 7 is not your typical version number increase release.
It is, in effect, an entirely new web server with new capabilites.

Enjoy!

- brett

Just in case anyone is reading this, you might have seen the posts from my EMEA web summit tour. Well, for some reason in Poland they decided to record the entire day.

Here are the links to the lectures and slide decks.

List of all session links to Web Administration Summit 2007:

http://www.microsoft.com/emea/itsshowtime/result_search.aspx?event=69&x=13&y=2

 

WEB ADMINISTRATION SUMMIT

IIS 7 Web Server Platform- Windows Server “Longhorn”

 

 

Microsoft’s Next Generation Web Server: What’s New in IIS 7 for IT Pros

Isaac Roybal, Product Manager, Windows Server, Microsoft Corporation

 

This overview session will highlight the key points of interests for IT Pros in Internet Information Services version 7.  IIS7 modularity increases security by allowing a reduced installation footprint and creation of specialized, streamlined servers. Application Pools are now “sandboxed” by default.  You’ll see how IIS7 eases administration with a new IIS Manage UI, delegated administration, and new tools for automating administrative tasks. Applications run more reliably as they are easier to troubleshoot with built in tracing and diagnostics. Finally, multiple servers can use a single configuration file with the shared configuration feature for web farms.

 

IIS7 Administration: The New IIS Manager

Brett Hill, IIS Sr. Technical Evangelist, Microsoft Corporation

 

IIS7 Administration centers around the new task-oriented IIS Manager. This redesigned administration tool has many major new capabilities including the ability to delegate features, edit .NET configuration and has significantly improved performance when managing many sites. The IIS Manager itself is an extensible, modular application that administrators can customize and developers can extend.  In this presentation we’ll explore how use and control the IIS Manager with a special focus on Delegated Administration. In addition, we’ll explore how to use Granular Locking to fine tune your delegated settings beyond those available in the UI.

 

 

 

IIS7 Administration: Shared Configuration, Remote Control, and Automated Tools

Isaac Roybal, Product Manager, Windows Server, Microsoft Corporation

 

For web farms, IIS7 has a powerful new feature – Shared Configuration. This allows you to configure multiple servers to share a single configuration file. The benefits are clear - all web servers have identical configuration so there’s no need to do configuration replication.

In addition, IIS Manager has built in remote administration capabilities. Using https between the IIS Manager and the remote server, this feature includes the ability to define trusted users in IIS Manager and have identities securely stored in the IIS configuration, Windows SAM or AD, or a .NET provider.

Of course, many organizations need to automate administration tasks.  APPCMD is the new powerful, general purpose command line utility for controlling configuration, state for site and pools, and querying status. WMI has been improved specifically for IIS management, and there’s a new managed code API Microsoft.Web.Adminsitrationis that makes it easy for developers use .NET to write IIS management tools. PowerShell can use the managed API or WMI, giving you a superior command line and scripting environment for managing your servers.

 

IIS 7 Security: Less Exposure, Greater Control

Brett Hill, IIS Sr. Technical Evangelist, Microsoft Corporation

 

IIS7 security improvements can be found in many areas. In addition to the ability to control the server footprint, security is improved with the new URLFiltering and URLAuthorization capabilities. Also, you can now use Forms authentication with any content while leveraging .NET role and membership providers. In addition, there are key changes in the user principles and groups used by IIS7 that will make the server both easier to manage and more secure.  Finally, application pool sandboxing helps to improve the security boundary between application pools.

 

 

 

IIS 7 Troubleshooting: Failed Request Tracing

Isaac Roybal, Product Manager, Windows Server, Microsoft Corporation

 

One of the most exciting features in IIS 7 for administrators is the new built-in failed request tracing capabilities. You can configure IIS 7 to automatically create a detailed trace log of events that occurred in the request processing pipeline when specific error codes are seen and/or if a request takes more than N seconds to complete. This is configurable at the server, site, application, or file level, and can be configured in the UI or with a command line tool. The resulting trace log is ideal for identifying bottlenecks. Like everything in IIS 7, it is extensible and can be customized with new events.

 

 

 

 

I've got a new job here at Microsoft as Technical Product Manager for Hosting Solutions. One of the first things up is a GIGANTIC roadshow we're producing for hosters to get hands on with IIS7. Best part is, I get to design the labs and content! I'm really excited to be working on this. The event is sadly only 1 day long, but is jammed with hands on labs and lectures so that attendees can go back and deploy IIS7 in their environment. The lab topics are IT Pro oriented rather than developer focused so don't sign up expecting to learn how to write an ihttp module. Do signgup if you're in the hosting industry and want to know how to deploy, configure, migrate apps, and troubleshoot IIS7. Of course, we're focusing on the new features rather than "this is a website.. it is used to deliver http content.." blah blah blah. Also, I try to keep marketing spin to a minimum.  My philoosphy has always been to let the technology sell itself.

It's worldwide and registraitons are open now for hosing industry personnnel.

 

REGISTER HERE!

 

Brett

Just to let you know where things are at with IIS 7 in terms of stability and reliablity, Microsoft.com has converted to their entire infrastructure to it. They are consitently in the top 5 of avaibility on the interent and if you talked to them like do, you'd know they take that very seriously.

Eric Woershing recently did an interview with Chad Kraykovic and Jeff Towes over at MS.com (as we call it internally), which you can find here http://blogs.iis.net/ewoersch/archive/2007/06/27/video-microsoft-com-operations-team-opens-up-on-deploying-iis7-early.aspx. This is a very good interview that details many tips for those migrating a web farm to IIS 7. I suggest checking it out. Eric also did a great summary. I liked this so much that I'm trying to get some labs and training created based on their best practices. That would be very useful as it goes beyond just IIS7. Things like "do this with your scripts", "use DSFR for content replication", and other tips that have been proven to be useful at Microsoft.com would work for most enterprises and hosters.

Excited about this new project!

-brett

 

Robert McMurray has a new video just posted on Channel 9 on the FTP server.

He's the program manager for web publishing and does a great set of demos that illustate most all the bells and whistles in the new code (called FPT7 internally). It's pretty cool so check it out.

http://channel9.msdn.com/ShowPost.aspx?PostID=319223

The big kahuna Bob Muglia anncounced at TechEd that the new Server Core SKU will have IIS7 on it.

This has been a frequent question I've recevied and I've meet customers that have heard all kinds of things, some correct and some incorrect. Finally, the details are out now and the Bill Staples gives a quick rundown at http://blogs.iis.net/bills/archive/2007/06/04/iis7-on-server-core.aspx. Check it out.

In a nutshell, IIS7 on server core will run native code application such as classic ASP, PHP, Perl (fastcgi is supported), ISAPI etc. It will not run .NET applications, but you can expect that to chnage (but probably  not by RTM). There won't be a UI so you will have to adminster it using APPCMD or WMI (Powershell sadly requires .NET so won't be on the SKU).

I'd like to go on record saying that Server Core is going to bigger for IIS7 than people think. It's a great hosting SKU, and is also ideal for low maintenance, special function servers.

The one point I want to make about server core that is missed a lot is that you can still take advantage of the IIS7 modular pipeline using native code http modules written in C++. In fact, in My work with customers, it was clear that the use of native code to write modules is signficantly improved. Mike Volodarsky told me it was a lot more like using managed code that was possible in W2K3 due to changes in the APIs. (http://mvolo.com/blogs/serverside/archive/2006/10/07/IIS7-modules-vs.-IIS6-ISAPI-_2300_10_3A00_-C_2B002B00_-Class_2D00_based-encapsulation-model.aspx) This means that the core server is a great, high speed, special function server that can streamlined and customized to meet customers needs. Woot!

Anyway, just want to shout about this as the lid has been on for a bit and now the news is out.

----

About the tour- I did write a post to wrap up bit got lost before I posted it when I advertnently closed the windows. I hate it when that happens. Will re-do the wrap up later.

later,

brett

 

 

So here are the dates, locations, registraion pages and speakers for the IIS7 EMEA roadshow. Some of the links might not be running yet, but this is what I have. We are putting the final touches on the presentations today and sending off Will and Rick tommorrow. Isaac and I leave the following week for Denmark and are really looking forward to it.

I know some of you may be asking "but what about <insert your country here>"? I am but a lowely speaker and my duties do not include such important tasks as choosing what locations to present at. That is evidently a complex task that falls to more capabale hands, thankfully, as I am terrible at this kind of task. Some countries do their events, others can't work with these dates, etc. etc. I can't believe that I finally get to go to Paris and I have 1 day, most of which is tied up in work! Arrrrgh. I am going to be in the city with Louvre and can't go! That is cruel and unusual punishment. Oh well. That's the price you pay sometimes to be an evangelist.

I'll be posting pictures, stories and other details as they occur.

Later.

Brett

Dates	Day	COUNTRY	SPEAKER 1	SPEAKER 2
SLOT 1
WEEK 1
14, May	Mon	Iceland	Will Sadler	Rick James	http://www.microsoft.com/iceland/events/webadmin_iceland.mspx
16, May	Wed	Croatia	Will Sadler	Rick James	http://croatia.tsrportal.com/
18, May	Fri	Greece	Will Sadler	Rick James	http://www.microsoft.com/hellas/events/web_administration_summit.mspx
WEEK 2
21, May	Mon	Belgium	Will Sadler	Rick James	http://wwwppe/belux/technet/nl/events/2007/webadmintour.mspx
23, May	Wed	UK	Will Sadler	Rick James	http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032339368&Culture=en-GB
25, May	Fri	Serbia	Will Sadler	Rick James
SLOT 2
WEEK 1
21, May	Mon
23, May	Wed	Denmark	Brett Hill	Isaac Roybal	http://wwwppe/danmark/technet/events/longhorn.mspx
25, May	Fri	Poland	Brett Hill	Isaac Roybal	http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032339981&Culture=pl-PL
WEEK 2
28, May	Mon	Sweden	Brett Hill	Isaac Roybal	http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032340256&Culture=sv-SE
30, May	Wed	France	Brett Hill	Isaac Roybal	http://www.microsoft.com/france/technet/evenements/web_adm_summit_tour.mspx
31, May	Thu	Italy	Brett Hill	Isaac Roybal	http://www.microsoft.com/italy/eventi/itPro.mspx

I'm going on a roadtrip to Europe for two weeks to present a 1 day class on IIS 7! There are actually two teams of two and I'm on the 2nd team leaving in two weeks for two weeks. (see http://blogs.iis.net/rickjames/archive/2007/05/06/iis-7-talks-reykjavik-and-london.aspx). This is going to be fun! Or course, getting the content together is part of the gig and that's a challenge as I am really hard nosed about getting it right. My style is a lot more informational and less marketing focused than some would like, but my belief is that if have a good product, you don't need a lot of hype. And IIS 7 is a good product.

As I study some of the demos we're doing and talk to the IIS program mangers, I learn more about some of the stuff under the covers that isn't getting a lot of press. Security is one of those topics and as luck would have it, is my particular most interested topic. Imagine that.

Did you know that IIS 7 has built in a new feature called URL Authorization that allows you to restrict access to content without using file permissions? You can simply entire a rule in the UI or directly in the .config file that says deny user="Bob" and Bob will be denied access. The cool part of this is that if you copy the content to another server (and this feature is delegeated), then your security rules move with the content. Think about that for bit. No more managing NTFS permissions on a per sever basis. You could just assign permissions for the worker process identity to have access to the content (and maybe the IUSR account <maybe? Yes maybe. You can tell IIS 7 to use the worker process identity for anon access!).

This is huge and it works with any content, not just .NET.

Just one of the many new security features built into IIS7 we'll be showing on the roadshow. I'm so psyched about the new security improvements that I'll be posting some screencasts on channel 9. But hey, you don't need to wait. It's not a special builld or anything. URLAuthorizatin is in Beta 3 Just download beta3 and check it out for yourself!

http://www.iis.net/articles/view.aspx/Managing-IIS7/Configuring-Security/URL-Authorization/Understanding-IIS7-URL-Authorization?tabid=1

http://www.microsoft.com/windowsserver/longhorn/audsel.mspx

I'll be posting pictures, quotes and details from the trip so stay tuned.

Finally I can talk about this!

Beta 3 was just signed off and will be posted very soon to connect.microsoft.com.

There is so much coolness in IIS 7 in Beta 3 that's hard to know where to start.

We've had several customers beating up this build pretty hard, including Microsoft.com. This is a good build for the web server platform (can't speak about the rest of it cause I don't know, but from the looks of things, it's all good).

What to look for in IIS7 Beta 3:

Of course, you've heard all about the modular pipeline. Right? what! Snap out of it! This is a big deal.

Shared configuration: You can now configure multiple IIS 7 servers to share a single application host config file. Whohoo! No more metabase replication.

Remote Administration: This is coolness in action. Use https from within IIS manager to connect to another IIS manager. Since it's https, it's firewall friendly and special ports need to be open. You authenticate to the remote IIS manager using Windows users, or you can define users in the IIS manger that are stored in Administration.config (encrypted credentials of course)

Disable Anon user: So if you disable the anon user in IIS7, anon access is still allowed, but you don't use the built in IUSR account. All anon access occurs as the process identity. If you give each process a unique identity, you also give it a unique anon users when this is enabled. Add sandoxing and shared config, and you have a nice package for web farms with secure pools. 

App Pool Sandbox: This takes a while to explain, but essentially, each pool winds up with a configuration file that contains only the settings for that pool and can only be read by that pool.  In this way, an applicaiton pool cannot revert to self and read the configuration of any other pool.

Extensible UI: The UI is not just new from IIS6, it's a platform in and of itself that can be modifed and updated. Look to Carlos' blog and the downloads page on IIS.net for new extensions that are already available. http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1328

Are you ready for this: New FTP server! released at the same time as beta 3 is a long awaited new FTP server AND yes,  it supports FTP with SSL (FTPS as I recall as opposed to SFTP). You will find this as a seperate donwload on IIS.net soon. It is not built into longhorn. When you install this puppy you will see first hand  that we aren't kidding about IIS 7 extensiblity. There will be new UI icons and configuration features. In the past, this is something that only Microsoft or a few ISVs would do (modify the UI and IIS configuration), but since the UI is a Winform app, extensiblity is built in, and the IIS 7 schema can be extended with just an XML snippet. Developers are going to be adding all kinds of newness to the IIS Manager. BTW, if you install FTP on Longhorn using the Server Manager or package manager command line, you get the old FTP server in the MMC console.

I know you asking "where can I get more info" and the answer is that papers are being uploaded to IIS.net very soon. Questions? Ask on the IIS.net forums.

I got to go, but I'm really psyched about this release. There is a lot more to talk about so stay tuned.

PS. Bill Staples just posted an annoucment to his blog. http://blogs.iis.net/bills/archive/2007/04/25/what-s-new-in-iis7-beta-3.aspx

-brett

 

 

Longhorn Beta 3 is coming very soon.

It features a solid implmentation of IIS 7 that has features you've not seen before! It will be broadly available, AND there will be a Go Live liscense available that allows you to put it into production. Production? This build is very solid and if you've been waiting for a base build to test, this is it.

Stay tuned.

-brett

Finally a document on HTTP.sys!

 Just got a ping from the http.sys team alerting me to this link where you'll find a paper on http.sys on Vista and Longhorn.

http://www.microsoft.com/downloads/details.aspx?FamilyID=311f4be8-9983-4ab0-9685-f1bfec1e7d62&displaylang=en

 

-bret

So, many people will IIS 7 in hand beginning next week with Vista being available. For those of you have not seen it but are interested,you will need to take some time to get up to speed on the new UI and features. Of course, one of the most practical beneifts of IIS 7 on Vista is that you can make more than one website and it's not limited to 10 connections. It will process 10 requests at a time making it impractical to use as a server - but works great as dev platform.

Be sure to get the version of Vista that has the features you want! THEY ARE DIFFERENT. Here's the definitive list of differences on a feature by feature basis: Notice that Windows Authentication in particular is not available on several versions: http://www.iis.net/default.aspx?tabid=2&subtabid=25&i=1100

The IIS team is working fevershily on IIS 7 on Longhorn Server. It's not quite time to discuss the key features that will be on the server version that are not on Vista, but they are going to be very, very useful for enteprises and it won't impact your ability to develop code on Vista to run on IIS 7 in any core way. If you write an applicaiton on Vista to use IIS 7 features, it will run on IIS 7. In fact, our experience has shown that in many cases, ihttp handlers and ihttp modules for ASP.net run without modification. That is not always true as there are some differences in the environment between the core pipline of IIS 7 and the ASP.net pipeline in IIS6.

Keep in mind also that when you install IIS 7, you do NOT get an IIS 6 (or IIS 5.1) equivalent. IIS 7 is LESS enabled with a default install than in previous releases. Be sure to install the features you need using Turn on/Off Windows features or package manager. See details here: http://www.iis.net/default.aspx?tabid=2&subtabid=25&i=957

Mike Volodarsky has an article about this on IIS.net http://www.iis.net/default.aspx?tabid=2&subtabid=23&i=1223. His blog http://mvolo.com/blogs/serverside/ is also reqruied reading for IIS 7 devs.

Please post problems on IIS.net forums which the team montors. That is the best way, I hope, to get help for  your issues and report problems. It absoulety does happen that people report bugs there and they become fixes in the product. 

Thanks!

Brett

(using your best commercial voice)

SEE what Powershell can do you!

THRILL at the capability of IIS's new FASTCGI support native cache!

IMAGINE the possibilities!

GET the sourcecode!

WATCH the video!

http://channel9.msdn.com/Showpost.aspx?postid=256994

Join Bill Staples, Product Unit Manager for IIS 7, and Jeffrey Snover, MMC and Windows PowerShell Architect, as they discuss the new features of Windows Server “Longhorn”, IIS 7 and Windows PowerShell.  See how much easier it is to manage an IIS 7 single box or an IIS 7 web farm with Windows PowerShell

Seems like all I do these day is post entries about other peoples entries. It points out one of my main functions here is as a concentrator of content. It also points out my utter lack of creative output, but hopefully no one will notice.

Mike has posted an excellent piece on a detail in IIS 7 that will make a devs live far easier. See http://mvolo.com/2006/11/01/iis7-modules-vs-iis6-isapi-memory-management.aspx for details about how IIS 7 memory management.

 

-brett

 

Gotta see this. It's the narrative and screen shots from Bill Staples presentation this morning on FastCGI. You'll find details there about this new preview of FASTCGI as well as info on the new IIS 7 native cache.

http://blogs.iis.net/bills/archive/2006/10/31/PHP-on-IIS.aspx

If you're intrested in some of the new stuff coming out of Microsoft check out this just posted content:

Developing Rich Experiences with Microsoft® .NET Framework 3.0 and Visual Studio® 2005

https://www.microsoftelearning.com/eLearning/offerDetail.aspx?offerPriceId=109340

You might think, "why do I care about this if I just do IIS 7". The reason is that IIS 7 allows you to create applications using these technologies (aside from Avalon) and you WILL see IIS 7 applications that make heavy use of Workflow to track processes in applications as well as even determine which page to show in a web application. Imagine having an IIS 7 module that determined which pages to show based on a users membership level, region, lanugage, rights on the site, etc. CardSpace is a part of this too - and I keep saying this so get used to it - CARDSPACE IS HUGE. HUGE. In two-three years that is all you're gonna hear about. Finally Windows Communication Foundation - for web services has a big tie in to IIS 7 as it can host WCF services.

IIS 7 lets you take advantage of these technologies and offer them as modules or handlers to all your sites. Or extend them in an application to use in tracing and troublehsooting logs.

So, free training for developers intersted in this stuff. This will not be free after Vista ships.

After you've looked at this, look at IIS.net on how to write a managed module or handler and let me know if you have a cool idea about how to integrated IIS7 and .NET 3.0

-brett

Just a few minutes ago, Vista RC2 was posted to the TechBeta (connect.microsoft.com). It is on it's way to TechNet and MSDN by next week.

-brett

 

This time, I corralled Robert McMurray from the IIS team. He's working on publishing for IIS 7 some of which is not yet public info. The publishing story is in good hands with Robert as he has lots of great ideas about it (which he does not discuss in this podcast!). He's been working with IIS since --- IIS 1. Yikes. So he has career here is full of "institutional memory", and he's got a lot of good stories to tell. You can often find him at TechEds, PDCs etc as he's an avid "booth" worker and likes meeting customers. Besides that, he plays guitar!

Anyway, check out the interview at:

http://channel9.msdn.com/Shows/IIS_Show

Not Bill G, silly, Bill S. Bill Staples the product unit manager for the IIS team which means the captain of the IIS boat.

He is often unpredictable about posting stuff that no one else yet knows about and he recently posted a new piece about RC1 and IIS 7.

http://blogs.iis.net/bills/archive/2006/09/05/IIS7...

There's no blockbuster news there aside from the fact the RC1 is done. Outside of Microsoft it looks like just another release for a belated OS, but internally people are working their butts off to get this done. It's an intrusting process to witness from inside.

Expect to see an updated LH Server build available to beta participants very, very soon!

As Bill says in is blog, Vista and Longhorn are coming together pretty well. I recently updated my main working system to Vista (a process we call dogfooding.) and RC1 is clearly the best release to date. Looks like we're on track to hit our release dates. This means that you can start looking at IIS 7 in vista as very, very indicative of what you will see in Longhorn Server. Aside from some spit and polish and some significant performance testing, there will be some features added that make sense for an enterprise or high capability sever, but otherwise, Vista bits and LH server bits for IIS 7 will be very much alike

-brett

CR1 of Vista has been officially released. I am hopeful that most of you can get it since it is a widely distributed release. IIS 7 is included in this release and it will be virtually identical to the RTM version.

The IIS team is working hard on IIS 7, sever version now which will be almost identical to the Vista release with added support for UNC paths and other server based features. In other words, applications you develop on Vista will work on Longhorn Server, so you can start understanding how it works as well as studying the new system. web. administration API, modular design etc.

You can check IIS.net for updated content.

-brett

The IIS team is meeting this week over lunch where they have someone present to the extended team details about what's going on with IIS 7. It's cool cause you get to see everyone at once that you don't normally see in the same place and because it's a chance to review what's going on with each of the major section areas. Today the topic was security and Thomas Deml discusses some of the new features. Some of these details haven't been highlighted much so I'd thought it would be good to go over them.

#1 Best security feature and top ranking improvement of all time for IT Pros: the IUSR account is now a built in account. In other words, it's not a local account anymore like it is on IIS 4-6. You can finally copy your content from one IIS 7 to another and permissions you've set like "Deny IUSR Execute" will be good on the target system. That's a big help for replication and recovery.

#2 The IIS_WPG group goes away. You will no longer need to assign application pool identities to the IIS_WPG. Any application pool identity is automatically assigned to a built in group that has the right memberships to host the w3wp.exe process.

#3 Request Filtering: This is a manged module that lets you control what kinds of request will and won't be allowed to access the server, site, or application. Sort of like URLScan but lets you have different rules for different places.

#4 .NET Role/Membership Providers: You can use any .NET role or membership provider as the store for users and groups. This works with Forms auth of course so you can implement forms authentication for any content, like static files, .asp, .cfm or whatever you like - and store your users in just about any store you like - ADAM, XML, Oracle, MySQL, Access, SQLExpress2005, whatever you like.

#5 Hidden Namespaces: This is actually part of request processing but deserves to be called out separately. You can declare a namespace as hidden so a folder like "Secrets" cannot be accessed. This protects folders like AppData and AppCode for example.

#6 Skinny Install: When you install IIS 7, you do NOT get equivalent functionality to IIS 6. Since IIS 7 is more modular, it is possible to install less and still deliver some content. So, in keeping with the mantra "install only what you need", Microsoft isn't making assumptions about what you need except that since you said you wanted IIS 7 installed, there's decent chance you want the web server installed. However, if you want ASP.net, or CGI capability, or even Windows Authentication, you'll have to ask for it.  See http://brettblog.com/PermaLink,guid,d4f6c28c-83c5-4166-a805-61cb968172e6.aspx for details.

#7 Reduced Footprint: By removing modules you don't need from the server, you have reduced security exposure. This is not quite the same thing as #6. Skinny install is my own slang for the new reduced install feature set. That translates to fewer modules, but you could potentially take things down even further. The point here is that the feature set of IIS 7 is tweakable to host only those you require, thereby reducing the footprint and attack surface.

If you (or I) think of any more, I'll add them.

-brett

This article is by Technical Evangelist Michael Jurek. He has written a couple of IIS 7 modules that I use extensivly in demonstrations. Technically, this is a handler rather than module, but the point is the same - to illustrate how you can use managed code to modigy the behavior of the http request processing pipeline.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dniis/html/iis7run.asp

Longhorn server has soom cool features but only a handful get any attention. Buried in the feature set is a complete overhaul of the tcp/ip stack. When I first heard about massive speed improvements with file transfers from using Longhorn, I was skeptical (which I usually am believe it or not of such claims). However, the source was had a lot of credibitily - it was Casey Jacobs from who manages Microsoft.com. Over luch one day he was detailing to me how they had done some preliminary testing on file transfer speeds. The result were so astounding they rechecked their numbers. I have been hesitant to make any public claims since I haven't confirmed their testing nor has the IIS team formally tested this scneario (yet). But I found where Casey blogged about it.

(http://blogs.technet.com/mscom/archive/2006/07/11/441154.aspx)

 Below are results from copying a 199MB file between Microsoft data centers:

• Pull from W2K3 in CA to W2K3 in WA:  ~2:12
• Pull from W2K3 in CA to Longhorn in WA:  ~0:12
• Pull from Longhorn in CA to Longhorn in WA:  ~0:04

This is a big deal improvement. IIS 7 will of course benefit from this. Based on this, we can speculate that IIS 7 will make an oustanding base for delivering large media files, VPCs, gigabytes of log files or other reports.

 

In fact, it might be possible for your Windows 2003 Server, when upgraded, to suddenly saturate your bandwidth!  Casey's tests reported they achieved >890Mbs per server. 

 

Casey quickly gets to this point:

 

With these gains in network utilization, there is a paradigm shift in what network utilization amounts to network congestion.  Previously with each client/server connection taking a relatively small portion of the available bandwidth over latent links, it was much easier to determine when network link utilization was becoming an issue.  Now, two servers can fill a 1 Gig WAN link all by themselves, .

For further information on the TCP/IP changes in Vista and Longhorn:

 http://www.microsoft.com/technet/itsolutions/network/evaluate/new_network.mspx

 

-brett

 

I just created a new discussion list for IIS 7 on my list server.

You can signup at http://iislists.com if you want to. No spam I promise.

FYI, this list server is not associated with Mircrosoft, just something I do to help the community. I've had the list server for years, long before I started at Microsoft.

So, if you want to subscribe, please do. It is not moderated (unless people go crazy which happens from time to time so I'll intervene if necessary, but is rare). There are a lot of good admins on the IIS6 lists, so check it out. 

-brett

 

This podcast in the ASP.net Podcast show series by Wally McClure features an interview with Thomas Deml and Chris Adams from the IIS team and myself. Thomas is a group program manager on the team which means he manages a few other program mangaers. Chris is the community program manager and I'm a technical evangelist that has a "dotted line" connection to the team, but work actually for the LongHorn Server evangelism group in DPE (Developer and Platform Evangelism). -brett Check it out: http://aspnetpodcast.com/CS11/blogs/asp.net_podcast/archive/2006/05/30/329.aspx