Manage Internet Information Services
After you install IIS, you will be able to access the default tool to manage the web server. This tool is the IIS Management Console. However, you may need to install additional components depending on the management needs for your Windows Server 2012 web server or web server farm. The IIS Management Console will also provide you with the ability to manage IIS 7.0 and 7.5 from Windows Server 2008 and Windows Server 2008 R2.
IIS also provides the ability for you to manage and support your previous IIS installations. If you need these capabilities, simply select them during the IIS server installation. This section will focus on managing IIS 8, which is built into Windows Server 2012.
Work with the IIS Management Console
You can access the IIS Management Console in any of three ways:
- Via Server Manager from the Tools menu
- Via the administrative tools
- Via Server Manager in IIS view by right-clicking a server
To load the IIS Management Console from the Administrative Tools group, simply select Internet Information Services (IIS) Manager. To access the console, click the Server Manager icon on the taskbar. Select Tools → Internet Information Services (IIS) Manager. When you load the console.
The start page gives you some basic tasks, allowing you to connect to other websites and applications. You will also be able to access online websites and help files. One resource specific for IIS you will want to make note of is www.iis.net, which is a great website with tons of references and examples for you to use when maintaining your web server.
The true power in the IIS Management Console is available when you first click a server in your management console.
As you can see, this screen is divided into three panes, which is typical of most Microsoft Management Consoles, with tree navigation on the left pane, details of the selected object in the middle pane, and actions in the far-right pane. As you navigate the tree or components regarding your website, your details and actions will change.
When you first click your server in the IIS Management Console, your IIS Management Console will show only the components currently installed for IIS. With a default installation of IIS only, your management screen will be divided into three areas: ASP.NET, IIS, and Management. (If ASP support has not been added, you will see only IIS and Management.) This allows you to navigate quickly around the areas on your IIS server you want to manage. You can also change the view to Category or just list the different areas for you to manage on your server. To change how the IIS management tasks are organized, you can click the Group By option on the toolbar in the console and select your desired view.
When you click a site, you will see several of the same administrative tasks you can perform. When you are working with sites, selecting the proper level you want to administer is important. When you first select the server level, all the changes you make will impact the websites on the server. However, you can override the settings by making changes at the website level. The website level allows you to have customized settings of that website.
One of the things you will notice is the tasks all work the same way, and once you learn how to manage tasks at the server level, it is quite easy to apply the same knowledge to the website level. Table-5 describes some of the common tasks you can perform when managing IIS.
Table 10-5: Common IIS Tasks
Task Name Description Authentication This allows you to control which authentication mechanisms are currently enabled. As you may recall, when you install IIS, you can have multiple authentication methods installed. With the Authentication task, you can control which sites use which authentication mechanism. Default Default Document is an important setting for you to use Document when users connect to a website or server but do not specify a specific page. The default document is what is displayed. You can list many default documents to be used, and they are processed in order. Error Pages When a user encounters an error on your web server or site, you can customize the error messages that users will see. This provides you with a tool to assist the user but also to assist your troubleshooting efforts. Handler Handler mappings work similarly to file extensions for Mappings documents. For example, when you double-click an .xlsx file, Excel opens. In the web server handler, mappings work with requests for applications. For example, if you open a web page, IIS will know to open the page and, if necessary, open the proper application as in the case of .php websites, for example. Logging If you have installed the logging role service, you will be able to control the default location, how log files are generated, and when logging will occur. Management If you have installed the remote management service, you Service will be able to configure the service with this task. Request Request filtering allows you to work with and filter Filtering content based on protocol or even IP settings. This essentially allows you to set what content will be served to users of your websites.
Work with Failed Request Tracing Rules
One of the tasks you can use to help troubleshoot errors on your web server is failed request tracing. To take advantage of failed request tracing, you need to install the Tracing role service of IIS.
- To open Server Manager, click the Server Manager icon in the taskbar.
- In Server Manager, click Add Roles and Features.
- Select Role-based or Feature-based installation. Click Next.
- Select the desired server from the server pool. Click Next.
- Select Web Server IIS and click Next.
- Click Next on the Select Features screen.
- Click Next on the Web Server Role (IIS) screen.
- Expand Web Server and then expand Health and Diagnostics.
- Select Tracing, and click Next.
- Click Install.
- Review the installation summary, and click Close.
Once you have successfully installed the Tracing role service, you will be able to trace requests to websites that have failed. This allows you to set certain rules and conditions that, when met, allow you to see what happened and why the error occurred. You can then, ideally, track down the source of the error.
You can create failed request tracing rules at the server level or the site level. However, by default failed request tracing is not enabled at the site level. To enable failed request tracing, you need to modify the site settings:
- To open the IIS Management Console, select the Server Manager icon from the taskbar and choose IIS Manager from the Tools menu.
- In the navigation tree, click Sites.
- Click the site on which you want to enable failed request tracing.
- In the Actions pane on the right, click Failed Request Tracing; you will see a screen.
- Click Enable, and set your directory for the log and how many trace files you want to maintain.
- Click OK; you will be able to create tracing rules.
Creating tracing rules at the web server or site level follows the same procedures; the only difference is the scope of the rule. Creating failed request tracing rules follows a similar procedure to creating an email rule:
- To open the IIS Management Console, click the Server Manager icon in the taskbar and then select IIS Manger from the Tools menu.
- In the navigation tree, click the server or sites you want to manage.
- Double-click Failed Request Tracing Rules in the center pane.
- In the Failed Request Tracing Rules screen, click Add in the right Actions pane.
- Select the content you want to look for, and click Next.
- On the Conditions screen, set the conditions you are looking to trace; you can trace status codes, time-outs, and even the severity level. Before you can continue, you must select either Status Code or Time Taken. Even though these are check boxes that do not seem to be dependent on each other, one of the first two must be selected even if you just want the event severity. When you are done selecting your conditions, click Next.
- In the Trace Providers step, you can select which providers you want to trace and what level of detail you want to see in your log. The more verbose your logs are, the bigger the files will be, but the better the chances will be for you to trace the error. When you are done, click Finish.
Remotely Manage IIS Servers
While you're using the IIS console to manage your local web server, you can also manage other IIS servers by using the IIS Management Console to connect to them. However, before you can remotely manage IIS on other servers, you have to configure remote management of the services. Specifically, you need to add the IIS management service and configure and start the service to be able to remotely manage your web servers.
First, you need to install the remote management component of IIS either via Server Manager or via the command prompt. To add the component in Server Manager, follow these steps:
- Select the Server Manager icon from the taskbar.
- Choose the IIS Manager from the left pane; you will see a menu. Select Add Roles and Features.
- Select Role-based or Feature-based installation. Click Next.
- Select the desired server from the server pool. Click Next.
- Select Web Server IIS and click Next.
- Click Next on the Select Features screen.
- Click Next on the Web Server Role (IIS) screen.
- Select the Management Service box to add the remote management service; you may also want to select the IIS Management Scripts And Tools box to provide management capabilities via the command prompt.
- Click Next and then Install.
- Review the Summary screen, correct any error messages, and click Close.
To add the IIS management service via the command prompt, as in the case of a Windows Server 2012 Server Core installation, type in the following command:
dism /online /enable-feature /featurename:IIS-ManagementService
After you have installed the service, you will need to configure the Registry to enable the remote management service:
- Start Windows PowerShell from the taskbar.
- Type regedit.exe and press Enter.
- In the Registry, open the following location: HKEY_LOCAL_MACHINE\Software\Microsoft\WebManagement\Server.
- Set the EnableRemoteManagement key to the value of 1; you can see this service enabled.
- Close the Registry Editor.
After you enable the service in the Registry, you need to configure the service to start and run. You can configure the service in the Services Control Panel, or you can use the command prompt to start the service. To use the Services Control Panel, follow these steps:
- Start Server Manager by clicking the icon on the taskbar. Select Services from the Tools menu.
- Select Web Management Service. You will see a screen. If you want the service to start automatically, you can right-click the service and click Properties.
- Use the Startup Type drop-down list box, set the service to start automatically, and click OK.
If you want to start the service temporarily or start the service from the command prompt, you can just run the following command. This will not change the startup properties of the service, and the service is only temporary, lasting until the service is stopped or the server is rebooted.
net start wmsvc
If you want the service started automatically-for example, when you are confi guring Windows Server 2012 Server Core-you can type in the following command:
sc config wmsvc start= auto
After you follow those steps, you can remotely manage IIS web services from the IIS Management Console on a centralized workstation or server system. To connect to the remote servers, follow this procedure:
- Open the IIS Management Console by starting the Server Manager from the icon in the taskbar and choosing IIS Manager from the Tools menu.
- On the tree root on the left side of the console, right-click Start Page, and click Connect To Server.
- Type in the FQDN name or IP address of the server you want to remotely manage, and click Next.
- If you are prompted for credentials, type in the necessary administrative credentials and click Next.
- Give your connection a new name if you desire, and then click Finish.
After completing the connection, you will be able to manage the new web server from your centralized console. This will make working with your web servers, particularly your Server Core installations, easier and more efficient. The new servers will appear in the tree on the left side of the console. Remember that you can also manage other versions of IIS using this console.
Manage IIS with PowerShell
One of the great features of Windows Server 2012 is the support of PowerShell cmdlets and IIS. Managing IIS with PowerShell gives you another avenue to manage and maintain your web servers. Also, with the added PowerShell support to Windows Server 2012 Server Core, PowerShell provides an alternative for you to work with and configure IIS servers on Server Core installations.
- Load PowerShell by selecting the PowerShell icon in the taskbar.
- Run the following command:
Get-Module -all | Where {$_.moduletype -eq "Binary"} |Format-List moduletype, name Get-Module -all
Look for an entry that reads Microsoft.IIS.Powershell.Provider in your output list. By default, this provider is not loaded in PowerShell. - If you do not see the IIS PowerShell provider loaded, run the following command to load the IIS PowerShell module:
import-module WebAdministration
- After you have loaded the IIS PowerShell module or verified that it is loaded, you can work with IIS Web Administration module.
After the module is loaded, you can manage several aspects of the IIS environment from within PowerShell; if you want to see all the commands, type the following command in PowerShell:
get-command -pssnapin WebAdministration
You will see a list of all the PowerShell commands.
Table 10-6 describes some of the common cmdlets in IIS.
Table 10-6: IIS Cmdlets
Cmdlets Description get-website This shows the basic configuration of the website, including the directory location for the web files, port bindings, and locations. backup- This backs up your existing web configuration webconfiguration information. restore- This allows you to restore the backup in case of an IIS webconfiguration failure. stop-website This stops the website. You can start, remove, or even stop websites from the PowerShell command prompt. new-website This allows you to create a new website with any settings you want to use.
If you want to create a new website called business portal on port 8080 with the website stored on the c:\bp drive, run the following PowerShell command:
new-website "business portal" -port 8080 -physicalpath "c:\bp"
You will notice there is one function listed, which is the IIS: function. This function allows you to navigate directly into the IIS configuration. When you enter the following command, you will be able to navigate the IIS configuration using common commands:
cd IIS:\
You can then navigate three different areas of IIS configuration: application pools, sites, and SSL Bindings. You can view or modify any of those areas by using directory navigation commands, such as cd and dir to view the information. For example, if you want to view some basic information about all the websites currently on the IIS server, you can perform the following steps:
- Open PowerShell, and verify that the IIS administration module has been loaded.
- Enter cd iis:\ and press Enter.
- At the command prompt, type the following to navigate to the site information: cd sites. Then press Enter.
- Your command prompt should read PS IIS:\sites>. Type in dir, and you will see basic information about your websites.