| Introduction | 1 |
| What Do You Need? | 2 |
| Book Outline | 2 |
| Chapter 1: An Overview of IIS 6.0 | 5 |
| The Road to IIS 6.0 | 5 |
| What Stands Out - The Highlights | 6 |
| Security | 7 |
| "Locked Down" server | 7 |
| Advanced Digest Authentication | 7 |
| FTP User Isolation | 8 |
| Selectable Worker Process Identity | 8 |
| Secure Sockets Layer | 8 |
| Selectable Cryptographic Service Provider | 8 |
| Reliability | 9 |
| Kernel-mode HTTP listener | 9 |
| Web Administration Service | 10 |
| Health and Crash Monitoring | 10 |
| Idle Timeout | 10 |
| Rapid Fail Protection | 11 |
| Demand Start | 11 |
| Process Recycling | 11 |
| Performance and Scalability | 12 |
| Performance Implications of HTTP.sys | 12 |
| Worker Process Isolation | 12 |
| IIS 5 Isolation Mode | 13 |
| Web Gardens | 13 |
| Asynchronous CGI | 13 |
| ASP Caching | 14 |
| Administration | 14 |
| Command-Line Administration | 14 |
| Logging | 15 |
| Development | 15 |
| Orphan Worker Processes | 15 |
| IIS WMI Provider | 15 |
| ISAPI | 16 |
| Custom Errors | 16 |
| VectorSend | 16 |
| Unicode Support | 16 |
| ExecuteURL | 16 |
| Reporting Unhealthy | 16 |
| Wildcard Application Mappings (Global Interceptors) | 17 |
| New Features | 17 |
| COM+ Services | 17 |
| XML Metabase | 18 |
| IPv6 | 18 |
| Summary | 19 |
| Chapter 2: The New Request Architecture | 21 |
| Request Flow Architecture | 23 |
| Application Isolation Modes | 24 |
| IIS 6.0 Worker Processes Isolation Mode | 25 |
| How Worker Process Isolation Mode works | 25 |
| The Benefits of Worker Process Isolation Mode | 26 |
| IIS 5.0 Isolation Mode | 27 |
| Which Mode? | 28 |
| Switching Between Modes | 29 |
| Architectural Considerations of Worker Process Isolation Mode | 29 |
| State Management | 30 |
| Multi-Instancing | 30 |
| ISAPI Filters | 30 |
| Special considerations for ASP.NET | 31 |
| Application Isolation and Performance | 31 |
| HTTP.sys | 32 |
| Kernel-level Queuing | 33 |
| URI Cache | 33 |
| Quality-of-Service | 34 |
| Bandwidth Throttling | 34 |
| Connection Limits and Timeouts | 35 |
| Application Pool Queue Length Limits | 36 |
| Logging | 37 |
| The Web Administration Service | 37 |
| Application Pools | 38 |
| Application Pool Identity | 41 |
| Demand Start of Application Pools | 42 |
| Application Health Monitoring | 43 |
| Health Detection | 43 |
| Normal operation of an application | 43 |
| When an application crashes | 44 |
| Rapid Fail | 44 |
| Orphan Worker Processes and Debugging | 45 |
| Applications declaring "Unhealthy" | 45 |
| Application Recycling | 45 |
| Idle Process Timeout | 47 |
| Web Gardens | 48 |
| Using Web Gardens | 48 |
| Session State in Web Gardens | 48 |
| Application Pool Parameters in Web Gardens | 48 |
| Processor Affinity | 49 |
| Summary | 50 |
| Chapter 3: Security in IIS 6.0 | 53 |
| An Overview of the Security Process | 54 |
| Install Only What Is Needed | 54 |
| Authenticating Clients | 55 |
| Authorizing Clients | 55 |
| Extension Management | 57 |
| Disabling Unknown and Unneeded Extensions | 57 |
| Enabling New Extensions | 58 |
| Web Site Authentication | 59 |
| Anonymous | 60 |
| Basic | 60 |
| Digest and Advanced Digest | 61 |
| Integrated | 63 |
| Kerberos | 63 |
| Client Certificate | 63 |
| .NET Passport | 64 |
| FTP Site Authentication | 65 |
| Delegated Authentication | 66 |
| Access Control | 66 |
| IP Address Restrictions | 66 |
| Web Directory Security | 66 |
| FTP Directory Security | 67 |
| Virtual Directory Security | 67 |
| URL Authorization | 68 |
| File System Permissions | 69 |
| IIS Built-In Accounts | 69 |
| Cryptography | 70 |
| SSL 3.0 | 70 |
| Certificates | 71 |
| Selectable Cryptographic Service Provider | 71 |
| Configurable Application Pool / Worker Process Identity | 71 |
| HTTP.sys Timeouts and Limits | 73 |
| Monitoring and Maintenance | 73 |
| Security Patches | 73 |
| Monitoring Your System | 74 |
| Summary | 74 |
| Chapter 4: The XML Metabase | 77 |
| Configuration Data Formats | 78 |
| Validating Configuration Files | 78 |
| Plain Text XML Wins | 79 |
| The XML Metabase in IIS | 80 |
| Metabase Backup Files | 80 |
| How IIS 6.0 manages the Metabase | 82 |
| Metabase Compatibility with IIS 5 | 83 |
| The XML Metabase File Format | 83 |
| The Outline Structure of the File | 83 |
| The IIS Web (WWW) Service | 84 |
| Virtual and Web Directories | 86 |
| MIME-Type Mappings | 87 |
| The FTP Service | 89 |
| Access Logging Configuration | 91 |
| General Configuration Objects | 91 |
| Secure Encrypted Properties | 92 |
| Schema Extensibility | 92 |
| Corrupted Metabase Files | 92 |
| Editing the Configuration Data | 93 |
| How the Direct Edit Feature works | 94 |
| Points to Note | 95 |
| Use runas to Gain Administrative Privileges | 95 |
| Disabling History File Creation | 96 |
| History File Security | 96 |
| Summary | 97 |
| Chapter 5: Administering IIS 6.0 | 101 |
| MMC | 102 |
| Command Line Administration | 102 |
| What can we do with the command line? | 102 |
| The Net Command | 104 |
| Managing Web Applications | 105 |
| Querying Web Sites | 105 |
| Starting, Stopping, and Pausing Web Sites | 106 |
| Creating Web Sites | 107 |
| Removing Web Sites | 108 |
| Managing Virtual Directories | 108 |
| Managing FTP Sites | 109 |
| Managing FTP Virtual Directories | 111 |
| Managing IIS Configuration | 111 |
| Configuration Backup with IIS Manager | 112 |
| Backing Up the Complete Server Configuration | 113 |
| Encrypting the Backup File | 114 |
| Restoring the Complete Server Configuration | 114 |
| Deleting Backup Files | 115 |
| Programmatic Configuration Backups | 115 |
| Backing up the Complete Server Configuration | 115 |
| Restoring the Complete Server Configuration | 117 |
| Restarting IIS with IIS Manager | 118 |
| Restarting IIS Programmatically | 118 |
| Importing and Exporting Application Data | 119 |
| Configuration Export and Import with IIS Manager | 119 |
| Saving the Configuration as a file | 119 |
| Restoring the Configuration from a File | 120 |
| Programmatic Configuration Export and Import | 121 |
| Saving the Configuration as a file | 122 |
| Restoring the Configuration from a File | 123 |
| Managing Applications and Web Extensions | 126 |
| Copy Configuration | 128 |
| Save Configuration to Disk | 129 |
| Programmatic Administration | 129 |
| Using WMI | 130 |
| Why WMI? | 130 |
| Basic Objects | 131 |
| Using ADSI | 139 |
| Remote Administration | 144 |
| IIS MMC | 144 |
| Using Telnet | 145 |
| Windows Terminal Services | 145 |
| Web-Based Remote Administration | 146 |
| Configuring Quality of Service | 147 |
| Limiting Connections & Bandwidth Throttling | 148 |
| Configuring Application Pool Length | 152 |
| Configuring Keep-Alive and Connection Timeout | 153 |
| Configuring Compression Settings | 155 |
| Summary | 158 |
| Chapter 6: Logging | 161 |
| Types of Logging | 162 |
| W3C Extended, NCSA, and IIS formats | 163 |
| W3C Extended | 163 |
| NCSA | 166 |
| IIS | 167 |
| ODBC Logging | 168 |
| Custom Logging | 170 |
| Centralized Binary Logging | 170 |
| UTF-8 Logging | 171 |
| Remote Logging | 171 |
| Selecting the Right Format | 171 |
| Using the Logs | 172 |
| Using HTTP Substatus Codes | 172 |
| Determining Security Problems | 172 |
| Analyzing Usage and Trends | 173 |
| Detecting Site Problems | 173 |
| Security of Log Files | 174 |
| Summary | 174 |
| Chapter 7: ISAPI | 177 |
| Former ISAPI Models | 178 |
| IIS 4.0 | 179 |
| IIS 5.0 | 180 |
| IIS 6.0 | 180 |
| New ISAPI Features | 182 |
| Unicode ISAPI | 182 |
| New ISAPI Extension Features | 183 |
| Unicode Server Support Functions | 183 |
| Unicode Server Side Variables | 184 |
| GetServerVariable Server Support Function | 184 |
| ExecuteURL | 185 |
| ExecuteUrlStatus | 186 |
| Global Interceptors/Wildcard Application Mappings | 186 |
| Replacing Read Raw Data Filters | 187 |
| ServerSupportFunction | 187 |
| Server Support Function Parameter Changes | 188 |
| VectorSend | 188 |
| SendCustomError | 188 |
| RequestReportUnhealthy | 189 |
| New ISAPI Filter Features | 189 |
| FilterEnableCache | 189 |
| Filter Load/ Unload Order | 190 |
| AddResponseHeader Changes | 190 |
| HTTP Error 400 Requests | 190 |
| ReadRawData Notifications | 190 |
| ISAPI and Security | 190 |
| ISAPI Extensions Disabled by Default | 190 |
| Process Identity | 191 |
| Obtaining the Impersonation Token | 191 |
| Verifying Component Permissions | 192 |
| Developing ISAPI Extensions and Filters | 193 |
| Developing Extensions | 193 |
| Extension Processing | 193 |
| ISAPI Extension Entry Points | 193 |
| ISAPI Extension Callbacks | 196 |
| Filters | 197 |
| Fault Tolerance/Scalability Issues | 198 |
| Filter Processing | 198 |
| ISAPI Filter Entry Points | 198 |
| ISAPI Filter Callbacks | 200 |
| Callback Functions | 200 |
| Debugging ISAPI Extensions and Filters | 202 |
| Summary | 207 |
| Chapter 8: COM and COM+ Services | 209 |
| Threading | 209 |
| Single Threaded Model | 210 |
| Single Threaded Apartment Model | 210 |
| Free Threaded Model | 210 |
| Both | 211 |
| Apartment Neutral Model | 211 |
| Apartment Model Selection | 213 |
| COM+ Partitions | 214 |
| Local Partitions | 216 |
| Partition Sets | 217 |
| Mapping Users / Groups to Partition Sets | 218 |
| Registering Components in Partitions | 218 |
| Enabling COM+ Partitions in IIS 6 | 218 |
| Tracker | 219 |
| Fusion | 221 |
| Introduction of Side-by-Side DLLs | 221 |
| Windows File Protection | 222 |
| Side-by-Side Assemblies | 222 |
| Enabling SxS Assemblies using IIS Manager | 223 |
| Side-By-Side Support | 225 |
| Windows Server 2003, ASP.NET and IIS 6.0 | 226 |
| Summary | 227 |
| Appendix A: Support, Errata, and Code Download | 229 |
| How to Download the Sample Code for the Book | 229 |
| Errata | 230 |
| E-Mail Support | 230 |
| p2p.wrox.com | 231 |
| Index | 233 |