Chris AdamsChris AdamsProgram ManagerProgram ManagerIIS Product UnitIIS Product Unit

Microsoft CorporationMicrosoft Corporation

Managing IIS 6.0 Servers in Managing IIS 6.0 Servers in an Enterprise Environment: an Enterprise Environment: A Handful of Tips and TricksA Handful of Tips and Tricks

AgendaAgendaA quick introduction…A quick introduction…Understanding Complexities with DeploymentsUnderstanding Complexities with DeploymentsManaging IIS 6.0 & applications in an EnterpriseManaging IIS 6.0 & applications in an EnterprisePreparing when things go wrong…Preparing when things go wrong…Protection: Looking at disastersProtection: Looking at disastersSummary…Summary…

A quick introduction…A quick introduction…The day starts and ends with PreparationThe day starts and ends with Preparation

IT Administrators lifecycle events in IISIT Administrators lifecycle events in IIS DeploymentsDeployments Managing Sites & ApplicationsManaging Sites & Applications Troubleshooting & DiagnosticsTroubleshooting & Diagnostics Preparing for the unknown: DisastersPreparing for the unknown: Disasters

Prepare with understanding of ToolsPrepare with understanding of ToolsDeployment: ScriptingDeployment: ScriptingManaging: Log Parser, Performance MonitorManaging: Log Parser, Performance MonitorTroubleshooting: Event Tracing, Log Parser, Debug Diagnostics Troubleshooting: Event Tracing, Log Parser, Debug Diagnostics 1.01.0Disasters: Xcopy, IIsCertDeploy, IIsBackDisasters: Xcopy, IIsCertDeploy, IIsBack

A quick introduction (2)A quick introduction (2)Tools for IIS 6.0 enterprise management factsTools for IIS 6.0 enterprise management facts

OS-related tools shipped on Windows Server OS-related tools shipped on Windows Server 2003 CD2003 CD IIS 6.0 related tools shipped on the Windows IIS 6.0 related tools shipped on the Windows Server 2003 CDServer 2003 CD IIS 6.0 Resource Kit ToolsIIS 6.0 Resource Kit Tools IIS Diagnostics Tools: www.iisdiagnostics.comIIS Diagnostics Tools: www.iisdiagnostics.com

Today…learn how to use ‘em right! (I hope!)Today…learn how to use ‘em right! (I hope!)

Understanding Understanding complexities complexities

with with DeploymentsDeployments

Understanding Complexities Understanding Complexities with Deploymentswith Deployments

Why is it so hard?Why is it so hard? Moving IIS 6.0 configuration from server to Moving IIS 6.0 configuration from server to serversservers Effectively doing “diffs” between IIS 6.0 serversEffectively doing “diffs” between IIS 6.0 servers Moving content from server to serverMoving content from server to server

How do I solve these complexities?How do I solve these complexities? Understand what tools to useUnderstand what tools to use Understand your IIS 6.0 server requirementsUnderstand your IIS 6.0 server requirements Model deployments (i.e. templatize them)Model deployments (i.e. templatize them)

Understanding Complexities Understanding Complexities with Deployments (2)with Deployments (2)

Tools to use:Tools to use: Xcopy or RobocopyXcopy or Robocopy IIsCnfg.vbs, AdsUtil.vbs & IIsExt.vbsIIsCnfg.vbs, AdsUtil.vbs & IIsExt.vbs IIsCertDeploy.vbs (only for SSL-enabled sites)IIsCertDeploy.vbs (only for SSL-enabled sites)

XCopy\RobocopyXCopy\Robocopy Moves content from server to serverMoves content from server to server Why use this method?Why use this method?

Server Backups offer disk-based & files backupServer Backups offer disk-based & files backup Web Farms: Difficult because you have x-serversWeb Farms: Difficult because you have x-servers Use Xcopy\Robocopy to move to Central LocationUse Xcopy\Robocopy to move to Central Location

Understanding Complexities Understanding Complexities with Deployments (3)with Deployments (3)

IIsCnfg.vbsIIsCnfg.vbs Moves configuration from dev\staging environmentMoves configuration from dev\staging environment /export /export /import – Understand offerings /import – Understand offerings Automation opportunities…Automation opportunities…

AdsUtil.vbsAdsUtil.vbs First step: Add to System Path (not in %windirFirst step: Add to System Path (not in %windir%\system32)%\system32) Default: %systemroot%\inetpub\adminscriptsDefault: %systemroot%\inetpub\adminscripts

Understanding Complexities Understanding Complexities with Deployments (4)with Deployments (4)

IIsExt.vbs: Used to enable dynamic contentIIsExt.vbs: Used to enable dynamic content ISAPI’s: Typically *.dll’sISAPI’s: Typically *.dll’s

Do not require regsrv32 (like COM objects)Do not require regsrv32 (like COM objects) Requires Path for DeploymentRequires Path for Deployment Application Permissions: RequirementsApplication Permissions: Requirements

CGI’s:CGI’s: Typically *.exe or *.cgiTypically *.exe or *.cgi Base Threads for ExecutionBase Threads for Execution

Security: Enable one-by-one, or per applicationSecurity: Enable one-by-one, or per application Do not choose “Allow all Unknown…”Do not choose “Allow all Unknown…”

Understanding Complexities Understanding Complexities with Deployments (5)with Deployments (5)

SSL-enabled sites & IIsCertDeploy.vbsSSL-enabled sites & IIsCertDeploy.vbsSSL Background:SSL Background:

Typical: IP:Port Bindings for SSL-enabled sitesTypical: IP:Port Bindings for SSL-enabled sites Advanced: IP:Port:HostHeaderAdvanced: IP:Port:HostHeader

Requires Service Pack 1Requires Service Pack 1

Why is this important?Why is this important? Testing environments with no SSL are Testing environments with no SSL are dangerous & problematicdangerous & problematic

Single ServerSingle Server iiscertdeploy.vbs –e %pathtopfxfile% -I %metabasepath% -p pwdforfileiiscertdeploy.vbs –e %pathtopfxfile% -I %metabasepath% -p pwdforfile

Understanding Complexities Understanding Complexities with Deployments (6)with Deployments (6)

Why is this important? (cont.)Why is this important? (cont.) Ex: Testing using IP address, not FQDNEx: Testing using IP address, not FQDN Ex: 4443, not 443Using non-standard portsEx: 4443, not 443Using non-standard ports

Result: Failure to understand the end-user’s Result: Failure to understand the end-user’s experienceexperienceMoving Certificate from Test to ProductionMoving Certificate from Test to Production

One Click DeploymentOne Click Deployment

demonstrationdemonstration

Managing IIS Managing IIS 6.0 & 6.0 &

applications applications in an in an

EnterpriseEnterprise

Managing IIS 6.0 & applications Managing IIS 6.0 & applications in an Enterprisein an Enterprise

Use the right ToolsUse the right Tools Core OS ToolsCore OS Tools

Using Performance MonitorUsing Performance Monitor Service Pack 1 TracingService Pack 1 Tracing

Microsoft Operations Manager (MOM) 2005Microsoft Operations Manager (MOM) 2005

Base lining the applicationBase lining the application Understanding the Applications usageUnderstanding the Applications usage

Top request URI’s per dayTop request URI’s per day Maximum Requests per time slotMaximum Requests per time slot

Managing IIS 6.0 & applications Managing IIS 6.0 & applications in an Enterprise (2)in an Enterprise (2)

Using Log Parser to get this Top …Using Log Parser to get this Top … URI’s per dayURI’s per day Max Requests per time slotMax Requests per time slot

REM ** Top URI Per DayREM ** Top URI Per Day

SELECT TO_STRING(TO_LOCALTIME(TO_TIMESTAMP(date, time)), 'HH') SELECT TO_STRING(TO_LOCALTIME(TO_TIMESTAMP(date, time)), 'HH') AS Hours, AS Hours, COUNT(*) AS PercentHits COUNT(*) AS PercentHits

INTO PercentHourlyHits.gif INTO PercentHourlyHits.gif FROM logs\ex*.logFROM logs\ex*.log

www.logparser.com www.logparser.com for more…for more…

Managing IIS 6.0 & applications Managing IIS 6.0 & applications in an Enterprise (3)in an Enterprise (3)

Why should you install Service Pack 1?Why should you install Service Pack 1? Many features added…Many features added…

Enable Metabase AuditingEnable Metabase Auditing Enable Static CompressionEnable Static Compression Enable key Logging FieldsEnable key Logging Fields Centralized W3C LoggingCentralized W3C Logging

Biggest: Enterprise Tracing events increased Biggest: Enterprise Tracing events increased 10x to ~240 events10x to ~240 eventsWhat is tracing (um, how ETM works?)What is tracing (um, how ETM works?)

Managing IIS 6.0 & applications Managing IIS 6.0 & applications in an Enterprise (5)in an Enterprise (5)

How ETW works -How ETW works -

Managing IIS 6.0 & applications Managing IIS 6.0 & applications in an Enterprise (6)in an Enterprise (6)

Primary purpose of Primary purpose of Tracing – Tracing – Diagnostics…Diagnostics…Why do I use Why do I use tracing to “manage” tracing to “manage” applications?applications?

Application Application “Profiling”“Profiling” Know each Know each component “used” component “used” for the applicationfor the application

Begin RequestBegin Request

Read MetadataRead Metadata

AuthenticateAuthenticate

AuthorizeAuthorize

CachedCached

ISAPI FilterISAPI Filter

Determine Determine HandlerHandler

Request

Managing IIS 6.0 & applications Managing IIS 6.0 & applications in an Enterprise (6)in an Enterprise (6)

Additional thoughts…Additional thoughts… Improve performance by using compression Improve performance by using compression where appropriatewhere appropriate Review Application Pool (i.e. worker processes) Review Application Pool (i.e. worker processes) strategystrategy

Using time-based recycling – when?Using time-based recycling – when? Using request-based recyclingUsing request-based recycling Memory-based recycling…Memory-based recycling…

Avoid downtime: Turn off recycling on Avoid downtime: Turn off recycling on configuration changesconfiguration changes

A few tricks…(or Tips)A few tricks…(or Tips) Enable Metabase AuditingEnable Metabase Auditing Enable CompressionEnable Compression Enable Centralized LoggingEnable Centralized Logging Enable Time-Taken, etc.Enable Time-Taken, etc. Enable LogEventOnRecycleEnable LogEventOnRecycle

demonstrationdemonstration

Preparing Preparing when things when things go wrong…go wrong…

Preparing when things go Preparing when things go wrong…wrong…

Troubleshooting 101Troubleshooting 101 Isolate the issues…Isolate the issues… Web Farm considerationsWeb Farm considerations

““Typical” issues Typical” issues youyou deal with… (or will!) deal with… (or will!) Application failures: Crash, Hang, or Memory LeaksApplication failures: Crash, Hang, or Memory Leaks Server Errors: HTTP 500 ErrorsServer Errors: HTTP 500 Errors

Common Tools used for Troubleshooting:Common Tools used for Troubleshooting:Windows Server 2003 Service Pack 1 TracingWindows Server 2003 Service Pack 1 Tracingwww.iisdiagnostics.com (Log Parser, IIS Request Viewer, www.iisdiagnostics.com (Log Parser, IIS Request Viewer, DebugDiag, AuthDiag, SSLDiag) DebugDiag, AuthDiag, SSLDiag)

Viewing Currently Viewing Currently Executing Requests Executing Requests Using Tracing & IIS Using Tracing & IIS Request ViewerRequest Viewer

demonstrationdemonstration

Finding Permission Finding Permission Failures with Failures with AuthDiag’s AuthMonAuthDiag’s AuthMon

demonstrationdemonstration

Protection: Protection: Looking at Looking at DisastersDisasters

Protection: Looking at Protection: Looking at DisastersDisasters

Often overlooked, rarely prepared for…Often overlooked, rarely prepared for…Why overlooked?Why overlooked?

IT professionals often think they are covered with IT professionals often think they are covered with disk backupsdisk backups Misconception that System state backups include Misconception that System state backups include MetabaseMetabase

Creating turn-key solutions for backups & Creating turn-key solutions for backups & recoveryrecovery

Simplify: Create a single share to create single Simplify: Create a single share to create single directory for capturedirectory for capture Test, test, and testTest, test, and test

Protection: Looking at Disasters Protection: Looking at Disasters (2)(2)

Backing up IIS 6.0 & key data pointsBacking up IIS 6.0 & key data pointsWhat data to get…What data to get…

SSL Certificates (if necessary)SSL Certificates (if necessary) IIS 6.0 MetabaseIIS 6.0 Metabase ContentContent

Get it done… Practice, practice, practiceGet it done… Practice, practice, practice

Automating Backups in IIS 6.0Automating Backups in IIS 6.0

demonstrationdemonstration

Protection: Looking at Disasters Protection: Looking at Disasters (3)(3)

Restoring IIS 6.0 & key data pointsRestoring IIS 6.0 & key data points Benefit of central storeBenefit of central store

Turn-key restore script needs no fancy connectionsTurn-key restore script needs no fancy connections If central store not available, use tape backup to restore If central store not available, use tape backup to restore to another location (and update script!)to another location (and update script!)

Make sure all scripts are hosted locally on server Make sure all scripts are hosted locally on server and in system pathand in system path

Get it done…Practice, practice, practiceGet it done…Practice, practice, practice

Turn key (one-click) restoresTurn key (one-click) restores

demonstrationdemonstration

Session SummarySession SummaryUse the right tools to deploy IIS 6.0 Use the right tools to deploy IIS 6.0 configuration, content, and configuration, content, and dependenciesdependencies

Use application log data to find out Use application log data to find out how your application workshow your application works

Configure your server the right way Configure your server the right way at deployment, not afterwardsat deployment, not afterwards

Be prepared for failures and take Be prepared for failures and take appropriate actionappropriate action

Always have a roll-back strategy – Always have a roll-back strategy – timing is everything!timing is everything!

References and ResourcesReferences and ResourcesDrill-down webcasts on key topics discussed Drill-down webcasts on key topics discussed today:today:

Automate, Automate, Automate: Scripting IIS 6.0Automate, Automate, Automate: Scripting IIS 6.0http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventIDhttp://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID

=1032280620&EventCategory=5&culture=en-US&CountryCode=US=1032280620&EventCategory=5&culture=en-US&CountryCode=US Disaster Recovery and IIS 6.0: Metabase Backups in a NutshellDisaster Recovery and IIS 6.0: Metabase Backups in a Nutshell http://msevents.microsoft.com/CUI/EventDetail.aspx?http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032255809&Culture=en-USEventID=1032255809&Culture=en-US

IIS 6.0: IIsCnfg.vbs versus IIsBack.vbsIIS 6.0: IIsCnfg.vbs versus IIsBack.vbshttp://msevents.microsoft.com/CUI/EventDetail.aspx?http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032268486&Culture=en-USEventID=1032268486&Culture=en-US

Using Host Headers with SSL-enabled WebsitesUsing Host Headers with SSL-enabled Websiteshttp://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032280959&EventCategory=5&culture=en-US&CountryCode=US EventID=1032280959&EventCategory=5&culture=en-US&CountryCode=US

References and Resources References and Resources (2)(2)

Drill-down webcasts on key topics discussed today:Drill-down webcasts on key topics discussed today: Using MOM Web Sites and Services Management PackUsing MOM Web Sites and Services Management Pack

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032267008&EventCategory=5&culture=en-EventID=1032267008&EventCategory=5&culture=en-US&CountryCode=US US&CountryCode=US IIS 6.0 Service Pack Tracing: Inside and OutIIS 6.0 Service Pack Tracing: Inside and Outhttp://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032268451&EventCategory=5&culture=en-EventID=1032268451&EventCategory=5&culture=en-US&CountryCode=US US&CountryCode=US

IIS Data Mining with Log Parser 2.xIIS Data Mining with Log Parser 2.xhttp://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032263723&EventCategory=3&culture=en-EventID=1032263723&EventCategory=3&culture=en-US&CountryCode=US US&CountryCode=US