background preloader

Server-IIS

Facebook Twitter

101 Free Hyper-V Downloads, Tools, Scripts and Resources. Top Support Solutions for IIS - Top Solutions from Microsoft Support. Demystifying MSDeploy skip rules | Richard Szalay. Skip rules are a feature of MSDeploy that allow specific parts of a synchronisation to be, you guessed it, skipped. While a conceptually simple concept, there are subtleties in its options that have resulted in “bug reports” from a number of people (myself included) that were actually just misunderstandings of its design. The aim of this post is to demystify skip rules in hope of easing frustration and preventing accidental deletes in production environments. Anatomy of a skip rule The command line syntax of a skip rule is: -skip:attribute1=value1[,attribute2=value2[.. ,attributeN=valueN]] Attributes act as a filter to figure out what to skip.

The main attributes are: objectName is the provider being skipped (eg. dirPath)absolutePath is a regular expression (don’t forget to escape it!) The other, less common, attributes are: Now that we know what a skip rules are, let’s take a look at how they work. Skip rules and hierarchies Skip Actions Examples Like this: Like Loading... ASP.NET performance: what to keep in mind - Sysadmins of the North.

Weekend Scripter: Use PowerShell to Update SSL Bindings - Hey, Scripting Guy! Blog. Summary: Microsoft IIS MVP, Terri Donahue, talks about using Windows PowerShell to update SSL bindings. Microsoft Scripting Guy, Ed Wilson, is here. Today, please welcome back IIS MVP, Terri Donahue. Terri is an IIS MVP, but she also attends the Charlotte PowerShell User Group meetings and events. Take it away, Terri... I recently spoke about IIS at the Charlotte PowerShell User Group monthly meeting.

One of the questions that I was asked related to updating SSL bindings after a certificate is renewed. Because all companies use different methods of SSL administration, there isn’t going to be a perfect answer to capture the most important piece of data that is needed for the script. If you want to script updating certificate bindings, I recommend adding a friendly name with a year designation to your certificates (if you do not already do that).

Prep work Right-click the certificate to which you want to add a friendly name and select Properties. Copy and install the .pfx file ~Terri. Optimizing static websites hosted on IIS. So you are building a website using static .html files instead of any server side technologies such as ASP.NET. That’s cool for various reasons, but my favorite is that it allows any developer on any platform to easily contribute on GitHub. No server-side components needed. Great! You’re almost done and decide to run performance analytics tool such as Google Page Speed on your site. Minify HTMLSet far-future expiration dates on static resources (JS, CSS, images etc.)Use cookieless domains for static filesUse a CDN You could set up build processes using Grunt to do all of this work, but it is not that simple to do – especially after you already built your website. When you think about it, none of the above mentioned performance issues are relevant on a developer machine, they are only applicable to the live running production website.

StaticWebHelper While building SchemaStore.org I encountered exactly these issues and decided to create a generic and reusable solution. Log Parser: The coolest tool Microsoft has ever Released! : A Former Microsoft IIS PM. Introduction Log Parser 2.x is, in my skewed perspective, the coolest tool Microsoft has ever released. It easily ranks up there with the tools that Winternals\Systernals release (like Filemon, Regmon, Process Explorer, etc.) The tool is a basic swiss-knife for log files that a administrator can tear through file after file and strip out all the interesting data.

In my world, I focus on two major inputs – IIS Log files & Event Viewer. During our Web Administration Summit (10 countries in 4 weeks in Europe), we displayed the coolness that comes from this tool. Download Log Parser 2.2 Log Parser Basics The purpose of this blog isn’t to “teach” anyone Log Parser but instead to just make people aware of it (if they somehow are not.) Flavors:Log Parser comes in two flavors, command-line & component-based (com object dll), for those who prefer direct interaction or automated.

Sample Scripts Convert Centralized Binary Log (CBL) files to W3C log files Top browsers accessing your Websites Hits by Hour. Blocking requests from specific IPs using IIS Rewrite module. Is there a way to access Microsoft.Web.Arr.HostNameRoundRobin programmatically. URL Rewrite – Protocol (http/https) in the Action - Scott Forsyth's Blog. IIS URL Rewrite supports server variables for pretty much every part of the URL and http header. However, there is one commonly used server variable that isn’t readily available. That’s the protocol—HTTP or HTTPS. You can easily check if a page request uses HTTP or HTTPS, but that only works in the conditions part of the rule. There isn’t a variable available to dynamically set the protocol in the action part of the rule.

What I wish is that there would be a variable like {HTTP_PROTOCOL} which would have a value of ‘HTTP’ or ‘HTTPS’. There is a server variable called {HTTPS}, but the values of ‘on’ and ‘off’ aren’t practical in the action. Let me illustrate. The problem is that it forces the request to HTTP even if the original request was for HTTPS. Interestingly enough, I planned to blog about this topic this week when I noticed in my twitter feed yesterday that Jeff Graves, a former colleague of mine, just wrote an excellent blog post about this very topic. Thus the problem.

IIS: Mehrere Zertifikate auf mehreren Web-Servern verwalten | TechNet Magazin. Certificate Utility for Windows. Easily Sign Files and Batches of Code Formerly, signing your software with a code signing certificate was an arcane and time-consuming process. Depending on the code you were signing, you would need to research how to sign the code, track down all the necessary assets, and labor through a clunky command line process.

Fortunately, DigiCert’s utility for Windows turns this process into a smooth and easy procedure. Simply open the utility, navigate to the file you want to sign, and click a button. Painless Troubleshooting and Management Unless you work with certificates every day, managing them on Windows servers isn't easy. One-Click CSR Generation and Certificate Installation Like most people who deal with SSL Certificates, DigiCert knows that the CSR creation and installation process is a hassle. Please note that though this tool can be used by anyone, the CSR generation and certificate installation features are only available to DigiCert customers. Buy DigiCert Certificates Now. Ken Schaefer : New in IIS 7 - App Pool Isolation.

Tuesday, January 29, 2008 8:47 PM by Ken In previous versions of IIS, it has sometimes been difficult to isolate web application pools from each other. If multiple web application pools are configured to run as the same identity (e.g. Network Service) then code running inside one web application pool would be able to use File System objects to access configuration files, web pages and similar resources belonging to another web application pool. This was because it was impossible to allow one process running as Network Services access to a file, but prevent another process also running as Network Service access to the same file. In IIS 7.0 it is possible, with some work, to prevent this from occurring. Using the icacls.exe tool it is possible to determine the SID applied to any given application pool's configuration file. Icacls.exe %systemdrive%\inetpub\temp\appPools\appPool.config /save output.txt The retrieved SID can now be used to secure web site content in the same way.

Importing Server Certificate with private key on IIS without creating CSR | Robert. Ok, here is a guide how to import a server certificate which comes with a key in a file. Additionally the import is being made on a Server on which hasn’t been created a CSR for the certificate. The first thing we need is OpenSSL, binaries are freely available on Internet.

Put all the files into sub folder under /bin directory of OpenSSLThe Server Certificate public key will be in a file with mostly .crt or .cer extension, addtionally there will be a file with a private key, optionally there can be also a file with intermediate_CA certificate (for some services like Cisco WLC it is important to include the intermediate_CA in the server certificate).First combine all the certificates (if you have intermediate and root in different files) to one. This post is also available in: German. SMB2 Client Redirector Caches Explained. Published: December 1, 2010 Updated: December 1, 2010 Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista The SMB Redirector component implements the client portion of the file-and-print sharing functionality exposed by Windows through Microsoft Networking.

The implementation is based on the Server Message Block (SMB) protocol. The SMB protocol allows the client computer to access files on another computer that implements the SMB server portion of the file-and-print sharing functionality, as well as access to a shared printer. Details With the release of SMB 2.0 in Windows Vista® and Windows Server 2008, three file metadata caches were implemented to speed up the return of the most recently accessed file and directory information.

If changes are deemed necessary to these default values, they may be altered by creating these client registry keys and changing to the appropriate setting. Recommendations Directory cache, by setting DirectoryCacheLifetime to ZERO. Lucene | IIS7 .NET Web Site Delays Detection Of File Changes On UNC Path. Thanks for sharing your experience.DIGY -----Original Message-----From: Justin CrossmanSent: Saturday, December 11, 2010 1:29 AMTo: lucene-net-user@lucene.apache.orgSubject: Re: Lucene | IIS7 .NET Web Site Delays Detection Of File Changes OnUNC Path I finally found the solution to my issue: Setting DirectoryCacheLifetime [DWORD] to zero did the trick.

On Dec 10, 2010, at 11:04 AM, Justin Crossman wrote: I am very new to this list, thank you for indulging me. I'm dealing with an issue and have been unable to find any posts ordocumentation that already address this specific problem.The setup: This issue is regarding a heavily accessed web site, written in .NET 3.5 and running on IIS7. The history: This setup has been working fine for years under a few configurations. Recently with web servers running Windows 2003 and IIS6 accessing thisremote UNC file share on a Windows 2003 server running SQL Server 2005. The problem: The site runs well currently and each web server has access to the index likely. SSL off-loading in Application Request Routing : Won Yoo. One of the features that has not been called out explicitly in Application Request Routing (ARR) documentations is SSL off-loading. This is a feature in which the communications between the clients and the ARR server are done via SSL while the communications between the ARR server and the content servers are done via clear text.

In this scenario, SSL is terminated at the ARR server. This feature is designed to better utilize the resources on the content servers. The task of decrypting and encrypting SSL requests and responses is "off-loaded" to the ARR server and the cycles saved by not performing such task can be spent on process additional user requests. So, how do you configure SSL off-loading in ARR? We will work on enhancing the user experience in later releases, but in CTP1, here is how you can do it. As you may know, ARR relies on URL Rewrite module to inspect the incoming requests and determine which server group to route the requests based on the rewrite rules.

Exporting and Importing Sites and App Pools from IIS 7 and 7.5 | MicrosoftPro.nl. When using multiple IIS server in a Load Balanced Environment it will be alot of work to create all your website twice with the same settings on each webserver. Therefor it is possible to export and import your configuration from one webserver to the other. This will also be usefull when your upgrading from IIS 7 (Windows Server 2008) to IIS 7.5 (Windows Server 2008 R2).

When you create a website in IIS 7 or 7.5 a unique application pool will also be created and used by this website, that’s why you need to import these application pools first on the second webserver before importing the website(s). To Export the Application Pools on IIS 7 :%windir%\system32\inetsrv\appcmd list apppool /config /xml > c:\apppools.xml This will export all the application pools on your webserver, therefor you need to edit the apppools.xml and remove the application that you do not need to import for example: DefaultAppPoolClassic .NET AppPoolSecurityTokenServiceApplicationPool Default Website. IIS für Einsteiger Teil 2: Erste Schritte nach der Installation - Bernhard Frank's Blog. Was sind die wichtigsten Verzeichnisse und Dateien für den IIS, welche Benutzerkonten werden angelegt bzw. verwendet und wie heißen die IIS-Dienste welche bei der Installation des IIS7 erzeugt werden: Wichtige Verzeichnisse und Dateien.

C:\Windows\System32\inetsrv Hauptverzeichnis des IIS beeinhaltet z.B. die Dateien zur IIS Konfiguration, Verwaltung (z.B.MMC), IIS-Module, Executables für die IIS Dienste. C:\Windows\System32\inetsrv\config\applicationHost.config ApplicationHost.config ist eine editierbare XML Datei welche die Root-|Hauptdatei des IIS 7.0 Konfigurationssystems darstellt. C:\Windows\System32\inetsrv>appcmd add backup BACKUP object "20100623T150732" added Die Backups landen im Verzeichnis: C:\Windows\System32\inetsrv\backup Web.config Der IIS erlaubt das Delegieren von Einstellungen.

Inetpub-Verzeichnis Das C:\inetpub Verzeichnis ist das Lese- und Schreibverzeichnis des IIS. Anm.: Standardmäßig wird der Inetpub Ordner auf der Systempartition installiert. „Noch eine Website anlegen! Blogs. A question raised somewhat frequently from customers asks if there is a way to allow users to remotely recycle an application pool but without giving this user administration privileges on the IIS machine. Unfortunately, an application pool recycle does need to be run as an administrator, however by using msdeploy we can set the recycleApp provider to be delegated and run under elevated admin privileges.

Then by using either a local standard user account or an IIS Manager account, we can call the recycleApp provider from a remote machine and with the elevated recycleApp provider, remotely recycle the app pools for which the user is granted permissions in IIS. This can be achieved with the following steps. 1) Install or verify IIS management service role is active. 2) Install current version of Web Deploy on server and remote machine which can be found at 3) Within IIS from the server node, select management service. Matthew from APGC DSI Team. IIS eigenen Benutzer Remoteverwaltung ermöglichen | Martin Lehmann. Ab IIS 7 unter Windows Server 2008 und R2 (IIS 7.5) hat man die Möglichkeit im IIS selbst Benutzer anzulegen um ihnen die Remoteverwaltung zu ermöglichen, statt auf lokale Benutzerkonten oder Konten aus dem Active Directory zurück zu greifen.

Da IIS 7 seine Konfiguration der Websites in der Datei web.config hinterlegt stellt die Remoteverwaltung ein kleines Problem dar. Wem gebe ich die Berechtigungen auf die Datei web.config, damit ein IIS Benutzer die Konfiguration ändern kann, denn die IIS Benutzer werden ja bei der NTFS-Rechtevergabe nicht angezeigt. Dort sieht man nur die Benutzer aus dem AD und die lokalen Benutzerkonten. Um den Benutzer des IIS Ändern Berechtigung auf die jeweilige web.config zu geben muss man dem Dienst die Berechtigung Ändern geben. Ein weiterer Stolperstein ist, dass der Webverwaltungsdienst zwar aktiviert wird, aber nach dem Reboot nicht automatisch neu startet.

Gefällt mir: Gefällt mir Lade...