This is my secret system for getting IIS to work on new computers (servers or desktops). Permissions, default identities and user interfaces change with each OS. I'm not going to write a book on all the things that can go wrong with IIS. I've got got 3 simple steps that shake out different types of problems very fast.
Audience: Software Engineers or QA Engineers don't want to reconfigure IIS more than a few times in a year. The folks in operations probably have a powershell script to do this.
Three steps and a tip
Starting point. New server? Installed W7 on your development machine and it isn't serving up your site any more? It's all the same problem.
Step 0: Start with a sanity check and Run Compmgmt.msc (computer management). Do you see Internet Information Services? Any suspicious icons?
Step 1: Drop a static web page into the site and browse to it.a For example: <html><body>Hello</body></html>
Step 2: Drop an a very simple ASPX page into the site and browse to it. Example: Response.Write("Hello"). My dynamic test page is a more complex than this, to report host header, virtual directory, and so forth.
Tip: Verify this site in multiple browsers. Even better, chose a browser with a “Private” mode. In some configurations (or mis-configurations) you might send NTLM credentials and the site impersonates your credentials, masking permissions problems.
Step X: What you don't want to do.
Don't debug basic IIS setup problems in a complex site. For example, daptiv will have a few dozen confounding factors: from special handlers to run of the mill database and storage configurations to several choices of authentication.
OK, here are some details.
But really, don't clutter up your mind by memorizing these. They are examples. IIS 6 configuration does not resemble IIS 7 configuration.
Step 0 problems - check the obvious
Are you missing an IIS component? It's easy to do. The components vary from release to release. On Windows 2003 x64 – installing SMTP requires CAB file hacking and you might have hacked it wrong.
By opening IIS Management, you verified that the metabase is readable. I've got a short list of known ways to corrupt the IIS MetaBase and longer list of unknowns. SysPrep, for example, can someimes mangles the machine keys IIS uses to secure its data. BTW, I don't know how to resolve metabase problems. The only method known to work without an overpaid IIS Consultant nearby is to uninstall IIS and reinstall.
Step 1 problems – static page
Is the web site running? Check IIS management console. The website might also be stopped because configuration isn't valid. Two sites on port 80 with the same url? Invalid application pool? These problems are easy because event log tells you the problem.
Permissions? If I can't see the static page on a new IIS instance, it is usually because of permissions at the virtual root. I get this often, as I’ll create webs at odd paths such e:\src\3\root\SecretProduct\www, and refuse to make IIS_IUSRS an admin on my box. Permissions should be easy: Add users one at a time in a sensible manner until it works. Remove them until it stops working. Now you know what needs access.
Account names will change between IIS, windows, and .NET versions. Typically I need to add permissions to the folder for:
- Application pool identity – needs at least read access: My app pool usually runs as Network Service or a domain account.
- The account used for anonymous access. (IIS_IUSRS or IUSR, IUSR_COMPUTERNAME, or something fancy)
Step 2 problems – ASPX fails
The ASP.NET extension might not be enabled. This is configured in entirely different places on IIS 6.0 (Web Service Extensions) and IIS 7 (ISAPI and CGI restrictions). It's disabled by default on some versions of Windows, ever after IIS is installed.
Of course, this is a good time to run aspnet_regiis.exe. If any identity (Application Pool) is not the default, use aspnet_regiis.exe -ga. Use aspnet_regiis -i with total abandon.
Summary
That's all I need to know to get most web servers running IIS. There is a basic troubleshooting principal here: start simple and build up facts.
No comments:
Post a Comment