DefinIT

Configuring Server 2008 R2 Core Series: Installing and Managing IIS

So, you’ve installed a new server with Server 2008 R2 Core – what next? Logging on, you’re presented with a shiny command prompt, you can run notepad or regedit…but aside from that, where do you go from there? In the next few series of posts I’ll hopefully point out the basics, and some not so basics!

In this post, I’m covering Installing the IIS web server (and a few useful bits) and managing it from the IIS Management Snap-in.

Installing the basic IIS installation

Installing optional components in Server 2008 R2 Core is handled by two commands, OCList and OCSetup. OCList, as the name suggests, lists the optional components and their status, installed or not installed. It’s a long list, so I recommend issuing the command with the “|more” pipe:

oclist | more

The output looks something like this:

image

OCSetup will accept any one, or multiple, of the roles listed in OCList as an argument to install. It’s recommended you use the command with “start /w” preceding so that the command prompt will wait for the installation to finish before continuing.

To install the basic IIS web server install, use

start /w ocsetup IIS-WebServerRole

As far as I can see, this installs the roles:

Installed:IIS-WebServerRole

Installed:IIS-WebServer

Installed:IIS-ApplicationDevelopment

Installed:IIS-CommonHttpFeatures

Installed:IIS-DefaultDocument

Installed:IIS-DirectoryBrowsing

Installed:IIS-HttpErrors

Installed:IIS-StaticContent

Installed:IIS-HealthAndDiagnostics

Installed:IIS-HttpLogging

Installed:IIS-Performance

Installed:IIS-HttpCompressionStatic

Installed:IIS-Security

Installed:IIS-RequestFiltering

Installed:IIS-WebServerManagementTools

In order to get .Net functioning and allow remote management, you’ll also need the following components installed, a registry key added and the Web Management Service Started (in order):

start /w ocsetup WAS-NetFxEnvironment
start /w ocsetup IIS-ISAPIExtensions
start /w ocsetup IIS-ISAPIFilter
start /w ocsetup IIS-NetFxExtensibility
start /w ocsetup IIS-ASPNET
start /w ocsetup IIS-ManagementService

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WebManagement\Server /v EnableRemoteManagement /t REG_DWORD /d 1

net start wmsvc

You should now be able to manage your IIS server via the IIS Management Console on a Windows Server 2008 or Windows 7 PC with Remote Server Administration Tools installed.

image

You can also manage IIS through a PowerShell addin, if you run powershell.exe on your Server Core installation, then import the WebAdministration Module:

C:\Users\Administrator>powershell
Windows PowerShell
Copyright (C) 2009 Microsoft Corporation. All rights reserved.

PS C:\Users\Administrator> Import-Module WebAdministration
PS C:\Users\Administrator> Get-Command -PsSnapin WebAdministration

CommandType     Name                            Definition
-----------     ----                            ----------
Cmdlet          Add-WebConfiguration            Add-WebConfiguration [-Filte...
Cmdlet          Add-WebConfigurationLock        Add-WebConfigurationLock [-F...
Cmdlet          Add-WebConfigurationProperty    Add-WebConfigurationProperty...
Cmdlet          Backup-WebConfiguration         Backup-WebConfiguration [-Na...
Alias           Begin-WebCommitDelay            Start-WebCommitDelay
Cmdlet          Clear-WebConfiguration          Clear-WebConfiguration [-Fil...
Cmdlet          Clear-WebRequestTracingSettings Clear-WebRequestTracingSetti...
Cmdlet          ConvertTo-WebApplication        ConvertTo-WebApplication [[-...
Cmdlet          Disable-WebGlobalModule         Disable-WebGlobalModule [-Na...
Cmdlet          Disable-WebRequestTracing       Disable-WebRequestTracing [[...
Cmdlet          Enable-WebGlobalModule          Enable-WebGlobalModule [-Nam...
Cmdlet          Enable-WebRequestTracing        Enable-WebRequestTracing [[-...
Alias           End-WebCommitDelay              Stop-WebCommitDelay
Cmdlet          Get-WebAppDomain                Get-WebAppDomain [-InputObje...
Cmdlet          Get-WebApplication              Get-WebApplication [[-Name] ...
Cmdlet          Get-WebAppPoolState             Get-WebAppPoolState [[-Name]...
Cmdlet          Get-WebBinding                  Get-WebBinding [[-Name] <Str...
Cmdlet          Get-WebConfigFile               Get-WebConfigFile [[-PSPath]...
Cmdlet          Get-WebConfiguration            Get-WebConfiguration [-Filte...
Cmdlet          Get-WebConfigurationBackup      Get-WebConfigurationBackup [...
Cmdlet          Get-WebConfigurationLocation    Get-WebConfigurationLocation...
Cmdlet          Get-WebConfigurationLock        Get-WebConfigurationLock [-F...
Cmdlet          Get-WebConfigurationProperty    Get-WebConfigurationProperty...
Cmdlet          Get-WebFilePath                 Get-WebFilePath [[-PSPath] <...
Cmdlet          Get-WebGlobalModule             Get-WebGlobalModule [[-Name]...
Cmdlet          Get-WebHandler                  Get-WebHandler [[-Name] <Str...
Cmdlet          Get-WebItemState                Get-WebItemState [[-PSPath] ...
Cmdlet          Get-WebManagedModule            Get-WebManagedModule [[-Name...
Cmdlet          Get-WebRequest                  Get-WebRequest [-InputObject...
Cmdlet          Get-Website                     Get-Website [[-Name] <String...
Cmdlet          Get-WebsiteState                Get-WebsiteState [[-Name] <S...
Cmdlet          Get-WebURL                      Get-WebURL [[-PSPath] <Strin...
Cmdlet          Get-WebVirtualDirectory         Get-WebVirtualDirectory [[-N...
Function        IIS:                            set-location IIS:
Cmdlet          New-WebApplication              New-WebApplication [-Name] <...
Cmdlet          New-WebAppPool                  New-WebAppPool [-Name] <Stri...
Cmdlet          New-WebBinding                  New-WebBinding [[-Name] <Str...
Cmdlet          New-WebFtpSite                  New-WebFtpSite [-Name] <Stri...
Cmdlet          New-WebGlobalModule             New-WebGlobalModule [-Name] ...
Cmdlet          New-WebHandler                  New-WebHandler [-Name] <Stri...
Cmdlet          New-WebManagedModule            New-WebManagedModule [-Name]...
Cmdlet          New-Website                     New-Website [-Name] <String>...
Cmdlet          New-WebVirtualDirectory         New-WebVirtualDirectory [-Na...
Cmdlet          Remove-WebApplication           Remove-WebApplication [-Name...
Cmdlet          Remove-WebAppPool               Remove-WebAppPool [-Name] <S...
Cmdlet          Remove-WebBinding               Remove-WebBinding [-Protocol...
Cmdlet          Remove-WebConfigurationBackup   Remove-WebConfigurationBacku...
Cmdlet          Remove-WebConfigurationLocation Remove-WebConfigurationLocat...
Cmdlet          Remove-WebConfigurationLock     Remove-WebConfigurationLock ...
Cmdlet          Remove-WebConfigurationProperty Remove-WebConfigurationPrope...
Cmdlet          Remove-WebGlobalModule          Remove-WebGlobalModule [-Nam...
Cmdlet          Remove-WebHandler               Remove-WebHandler [-Name] <S...
Cmdlet          Remove-WebManagedModule         Remove-WebManagedModule [-Na...
Cmdlet          Remove-Website                  Remove-Website [-Name] <Stri...
Cmdlet          Remove-WebVirtualDirectory      Remove-WebVirtualDirectory [...
Cmdlet          Rename-WebConfigurationLocation Rename-WebConfigurationLocat...
Cmdlet          Restart-WebAppPool              Restart-WebAppPool [[-Name] ...
Cmdlet          Restart-WebItem                 Restart-WebItem [[-PSPath] <...
Cmdlet          Restore-WebConfiguration        Restore-WebConfiguration [-N...
Cmdlet          Select-WebConfiguration         Select-WebConfiguration [-Fi...
Cmdlet          Set-WebBinding                  Set-WebBinding [[-Name] <Str...
Cmdlet          Set-WebConfiguration            Set-WebConfiguration [-Filte...
Cmdlet          Set-WebConfigurationProperty    Set-WebConfigurationProperty...
Cmdlet          Set-WebGlobalModule             Set-WebGlobalModule [-Name] ...
Cmdlet          Set-WebHandler                  Set-WebHandler [-Name] <Stri...
Cmdlet          Set-WebManagedModule            Set-WebManagedModule [-Name]...
Cmdlet          Start-WebAppPool                Start-WebAppPool [[-Name] <S...
Cmdlet          Start-WebCommitDelay            Start-WebCommitDelay [-Verbo...
Cmdlet          Start-WebItem                   Start-WebItem [[-PSPath] <St...
Cmdlet          Start-Website                   Start-Website [[-Name] <Stri...
Cmdlet          Stop-WebAppPool                 Stop-WebAppPool [[-Name] <St...
Cmdlet          Stop-WebCommitDelay             Stop-WebCommitDelay [[-PSPat...
Cmdlet          Stop-WebItem                    Stop-WebItem [[-PSPath] <Str...
Cmdlet          Stop-Website                    Stop-Website [[-Name] <Strin...

Serve up a .NET page, to taste

Not that you’d doubt me (!) but there’s one last thing to do – prove it worked. Fortunately, there’s an easy way to do that. I borrowed the code from www.codefixer.com to create a little “hello world” page. Since the default website is c:\inetpub\wwwroot\ I saved the page there as default.aspx and fired up my browser – et voila!

image

Compiling a .Net DLL for a medium trust environment

| 18/09/2008 | Tags: ,

Recently I wrote a little utility for a client using the excellent Html Agility Pack to read and navigate through a HTML page, selecting the data that was needed and parsing it – basically a screen scrape. I downloaded the source, compiled it, added a reference to the dll in my project and tapped away for a few minutes and et voila, within a few minutes a working screen scrape. A fantastic library.

On uploading the project to my GoDaddy web hosting however, I encountered a problem. You see, my hosting is a shared hosting environment, and like most such webhosting environments is set to a Medium Trust level for .Net applications. As MS dryly puts it:

Applications that receive less than full trust by the runtime code
access security system are not allowed to call shared managed libraries
unless the library writer specifically allows them to through the use
of the AllowPartiallyTrustedCallersAttribute Class.
Therefore, application writers must be aware that some libraries will
not be available to them from a partially trusted context.

The solution, although slightly confusing from the MS documentation, is actually very simple. I opened the HtmlAgilityPack source code, and edited the AssemblyInfo.cs file. Firstly, add a reference to the AllowPartiallyTrustedCallersAttribute:

[assembly: AllowPartiallyTrustedCallersAttribute()]

Since AllowPartiallyTrustedCallersAttribute is part of the System.Security namespace, we must add a reference at the top of the page:

using System.Security;

I then rebuilt the project, rebuilt the web project and it now works like a charm.

Restoring the ASP.NET tab in IIS

| 04/04/2008 | Tags: , , ,

If you've logged onto the properties for your IIS install and found that the ASP.NET tab has mysteriously disappered, you can try a couple of things.

Firstly, try re-registering ASP.NET with IIS using the ASPNET_REGIIS.exe located in the .NET installation folder:

c:\WINDOWS\MICROSOFT.NET\framework\\aspnet_regiis -i

 

Chances are though, that it won't work, and that you can try and number of command using aspnet_regiis.exe or even uninstalling and reinstalling .NET and you won't actually fix the problem. (Note: on x64 systems this could be a different problem, Google again with x64!)

This was solved by switching a flag (Enable32BitAppOnWin64) to false in the IIS metabase:

cd c:\Inetpub\AdminScripts\

cscript.exe adsutil.vbs set W3SVC/AppPools/Enable32BitAppOnWin64 FALSE

You should then be able to see the ASP.NET tab restored in the site properties.

Installing Visual Studio 2003 SP1 on Vista

| 28/06/2007 | Tags: , , ,

I’ve finally cracked the installation problems with VS 2003 SP1 on Vista. The problem seems to be that the SP must be installed under the same credentials that Visual Studio was installed. I.e. I installed Visual Studio under the domain administrator credentials, but I run my day-to-day under a standard user credential. When installing the SP1 I was elevating my standard user credential rather than running as the domain admin. I don’t know what difference that makes to anything, but it’s worked!

 

 Where was that purchase requisition for 2005?

Visual Studio Project Location Not Trusted

Just a quick post today about trust levels for .NET assemblies that are hosted remotely. My current set up at work means that I am maintaining one version of our web site while working on developing a new one – not uncommon. I have 2 virtual servers running Server 2003, IIS and SQL Server, each an identical copy of our production server. Each solution and it’s projects are stored on each virtual server, with the project folders shared and mapped as drives on my laptop. (Before I get messages saying “why don’t you use source control, you can create branches etc, etc” – I am aware of that and the decision not to use source control is based on other factors that I’m not going to get into.)

 Anyhow, on to the problem and, the solution.

When opening a Visual Studio solution from a mapped or network location, you get a “project location not trusted” error. By default, your .NET configuration grants FULL trust to your local machine, so you won’t get that message working on a local project. Also by default, the Local Intranet is given a step below full trust – and here is the problem. You will need to be a local administrator on your computer to make these changes.

Open a command prompt, navigate to:

  1. cd %systemroot%\Microsoft.NET\Framework\\

Run the following command:

  1. CasPol.exe -pp off -m -ag 1.2 -url file://r:\folder\* FullTrust

or, for an unmapped folder

  1. CasPol.exe -pp off -m -ag 1.2 -url file://computername/folder/* FullTrust

This will set the share to full trust and allow you to work with the remote folder/mapped drive as if it’s on your local machine.

For more details about using CasPol.exe and a break down of the above commands, check out the .NET Security Blog