Somehow I started revisiting Log Parser resources and links today and wanted to post a few things. If you don't know about Logparser and you manage an IIS server or set of servers (almost any type), then stop what you're doing and go to http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1287 , download and smile.

It slices , it dices, it reads multiple log file formats using a SQL like syntax and outputs into multiple formats. The guys at Microsoft.com swear by this jewel.  (PS read anything, ANYTHING written by Jeffery Johnson).  

Here's a visual wrapper that may be helpful. I haven't used it and it's still beta, so don't know how buggy it is or not. http://www.codeplex.com/visuallogparser 

Don't miss this as free online logparser resource that appears to be very active forum.

http://forums.iis.net/default.aspx?GroupID=51

And check this out: http://www.amazon.com/Microsoft-Parser-Toolkit-Gabriele-Giuseppini/dp/1932266526 by Gabriele Giuseppini, who wrote the first 3 version of the tool.

Hope the holidays are treating you well!

-brett

IIS Admins. I am shamelssly pasting this anncoucment from the IIS team here. Very nice tool that leverages the new extensible IIS 7 pipeline, configuraiton system, and UI.

-brett

-----------------------------------------------------------

Install the URL Rewrite Module for IIS 7.0 RTW today!

Microsoft URL Rewrite Module for IIS 7.0 RTW (x86)

Microsoft URL Rewrite Module for IIS 7.0 RTW (x64)

Upgrade from Go Live release

If you already have Go Live release of URL Rewrite module installed then the installation package will upgrade it to RTW release. All rewrite rules in applicationHost.config and web.config files will be preserved. Note that system reboot may be necessary when upgrading from Go Live to RTW release.

ASP.NET update

The installer for URL Rewrite module includes an update for ASP.NET runtime. The update has fixes for bugs specific to URL rewriting. The update is applied only if the machine where URL Rewrite module is being installed has .NET Framework version 3.5 SP1 or higher. If required version of .NET Framework is installed after URL Rewrite module has been installed, then the ASP.NET update can be applied by re-running URL Rewrite module installer in repair mode.

Features

Here is the complete list of features supported by URL Rewrite module:

·         Rules-based URL rewriting engine. Rewrite rules are used to express the logic of what to compare/match the request URL with and what to do if comparison was successful. Web server and site administrators can use rewrite rule sets to define URL rewriting logic.

·         Regular expression pattern matching. Rewrite rules can use ECMA-262 compatible regular expression syntax for pattern matching.

·         Wildcard pattern matching. Rewrite rules can use Wildcard syntax for pattern matching

·         Global and distributed rewrite rules. Global rules are used to define server-wide URL rewriting logic. These rules are defined within applicationHost.config file and they cannot be overridden or disabled on any lower configuration levels. Distributed rules are used to define URL rewriting logic specific to a particular configuration scope. This type of rules can be defined on any configuration level by using web.config files.

·         Access to server variables and http headers. Server variables and HTTP headers provide additional information about current HTTP request. This information can be used to make rewriting decisions or to compose the output URL.

·         Various rule actions. Instead of rewriting a URL, a rule may perform other actions, such as issue an HTTP redirect, abort the request, or send a custom status code to HTTP client.

·         Support for IIS kernel mode and user mode output caching. IIS 7.0 output caching provides significant performance improvements for web applications. URL rewrite module is fully compatible with both types of output caching. This means that it is possible to safely cache responses for rewritten URL's and thus boost the performance of web applications that rely on URL rewriting.

• Rewrite maps. Rewrite map is an arbitrary collection of name-value pairs that can be used within rewrite rules to generate the substitution URL during rewriting. Rewrite maps are particularly useful when you have a large set of rewrite rules, all of which use static strings (i.e. there is no pattern matching used). In those cases, instead of defining a large set of simple rewrite rules, you can put all the mappings between input URL and substitution URL as keys and values into the rewrite map, and then have one rewrite rule which references this rewrite map to look up substitution URL based on the input URL.

·         Failed Request Tracing support. IIS7.0 Failed Request Tracing can be used to troubleshoot errors related to URL rewriting.

·         Extensible Rule templates. Rule template is an extension for URL rewrite module user interface, that simplifies creation of rewrite rules for a particular task.  The GoLive release of the module includes 3 built-in rule templates, plus it allows plugging in any number of custom templates.

·         UI for testing of regular expression and wildcard patterns. A GUI tool for testing rule patterns is included into the module's user interface. The tool can be used to quickly check how the regular expression or wildcard pattern works. Also, it can be used for troubleshooting and debugging of problems related to pattern matching.

·         UI for managing rewrite rules and rewrite maps. Rewrite rules and rewrite maps can be added, removed and edited by using "URL Rewrite Module" feature in IIS Manager.

• GUI tool for importing of mod_rewrite rules. URL rewrite module includes a GUI tool for converting rewrite rules from mod_rewrite format into an IIS format.

·         String manipulation functions. Built-in string manipulation functions can be used to convert URLs to lowercase and to perform URL encoding and decoding.

More information

The following resources related to Microsoft URL Rewrite Module are available on IIS.net:

Walkthroughs:

• Creating rewrite rules
• Using Failed Request Tracing to trace rewrite rules
• Using global and distributed rules
• Using rewrite maps
• Importing rewrite rules
• Enabling "Pretty Permalinks" in WordPress
• Rule templates
• User Friendly URL
• Rule with Rewrite Map
• Request Blocking
• Testing rule and condition patterns
• Using URL rewrite module - video walkthrough

References and guidance:

• URL Rewrite Module configuration reference
• URL Rewriting and ASP.NET routing
• URL Rewriting and Request Filtering
• URL Rewriting for ASP.NET Web Forms
• Developing rule templates for URL Rewrite module

Bill Staples posted an important annoucment about the availability of the Web Deployment tool release Beat 2.

When Bill says something like this "It is one of the fundamental building blocks that IIS will be building on the next several years.", that means "Hey you - IIS admin - pay attention to this cause it's going to REALLY important and some very cool features that you can't live without".

He goes on to say that current features include:

The IIS team has released another preview of even more additions to IIS 7.

This time its the IIS 7 admin pack which adds some UI features that enhance the administration experience beyond what you get out of the box. This is possible due to the overhaul of the IIS  configuriation system which allows UI extensibility as well control over the request processing pipeline.

The admin pack adds (quote from Carlos' blog)

Request Filtering UI - This UI exposes the configuration of the IIS runtime feature called Request Filtering.

• Configuration Editor UI - This UI provides an advanced generic configuration editor entirely driven by our configuration schema. It includes things like Script Generation, Search functionality, advanced information such as locking and much more.
• Database Manager UI - This UI allows you to manage SQL Server databases from within IIS Manager, including the ability to create tables, execute queries, add indexes, primary keys, query data, insert rows, delete rows, and much more.
• IIS Reports UI - This extensible platform exposes a set of reports including some log parser based reports, displaying things like Top URL's, Hits per User, Page Performance, and many more.
• FastCGI UI - This UI exposes the configuration for the FastCGI runtime feature.
• ASP.NET Authorization UI - This UI allows you to configure the ASP.NET authorization settings.
• ASP.NET Custom Errors UI - This UI allows you to configure the Custom errors functionality of ASP.NET

Pay particularly close attention to the Database Manager UI. Carlos' had this idea a while back and did some very cool demos with it while IIS 7 was in beta. You can manage your SQL database right in the IIS 7 UI! Sweet.

Check it out http://blogs.msdn.com/carlosag/archive/2008/03/21/IISAdminPackTP1Released.aspx

-brett

As we near release for Windows Server 2008, the IIS team has released a beta of a very important tool called the Microsoft Web Deployment Tool.

How to replicate content and setting for web servers continually arises and is one of the most frequently asked questions I receive. Perhaps the second, and closely related question is how to migrate from IIS 6 to IIS 7. This tool has been in development for months but has not been widely discussed publicly so I personally and delighted that it is finally public.

Those of you who need something like this to replicate 6-6, 6-7 and 7-7 scenarios - please download and test this tool.  You can provide feedback to me or via the forums at iis.net. I'd be happy to connect your feedback to the managing PM on the IIS team.

Below is an email that circulated internally annoucing the tool with links.

Enjoy!

-brett

-----------

IIS is thrilled to announce the Technical Preview 1 release of the Microsoft Web Deployment Tool! The tool provides deployment and migration support for IIS 6.0 and 7.0. It incorporates many features that enable web server administrators to deploy, sync and migrate sites, including configuration, content, SSL certificates and other types of content associated with a Web server.

This tool can be used on Windows Server 2008 and IIS 7.0 as well as Windows Server 2003 and IIS 6.0. Please note that this is a Technical Preview release of the tool and should not be used on production servers. For a Tech Preview, only forum level support is available.  

How to Get Started

Download and read the walkthroughs: http://go.microsoft.com/?linkid=8100895

Download the x86 version: http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1602

Download the x64 version: http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1603

Web Deployment Tool forum: http://forums.iis.net/1144.aspx

Web Deployment Team blog: http://blogs.iis.net/msdeploy/

Features

The following list contains several of the features in this version:

·         Synchronization and Snapshot of IIS 6.0/IIS 7.0:

The sync operation provides administrators with a way to quickly synchronize a site or server and deploy changes to existing sites and servers. A synchronization allows you to synchronize one source with one destination. For example, you can synchronize two directory paths or two web servers. The sync can be performed with local or remote objects.

The snapshot, or archive, functionality allows administrators or developers to quickly take an archive of their web site or server for rollback, restore or backup purposes.

·         Migration from IIS 6.0:

The migrate operation provides administrators with a way to migrate sites or entire servers from IIS 6.0 to IIS 7.0, including their settings and content. A migration is essentially a way of synchronizing, filtered by migration rules. For example, when migrating from IIS 6.0 to IIS 7.0, MS Deploy will check the value of some properties and see if it is the IIS 6.0 default. If it is the default, such as the log files directory, it will instead use the value set on the IIS 7.0 server. This enables a server admin to maintain new settings on IIS 7.0 while moving sites or applications from IIS 6.0.

·         Analysis of IIS 6.0 Installed Features:

The analyze operation allows administrators to check what components are installed on the source server. In this way, they can determine if features are present that they will need in IIS 7.0 or that require more advanced setup than simply copying files. For example, ASP.NET requires more than a file copy and will need to be installed on the destination server.

·         Troubleshooting and Validation Features:

For validating an operation, the -whatif flag allows administrators to see what actions would happen when they perform an operation. This is especially useful for performing sync or migration, when they want to validate what changes will be made before performing them. For troubleshooting, the -verboseLevel flag allows administrators to get rich detail about what operations are being performed, and upon failure, the ability to diagnose the problem.

Hiya,

Coming out of the Windows Server 2008 Hosting Roadshow, the same technical labs are available through MS Virtual Labs. The links to these labs are below.

Let me know what you think. Thanks!

Let me know what you think or if you have questions.

-brett

A big shout out to IIS Pm Kanwaljeet Singla

File this under must have details for IIS 7. Very practical info on IIS 7 registry keys.

http://blogs.iis.net/ksingla/archive/2007/12/30/list-of-registry-keys-affecting-iis7-behavior.aspx

-brett

WebDAV is a way to publish files to your server. I've been a fan since I first saw it and have been teaching people about it for years. When you have everything setup correctly, you can open a web folder in Network Places (or neighborhood or whatever), or on your desktop, and when you drag and drop files into the folder, it publishes over the network using http to the server. Unfortunately, the story about DAV from Microsoft's end has been rather mottled. The specifics of what is possible using DAV, how it appears and behaves depends on the precise combination of which server you're using (DAV was supported on IIS 5 as well), the client (XP, 2000, Vista), and what application you use to do the DAV connection (Explorer, IE, Office, FrontPage).

However, in IIS 7, there is some very good news. Robert McMurray on the IIS team is the same guy that manages the FTP 7 project. He has improved, the DAV story for IIS 7 in many ways. I've had the chance to chat with him on numerous occasions about his vision and hopes for DAV and other publishing protocols and can tell you that he's the right guy for the job.

One of the biggest improvements is that DAV can be enabled per URL. In IIS 6, and 5, DAV was either functional for all sites or not. Now, you can use it just where you need it. The IIS 7 DAV provider integrates with the IIS 7 UI and leverages IIS 7 URL Authorization. URL Auth lets you allow or deny access to content using web.config files instead of ACLS.

This version of DAV is the SERVER side component. The client side will use one of the various providers mentioned earlier - but should work by simply creating a network connection to a dav enabled URL. One way to do this is in IE, using File, Open and selecting the checkbox "open as a web folder".

Once you setup DAV and get used to using it, you'll wonder how you managed without it.

http://blogs.iis.net/robert_mcmurray/archive/2007/12/22/webdav-module-for-windows-server-2008-golive-beta-is-released.aspx

-brett

New IIS 7 Virtual Labs online! 

You can get hands on with IIS 7's new features and capabilties with these free online labs. These are IT Pro focused labs that came from the hosting roadshow and have been re-factored for online use. Enjoy!

• Installation and the Modular Architecture
• Installing ASP, ASP.NET and PHP/FastCGI Applications on IIS 7
• Using the new IIS 7 Configuration System featuring Delegated and Remote Administration 
• Troubleshooting with IIS 7 Failed Request Tracing 
• Using APPCMD with IIS 7

-Brett

By special request, here's an outline of the users and groups used by IIS and what they do.

IIS 5 and 6

- IUSR_<servermame> - this is the default anon user for IIS 4, 5, and 6. It is a local account with a large, random password. The account does not exist until IIS is installed. IIS is installed by default on Windows 2000 but not 2003. If you disable this account, anon authentication will fail unless you create assign a new one. This user is a member of Everyone, Users, Authenicated Users, Guests, and the Network built in account (by default).

- IWAM_<servername> - this guy is found on IIS 5 and on IIS 6. I don't recall if it's in IIS 4 as I haven't laid eyes in an IIS 4 server in about 5 years. In IIS 6, it is only used when you run your server in IIS 5 mode, called IIS 5 worker process isolation mode or some such overly long phrase. In this case, sites  and application that are set to run in medium or high isolation run in dllhost.exe as the IWAM_<servername> user.

- ASPNET - this is a local account used to launch the aspnet_wp.exe on IIS 5 and in IIS 6 when it runs in IIS 5 mode.See http://msdn2.microsoft.com/en-us/library/bakfs900(VS.80).aspx for details on how to control the identity of asp_net.exe. It is not typically used in IIS 6 and is not supported on IIS 7.

- IIS_WPG - This is a local group on Windows Server 2003 that is used for one purpose. The IIS _WPG has rights to register application pools with http.sys. What this means is that that if you assign an application pool a unique idenity, you must also add them to this group. By default, this group has the System, Local Service and Network Service accounts in it. By default, application pools on IIS 6 use the Network Service account. If you don't assign custom application pool idenities, you don't need to mess with the membership of this group. Do not delete this group, espcially on a domain controller.

IIS 7

Doesn't have any of the above accounts. Instead you'll find:

- IUSR - built in account for Windows Server 2008 and Vista. Created when IIS 7 is instaled. The IUSR account has the same SID on all Windows Server 2008 systems and Vista. A built in account is different than a local account. Built in accounts cannot be used to log in locally to the server so they don't have a password.

- IUSRS - This is the updated version of the IIS_WPG for IIS 7. The new coolness is that has autmatically maintained membership.

-------

What runs as who when?

For anonymous access, the request will be the run as the assinged anonymous user (preusming that anon authentication is enabled and the anon user has the required access rights). If the request is for ASP.net, subsequent page requests and background operations will access the file system as the process identity (this is the default behavior). Most of the time this is the Network Service account on IIS 6 or the ASPNET user on IIS 5. If not using ASP.net, file access for will be as the anonymous user unless the application your a running reverts to the process identity to do something on the server that the user does not have rights to do. There are quite a few more complications of course, but this typically how things go.

To do research about this, your best friend is Filemon.exe. I learned most of the limited knowledge I have about this by messing around with Filemon and permissions. When you set Deny Full Control, Everyone on a file and then access the file in the web application while Filemon is running, the Access Denied in Filemon will also show you the user that was denied access. Another fun tool to play with is w3ho.dll, a resource kit utility.

Hopefully this is useful.

Let me know

-brett

I've got a new job here at Microsoft as Technical Product Manager for Hosting Solutions. One of the first things up is a GIGANTIC roadshow we're producing for hosters to get hands on with IIS7. Best part is, I get to design the labs and content! I'm really excited to be working on this. The event is sadly only 1 day long, but is jammed with hands on labs and lectures so that attendees can go back and deploy IIS7 in their environment. The lab topics are IT Pro oriented rather than developer focused so don't sign up expecting to learn how to write an ihttp module. Do signgup if you're in the hosting industry and want to know how to deploy, configure, migrate apps, and troubleshoot IIS7. Of course, we're focusing on the new features rather than "this is a website.. it is used to deliver http content.." blah blah blah. Also, I try to keep marketing spin to a minimum.  My philoosphy has always been to let the technology sell itself.

It's worldwide and registraitons are open now for hosing industry personnnel.

REGISTER HERE!

Brett

Robert McMurray has a new video just posted on Channel 9 on the FTP server.

He's the program manager for web publishing and does a great set of demos that illustate most all the bells and whistles in the new code (called FPT7 internally). It's pretty cool so check it out.

http://channel9.msdn.com/ShowPost.aspx?PostID=319223

What can 1 person and web server do anyway? Make a million bucks? Listen to this interview with Markus Frind from PlentyofFish.com about how he moved from a home busienss to a Web 2.0 phenom

http://channel9.msdn.com/Shows/IIS_Show

Interesting stats from his server: http://plentyoffish.wordpress.com/2007/02/09/aspnet-and-iis-2-million-pageviews-per-hour/

Finally a document on HTTP.sys!

 Just got a ping from the http.sys team alerting me to this link where you'll find a paper on http.sys on Vista and Longhorn.

http://www.microsoft.com/downloads/details.aspx?FamilyID=311f4be8-9983-4ab0-9685-f1bfec1e7d62&displaylang=en

-bret