IIS

Download as pdf or txt
Download as pdf or txt
You are on page 1of 20

IIS

1) What is Internet Information Services?


Internet Information Services is a Web Server produced by Microsoft. IIS is one of the most widely used web
server applications because it comes standard with various versions of the Windows Server operating system. It is
also possibly the most exploited server by hackers.

2) Do different services of the internet feature different transfer protocols?


Yes. Three examples are:
HTTP – Hyper Text Transfer Protocol (used to transfer web pages)
FTP - File Transfer Protocol (as it says)
SMTP - Simple Mail Transfer Protocol (supports some functions of the email system)
These are all service layer protocols. Underpinning these are transport layer protocols, principally
TCP - Transport Control Protocol (used for most services)
UDP - User Datagram Protocol (used for services and internal internet mechanisms that favor unimpeded delivery
over assurance, order, and/or control of data flow)
There are layers of protocol below this; the immediate one is the internetwork layer, which allows the higher
layers to work seamlessly over multiple interconnected network media such as WiFi, Ethernet, optical fiber, etc.
Below that are the protocols that correspond to the specific media.

3)What is IIS 6.0?


IIS (Internet Information Services) 6.0 is the version of IIS that shipped with Windows Server 2003. IIS is a set of
servers (such as HTTP and FTP) developed by Microsoft. IIS is the second most popular web server application
after Apache.

4) What is IIS WEB GARDENS?


When constructing an application pool, the administrator has the option to decide how many worker processes to
assign to the pool. When two or more worker processes are configured as part of an application pool they form
what is referred to as a Web garden. A Web garden allows an application to achieve higher scalability, since
multiple processes are used to process requests on its behalf. A Web garden is like a Web farm (in that it aims to
achieve higher scalability), but within the confines of a single server.

5) What is worker process in IIS?


A worker process is user-mode code whose role is to process requests, such as processing requests to return a
static page, invoking an ISAPI extension or filter, or running a Common Gateway Interface (CGI) handler.
In both application isolation modes, the worker process is controlled by the WWW service. However, in worker
process isolation mode, a worker process runs as an executable file named W3wp.exe, and in IIS 5.0 isolation
mode, a worker process is hosted by Inetinfo.exe. Figure 2.2, which depicts the architecture for IIS 5.0 isolation
mode, uses a dashed line to suggest the relationship between the worker process and the WWW service.
Worker processes use HTTP.sys to receive requests and to send responses by using HTTP. Worker processes also
run application code, such as ASP.NET applications and XML Web services. You can configure IIS to run
multiple worker processes that serve different application pools concurrently. This design separates applications
by process boundaries and helps achieve maximum Web server reliability.
By default, worker processes in worker process isolation mode run under the Network Service account, which has
the strongest security (least access) compatible with the functionality that is required.

6) Can I run multiple websites with same port number and different IP address?
Q: How can I configure IIS to run multiple websites on the same IP?
There are three, count 'em three ways to create multiple websites on IIS 4 and 5. First way is to use an unique IP
for each site. This is ideal but if you haven't looked around lately, IP addresses can be sorta scarce (that is of
course unless your Harley Davidson or Apple both of whom own a Class A address).
The second way allows you to create multiple IP's on one address by designating a non-standard TCP port number
for the designated web to use. This is the way the Administrative website winds up on the same installation as the
default website and both can be accessed. However, you have to designate the unique port number in the URL
when accessing it. So instead of www.myvirtualsite.com, it becomes www.myvirtualsite.com:6160 or some other
number. You can include the port number in a url so it's really not problem for web pages to reference port
designated web sites. The problem is that you can's specify a port in a DNS server so if users want to lookup your
website, they won't be able to get to it.
Thus we come the next best thing, host headers.
The good news is this is relatively easy to do in IIS and it works very well. There is virtually no performance
penalty and it works with most every browser in use today (browsers must be HTTP 1.1 compliant). You can use
DNS to point to the website so internet users can find your host header designate site with no problems. You do
have to pay attention to the details however or it won't work. The biggest downside is that you compromised using

Page 1 of 20
IIS

SSL. Step 1: Goto the Advanced button.


In the MMC, goto the website you to access using Host Headers and right click the Web Site and select properties.
One the website page, you'll see and "Advanced" button. That's where we go next so click that. You'll notice the
distinct absence of any clue that this is where you do host headers.

Step 2: Get rid of the (All Unassigned) entry (if present)!


This is where most people make their mistake. This entry tells IIS to respond to all requests to the webs server
with this website. This is the same entry by default as that of the Default Web Site so you can't create this unless
the default web site is stopped, which it is on a lot of sites that use host headers.
Step 3: Add the entries you want.
This is where you select the IP address (I usually select one so if in the future, I add another IP address to the
server, the website isn't listening on that address.), port (an entry is required - usually 80), and the infamous host
header information. In the Host Header Name field, enter the exact name you want the website to respond to. If
your website's name is www.coolestsiteonearth.com then that's what you enter. Press Add.
TIP: You can make more than one entry here! Also enter coolestsiteonearth.com and your site will respond to that
also.
That's it! You should probably stop and start the web site to reload the new entries.
You can access your site from a browser using the host header name. If you can't access your host header web, but
can ping your IIS server, then most likely you need to enter your new website name in a DNS server that your
browser can access. If you can't do that right away, you can always update the HOSTS file on your development
PC to map the host header name to the IIS server IP address.

7) What happens when a reference to web service is added ?


A Proxy Class will be generated. When we add webreference of webservice. After that we can communicate with
Proxy Class in order to communicate with WebService

8) What is IIS SSL ?


HTTPS is a secure communications channel that is used to exchange information between a client computer and a
server. It uses Secure Sockets Layer (SSL) The main security issue with HTTP is the fact that all the traffic
between the client and the server is done as clear text, meaning that anyone could potentially "listen" to your talk
and grab frames and valuable information from the net.
To secure the transmission of information between your web server running IIS 6.0 on Windows Server 2003 and
your browser clients, you can encrypt the information being transmitted by using SSL (Secure Sockets Layer).

9) port no of FTP
Port no 21 is used for ftp.

10) portno for HTTP & HTTPS


HTTP - 80 HTTPS – 443

11) what is application pool???


Before Giving the Definition : you can say like this,Concept of Application pool has from IIS 6.0 .
Application pools are used to separate sets of IIS worker processes that share the same configuration and
applicationboundaries. Application pools used to isolate our webapplication for better security, reliability, and
availability and performance and keep running with out impacting each other . The worker process serves as the
process boundary that separates each application pool so that when one worker process or application is having an
issue or recycles, other applications or worker processesare not affected. One Application Pool can have multiple
worker process Also.

Main Point to Remember:

Page 2 of 20
IIS

1. Isolation of Different Web Application


2. Individual worker process for different web application
3. More reliably web application
4. Better Performance

12) What is Web Garden??


All IIS Request process by worker process ( w3wp.exe)by default each and every application pool contain single
worker process. But An application pool with multiple worker process is called Web Garden.

13) Current version of IIS


IIS 7.5

14) How many authentications are done on IIS? Port numbers for HTTP? How do you take backups of IIS
Servers...Authentication types in IIS
1.Anonymous Authentication 2.Basic Authentication 3.Digest Authentication 4.Advance Digest Authentication
5.Integrated Windows Authentication 6.UNC Authentication 7. .NET Passport Authentication
8.FTP Site Authentication
HTTP Port number 80
1. In the IIS snap-in on the local computer, click the
Computer icon under Internet Information Services.
2. Click Action and select Backup/Restore Configuration.
3. Click Create backup, choose a name for your backup file,
and then click OK

15) What is the proporties of application Pool?


1 Recycling 2 Performance 3 Health 4 Identity

16) How to Configure SSL?


first u need select the which website u want SSL Certificate then right click the website on iis then select directory
security tab and select server certificate then u will findthe dialog box there u need to click next then select first
option "create new certificate" then next then give the valuable website name then next then give the organization
details then next then give the common name (server name "dnsserver name ") then next then select appropriate
regional settings then next then select the destination path of the certificate file then click finish.
then copy paste this certificate content any SSL provider. and they give to you the certificate then again start the
same process on your server this time u need to select import the certificate.

17) What is the user name of anomyus login???


Its should be IUSR_Computername

18) How many users supported by IIS at a Time


Depends on OS platform. On WinXP it limits to 10 connections On server 2003 could be easily 3000 (thousand!)
over even more

19) what is architecture of IIS?


The new request-processing architecture and application isolation environment enables individual Web
applications, which always run in user mode, to function within a self-contained worker process. A worker process
is user-mode code whose role is to process requests, such as returning a static page or invoking an Internet Server
API (ISAPI) extension or filter. Worker processes use HTTP.sys to receive requests and send responses over
HTTP.

20) how many web.config files are there in 1 project.


we can overwrite the web.config files There might be multiple web.config files for a single project depending on
the hierarchy of folders inside the root folder of the project, so for each folder we can use one web.config file

21) Types of authentications in IIS?


Anonymous Authentication ( IUSR_COMPUTERNAME)
Windows Integrated Authentication ( It uses NTLM or
Kerberose, AuthType in IIS metabase)
Basic Authentication – ( Clear Text )
Digest Authentication
Advance Digest Authentication
Windows Form based authentication (using database at the blackened)

Page 3 of 20
IIS

IIS 6 includes. Passport Authentication.


I believe Radius Authentication is one which can be included..! Authentication with Internet Authentication
service IAS.
*I believe SSL and TSL are used for encryption and not authentication.*

How do you retrive UserID in case of Windows Authentication?


HTTP header has the property Auth_Type = The authentication method that the server uses to validate users (
NTLM or Kerberos if Windows Intergrated Authenticaiton is used)
AUTH_USER = Returns the raw authenticated user name
Create a ASP page on webserver and drop the following lines to see the auth user..!
<%for each x in Request.ServerVariables response.write(x & "<br />")next %>

23) How a proxy is generated for a web service ?


When you add reference to your web site, a proxy is created

24) How a web service is exposed to outside world ?


1. Generate WSDL files from the existing components
2. Deploy the web service
3. Publish the web service in the UDDI directory

25) What are webservices, its attributes. Where they are available ?
Web services are self-contained, modular applications that can be described, published, located, and invoked over
a network. Web services could be weather reports or stock quotes. Transaction Web services, supporting business-
to-business (B2B) or business-to-client (B2C) operations.The Web services architecture describes three roles:
1.Service provider 2.Service requester 3.Service broker
Web services components provide three basic operations: 1.Publish 2.Find 3.Bind

26) About stateless and state full web service ?


Stateless -SAO(Client activated object(using single call ,singleton)
stateful -CAO(Cliend use proxy server to send to the server)

27) What happens when a reference to web service is added ?


A Proxy Class will be generated. When we add webreference of webservice. After that we can communicate with
Proxy Class in order to communicate with WebService

28) How do you consume a web service ?


Web service Discovery mechanism enables client to locate and discover web service on the net. Web service
discovery mechanism provides a discovery document , this discovery document is written in WSDL and provides
all the information about web service, e.g.1. its location 2. What methode is provides. etc..
Following are the steps to consume a web service:-
1.Add web reference to project.
Enter url of the web service to locate the web service and its methods.
2.Add reference to namespace of web service on the page (eg using MyWebService)
3. Create an instance of web service class (e.g. MywebServiceClass obj1= new MywebServiceClass();
4. call the required method (eg. int x= obj1.GetAge();)

29) What is App Pool and App Domain? What is the difference between the two.
An application pool is a group of one or more URLs of different Web applications and Web sites. Any Web
directory or virtual directory can be assigned to an application pool.Every application within an application pool
shares the same worker process executable, W3wp.exe, the worker process that services one application pool is
separated from the worker process that services another [Like starting MS Word and opening many word
documents]. Each separate worker process provides a process boundary so that when an application is
assigned to one application pool, problems in other application pools do not affect the application. This
ensures that if a worker process fails, it does not affect the applications running in other application pools. [i.e]
for Eg., If word document is having issue it should not logically affect your Excel Sheet isn’t it. application
domain is a mechanism (similar to a process in an operating system) used to isolate executed software applications
from one another so that they do not affect each other. [i.e] opening of MS WORD doesn’t affect MS EXCEL
you can open and close both the applications any time since there is no dependency between the applications.
Each application domain has its own virtual address space which scopes the resources for the application domain
using that address space.

30) How to install our WebApplication In Web Server

Page 4 of 20
IIS

create new vertual directory / create new webside in directory / give the path for webside / set port and security

31) In IIS Version 6.0 Through application pool we can provide different -2 applications for the client. Is it right?
If yes then how to provide the application to the client and what kind of application it can be ?
If you are running your IIS server with 2 different versions of framework(1.1 & 2.0)you can create 2 different
application pools and point your application to the required framework you want to run.

32) How do you create Virtual Root in IIS?


FIRST CREATE THE NEWFOLDER IN THE ANY OF THE UR SYSTEM,THAT IS THE UR ORIGINAL
ROOT FOLDER. goto start-->run--.type INETMGR--->GOTO DEFAULT WEBSITE-->RIGHTCLICK--
>GOTO NEW-->SELECT NEW VIRTUAL DIRECTORY-->GIVE THE ALIAS NAME OF THE ROOT-
>CLICK NEXT-->GIVE YHE PATH OF THE ORIGINAL DIRECTORY-->CLICK NEXT--> CLICK FINISH--
->VIRTUAL WILL BE CREATED

33) How do you remotely administer MS IIS?


Through the IIS administrative web console

34) IIS Isolation modes


IIS 5.0 Isoloation mode and Worker Process Isolation Mode w3wp.exe

35) IIS ASP Cache


Before sending response to the client browser IIS will process the script which contains in the ASP pages and
stores the processed files in the Cache and serves the cached files to the clients. Caching ASP script files
enhances performance because cached ASP scripts are not compiled each time. to enable ASP cache follow the
below steps.
In IIS manager right click on "Web Sites" node and click on properties and in the application settings area click on
configuration, there point to the "Cache Options" tab there you can select the required options.

37) IIS Host headers


A host header is a string part of the request sent to the web server (it is in the HTTP header). This means that
configuring IIS to use host headers is only one step in the approach to host multiple websites using host headers to
distinguish between the websites. A configuration of the DNS server (usually means that you need to add an (A)
record for the domain) is also required, so the client can find the web server.

38) IIS Frontpage extenstions?


IIS Front page extension is a service used to directly edit our web pages present in the home directory, With the
help of separate user credentials or ftp user.

39) IIS http.sys ?


IIS 6.0 introduces a new kernel mode driver, called HTTP.SYS, which is integrated directly into the Windows
Transmission Control Protocol/Internet Protocol (TCP/IP) stack. Its purpose is to route website requests through
to web application pools. In IIS 5.0, this task was performed by the Inetinfo.exe process. Additionally, HTTP.SYS
maintains a cache that can be used to serve requests for content without having to switch out of kernel mode.

40) IIS Port numbers?


FTP: 20, 21, SMTP: 28, HTTP: 80, SSL:443, DNS: 53 POP3:110 SMTP:25 NNTP:119 IMAP:142
SSL port no: HTTP: 443 SMTP:456 POP3:995 IMAP:993 NNTP:563 LDAP:636

41) IIS SSL ?


The main security issue with HTTP is the fact that all the traffic between the client and the server is done as clear
text, meaning that anyone could potentially "listen" to your talk and grab frames and valuable information from
the net.
To secure the transmission of information between your web server running IIS 6.0 on Windows Server 2003 and
your browser clients, you can encrypt the information being transmitted by using SSL (Secure Sockets Layer).

42) IIS backup/restore?


IIS 6.0 will backup it's content automatically and it also manually by accessing Inetmgr--> right click the IIS
server--> All tasks backup/restore-->create backup-->file name with designation. The same is to be followed to
restore the backup.
how to backup and restore IIS7 configuration!
Backup/Restore via the command line

Page 5 of 20
IIS

Backing up IIS7 configuration is as simple as copying the \windows\system32\inetsrv\config directory (and


subdirectories) into a backup directory, so you don't need anything special to do it. Just include this directory in
whatever your OS/content back-up plan is, or write a custom script to do it.
To help make managing backups easy, we've added a simple cmd-line option to AppCmd.exe that makes
management of backup/restore sets easy. For example, to backup configuration, run the follow command:
> %windir%\system32\inetsrv\appcmd.exe add backup "My Backup Name"
to restore that backup, run this command:
> %windir%\system32\inetsrv\appcmd.exe restore backup "My Backup Name"
to delete a backup, run this command:
> %windir%\system32\inetsrv\appcmd.exe delete backup "My Backup Name"
IIS will automatically make history snapshots of ApplicationHost.config each time a change is detected, enabling
you to easily restore to a prior version. By default, IIS checks for a new version every 2 mins, and will keep 10
prior versions of the file. IIS7 stores these snapshots in the %systemdrive%\inetpub\history folder by
default. You can change any of these settings by editing the <system.applicationHost/configHistory> section in
ApplicationHost.config. This article explains the feature in great detail.
IMPORTANT NOTE: This feature only appears in Windows Server 2008 and Vista SP1. It is not in original
release version of Vista , as it was not yet finished when Vista first shipped. This is one of the thousands of
changes that was made to IIS7 after Vista RTM, and is one of many reasons you should install SP1 as soon as
possible! How do you restore a prior snapshot? Well, you could just go to the
\inetpub\history\cfgHistory_NNNNNNNNNN directory and copy the applicationHost.config file into it's proper
place: \windows\sytem32\inetsrv\config. Or you can use the same command as above for restoring a backup to
restore a configuration history file.
To enumerate a list of backups and configuration history files, use the following command:
> %windir%\system32\inetsrv\appcmd.exe list backup

43) IIS WEB GARDENS?


When two or more worker processes are configured as part of an application pool they form what is referred to as
a Web garden. A Web garden allows an application to achieve higher scalability.

44) IIS Application pool ?


We can simply say using application pools we can delegate separate worker processes to separate applications.

45) IIS logfile formats ?


In IIS 5.0 logfile formats are 3 types
1. w3c extended logfile format 2. NCSA Comman logfile format 3. ODBC loging
In IIS 6.0 logfile formats are is 4 types
1. w3c extended logfile format 2. Microsoft IIS logfile format 3. NCSA Comman logfile format
4. ODBC loging

46) IIS user accounts?


IUSR_computername IWPG_compuername IWAM_computername ASPNET

47) IIS metabase ?


IIS metabase is an xml file the contains all the configutations

48) IIS services ?


IIS Admin service
World Wide web Publishing service
Simple Mail Transfer Protocol
FTP Publishing Service

49) Advantages in IIS 6.0?


You can create multiple websites in IIS6 compared to IIS5.x .In IIS5.x, we can create only one website and under
the website, multiple virtual directories.

49) Where are the IIS log files stored?


The default location for the IIS log file is C:\windows\system32\LogFiles\W3SVC1. we can change this to any
specific location.

50 ) In which process does IIS runs ?


IIS runs in 2 modes (application isolation modes): 1. worker process isolation mode is a new feature of IIS6.0.
2. IIS5.0 isolation mode - for compatibility with apps depending on IIS5.0

Page 6 of 20
IIS

51 )How do you remotely administer MS IIS?


1.Install IIS Server in your local system. 2.Open INETMGR and right click on the servername
3.Click connect and enter the computer name , Provide the username and password by enabling the "connect as
option" and click on OK 4.Then you can administrate only MS IIS in the remote machine.

52) What is IIS Migration ?


The Internet Information Services 6.0 Migration Tool is a command line tool that automates several of the steps
needed to move a Web application from IIS 4.0, IIS 5.0 or IIS 6.0 to a clean installation of Internet Information
Services (IIS) 6.0. The tool transfers configuration data, Web site content, and application settings to a new IIS 6.0
server. Migrating applications to IIS 6.0 enables organizations to take advantage of the new fault-tolerant
architecture available in IIS 6.0 and other features that increase Web server reliability, performance, and security.

53) What is IIS ERROR codes?


Log file locations By default, IIS 7.0 puts log files in the following folder: inetpub\logs\Logfiles
This folder contains separate directories for each World Wide Web site. By default, the log files are created in the
directories daily, and the log files are named by using the date. For example, a log file may be named as follows:
exYYMMDD.log
The HTTP status codes
This section describes the HTTP status codes that IIS 7.0 uses.
Note This article does not list every possible HTTP status code as dictated in the HTTP specification. This article
includes only the HTTP status codes that IIS 7.0 can send. For example, a custom Internet Server API (ISAPI)
filter or a custom HTTP module can set its own HTTP status code.
1xx - Informational
These HTTP status codes indicate a provisional response. The client computer receives one or more 1xx responses
before the client computer receives a regular response.
IIS 7.0 uses the following success HTTP status codes:
200 - OK. The client request has succeeded.201 - Created.3xx - Redirection
These HTTP status codes indicate that the client browser must take more action to fulfill the request. For example,
the client browser may have to request a different page on the server. Or, the client browser may have to repeat the
request by using a proxy server.
IIS 7.0 uses the following redirection HTTP status codes:
301 - Moved permanently.302 - Object moved.304 - Not modified.307 - Temporary redirect.4xx - Client error
These HTTP status codes indicate that an error occurred and that the client browser appears to be at fault. For
example, the client browser may have requested a page that does not exist. Or, the client browser may not have
provided valid authentication information.
IIS 7.0 uses the following client error HTTP status codes:
400 - Bad request. The request could not be understood by the server due to malformed syntax. The client should
not repeat the request without modifications.
IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 400 error:
400.1 - Invalid Destination Header.400.2 - Invalid Depth Header.400.3 - Invalid If Header.
401 - Access denied.
IIS 7.0 defines several HTTP status codes that indicate a more specific cause of a 401 error. The following
specific HTTP status codes are displayed in the client browser but are not displayed in the IIS log:
401.1 - Logon failed.401.2 - Logon failed due to server configuration.403 - Forbidden.
IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 403 error:
403.1 - Execute access forbidden.403.2 - Read access forbidden.403.3 - Write access forbidden.
403.4 - SSL required.403.5 - SSL 128 required.404 - Not found.
IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 404 error:
404.0 - Not found. 404.1 - Site Not Found. 5xx - Server error
These HTTP status codes indicate that the server cannot complete the request because the server encounters an
error.
IIS 7.0 uses the following server error HTTP status codes:
500 - Internal server error.
IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 500 error:
500.0 - Module or ISAPI error occurred.
500.11 - Application is shutting down on the Web server.
500.12 - Application is busy restarting on the Web server.
500.13 - Web server is too busy.
500.100 - Internal ASP error.
501 - Header values specify a configuration that is not implemented.
502 - Web server received an invalid response while acting as a gateway or proxy.
IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 502 error:

Page 7 of 20
IIS

502.1 - CGI application timeout.


502.2 - Bad gateway.
503 - Service unavailable.
IIS 7.0 defines the following HTTP status codes that indicate a more specific cause of a 503 error:
503.0 - Application pool unavailable.
503.2 - Concurrent request limit exceeded.
Common HTTP status codes and the causes
The causes of some common HTTP status codes are as follows:
400 - Bad request. The Http.sys file blocks IIS 7.0 from processing the request because of a problem in the
request. Typically, this HTTP status code means that the request contains characters or sequences that are not
valid or that the request contradicts the security settings in the Http.sys file.
401.1 - Logon failed. The logon attempt is unsuccessful probably because of a user name or a password that is not
valid.
401.2 - Logon failed due to server configuration. This HTTP status code indicates a problem in the authentication
configuration settings on the server
403.6 - IP address rejected. The server is configured to deny access to the current IP address.
403.14 - Directory listing denied. The server is not configured to display a content directory listing, and a default
document is not set
404.0 - Not found. The file that you are trying to access was moved or does not exist.
404.7- File extension denied. The requested file name extension is not allowed.
404.14 - Request URL too long. The requested URL exceeds the limit that is allowed for the server
500 - Internal server error. This HTTP status code may occur for many server-side reasons
500.11 - Application is shutting down on the Web server. The request is not processed because the destination
application pool is shutting down. Wait for the worker process to finish shutting down, and then try the request
again. If this problem persists, the Web application may be experiencing problems that prevent the Web
application from shutting down correctly.
503.0 - Service unavailable. The request is sent to an application pool that is currently stopped or that is currently
disabled. To resolve this issue, make sure that the destination application pool is started. The event log may give
information about why the application pool is stopped or disabled.

54) What is presentation layer responsible for in the OSI model? The presentation layer establishes the data
format prior to passing it along to the network application’s interface. TCP/IP networks perform this task at the
application layer.

55) Does Windows Server 2003 support IPv6? Yes, run ipv6.exe from command line to disable it.

56)Can Windows Server 2003 function as a bridge? Yes, and it’s a new feature for the 2003 product. You can
combine several networks and devices connected via several adapters by enabling IP routing.

57) What’s the difference between the basic disk and dynamic disk? The basic type contains partitions,
extended partitions, logical drivers, and an assortment of static volumes; the dynamic type does not use partitions
but dynamically manages volumes and provides advanced storage options

58) What’s a media pool? It is any compilation of disks or tapes with the same administrative properties.

59) How do you install recovery console? C:\i386\win32 /cmdcons, assuming that your Win server installation is
on drive C.

60) What’s new in Terminal Services for Windows 2003 Server? Supports audio transmissions as well,
although prepare for heavy network load.

61) What scripts ship with IIS 6.0? iisweb.vsb to create, delete, start, stop, and list Web sites, iisftp.vsb to create,
delete, start, stop, and list FTP sites, iisdir.vsb to create, delete, start, stop, and display virtual directories,
iisftpdr.vsb to create, delete, start, stop, and display virtual directories under an FTP root, iiscnfg.vbs to export and
import IIS configuration to an XML file.

62) What’s the name of the user who connects to the Web site anonymously? IUSR_computername

63) What secure authentication and encryption mechanisms are supported by IIS 6.0? Basic authentication,
Digest authentication, Advanced digest authentication, Certificate-based Web transactions that use PKCS
#7/PKCS #10, Fortezza, SSL, Server-Gated Cryptography, Transport Layer Security

Page 8 of 20
IIS

64) What’s the relation between SSL and TLS? Transport Layer Security (TLS) extends SSL by providing
cryptographic authentication.

65) What’s the role of http.sys in IIS? It is the point of contact for all incoming HTTP requests. It listens for
requests and queues them until they are all processed, no more queues are available, or the Web server is shut
down.

66) Where’s ASP cache located on IIS 6.0? On disk, as opposed to memory, as it used to be in IIS 5.

67) What is socket pooling? Non-blocking socket usage, introduced in IIS 6.0. More than one application can use
a given socket.

68) Describe the process of clustering with Windows 2003 Server when a new node is added. As a node goes
online, it searches for other nodes to join by polling the designated internal network. In this way, all nodes are
notified of the new node’s existence. If other nodes cannot be found on a preexisting cluster, the new node takes
control of the quorum resources residing on the shared disk that contains state and configuration data.

69) What applications are not capable of performing in Windows 2003 Server clusters? The ones written
exclusively for NetBEUI and IPX.

70) What’s a heartbeat? Communication processes between the nodes designed to ensure node’s health.

71) What’s a threshold in clustered environment? The number of times a restart is attempted, when the node
fails.

72) You need to change and admin password on a clustered Windows box, but that requires rebooting the
cluster, doesn’t it? No, it doesn’t. In 2003 environment you can do that via cluster.exe utility which does not
require rebooting the entire cluster.

73) For the document of size 1 MB, what size would you expect the index to be with Indexing Service? 150-
300 KB, 15-30% is a reasonable expectation.
74) Doesn’t the Indexing Service introduce a security flaw when allowing access to the index? No, because
users can only view the indices of documents and folders that they have permissions for.

75) What’s the typical size of the index? Less then 100K documents - up to 128 MB. More than that - 256+ MB.

76) Which characters should be enclosed in quotes when searching the index? &, @, $, #, ^, ( ), and |.

77) How would you search for C++? Just enter C++, since + is not a special character (and neither is C).

78) What about Barnes&Noble? Should be searched for as Barnes’&’Noble.

79) Are the searches case-sensitive? No.

80) What’s the order of precedence of Boolean operators in Microsoft Windows 2003 Server Indexing
Service? NOT, AND, NEAR, OR.

81) What’s a vector space query? A multiple-word query where the weight can be assigned to each of the search
words. For example, if you want to fight information on ‘black hole’, but would prefer to give more weight to the
word hole, you can enter black[1] hole[20] into the search window.

82) What’s a response queue? It’s the message queue that holds response messages sent from the receiving
application to the sender.

83) What’s MQPing used for? Testing Microsoft Message Queue services between the nodes on a network.

84) Which add-on package for Windows 2003 Server would you use to monitor the installed software and
license compliance? SMS (System Management Server).

85) Which service do you use to set up various alerts? MOM (Microsoft Operations Manager).

86) What languages does Windows Scripting Host support? VB, VBScript, JScript.

Page 9 of 20
IIS

87 )What is the latest version of IIS released with Windows 7 IIS 7.5

88) From where you can change the ASP.NET Version in IIS ?
This can be change from Virtual Directory properties. First open Properties of Virtual Directory > GoTo
ASP.NET Version Tab. There we can have change the ASP.NET Version.

What are the different "Execution Permission" available for IIS for an virtual directory ?
There are three Execution Permission available.
1. None 2. Scripts Only 3. Scripts and Executable

From where we can set the Session Time Out in IIS ?


We can set the Session time out settings from the Virtual Directory for that site.
Right Click on Virtual Directory > Properties > Click on "Configuration" Button
Goto the "Option" Tab. There in Enable Session State Section you can configure the Session Timeout .

How does IIS process an ASP.net request ?


When client request for an aspx pages, request comes to kernel level off IIS means to HTTP.SYS . HTTP.SYS
receives the request and based on the application pool name [ Which is already registred with the HTTP.SYS ] it
send the request to worker process. Windows Activation process works as mediator of them. w3wp.exe loads
"aspnet_isapi.dll" files to start the HTTPRuntime . HTTPRuntime creates HTTPApplication objects and all
request are passed through HTTPModule and finally reached to HttpHandler . This is the request pipeline. After
end of Request pipeline ASP.NET Page lifecycle starts.

What are the different way that we can hosted site on IIS ?
We can hosted site on IIS either creating Virtual Directory through IIS manager or Using Folder Web Sharing .
Apart from that Visual studio provide some inbuilt features to host the site on IIS like using Publishing the web
site , Using Copy web Tool or Creating Virtual directory during the creating the project by choosing Location as
HTTP

What are the main components of SVCHost.exe ?


Main components for SVCHost.exe are WWW Publishing Service (W3SVC) and Windows Activation Porcess
(WAP) .
W3SVC is the mediator of HTTP.SYS and Windows Activation Process. Windows Activation Process maintain
the worker processes.

Can we create one Application Pool From Another Application Pool ?


Yes. We can.
While creating Application Application Pool From IIS, there should have two option available first one is for
Default Setting and Another is for Existing Setting as template.
We can select the second one and from the drop down listed below we can select any on the Application Pool as
Template,.

Is there any alternative way to host site on IIS rather than opening IIS Manager ?
Yes, We can directly host any site from the physical location of directory itself.
Right Click on Physical Folder > Properties > Web Sharing
There you need to select > "Share This Folder" Option Button. Then it will ask for alias name and other setting.
Then Click on OK.
To Validate : Run > Inetmgr > Check there should an virtual directory with the same "Alias" name that you have
given.
If there are already one Virtual directory exist it will showing you the error message while you providing the
"Alias" name.

How we can set the Idle Time out of an worker process ?


We can set the Idle time out for an worker process from Application Pool Properties.
In Performance Tab of Application pool, we can set the Idle Time out of the worker process. This means worker
process will shut down after that given time period if it stay idle. And will again wake up again if a new request
comes.

How can we set the default page for any web application ?
We can set the default page for a web site from the Virtual Directory Setting.
How To : IIS Manager > Virtual Directory > Right Click > Properties > GoTo Document Tab.

Page 10 of 20
IIS

What is the Role of Windows Activation Process in IIS ?


WAP is the Controller of Worker process under a Application Pool. Windows Activation Process which is
managed by the worker process by starting, stopping and recycling the application pool. When to start, stop and
Recycle should be defined on Application Pool Settings. Activation Process is also responsible for Health Monitor
of Application Pool during runtime.
FYI : Health monitoring setting can be easily found in Properties of Application Pool.

What is Web Farm ?


This is one of the most question in IIS. And along with that interviewer can as what is the different between Web
farm and Web Garden ?
When we hosted our web Application on multiple web server under a load balancer call the Web Farm. This is
generally used for heavy load web application where there are many user request at a time. So When Web
Application is hosted on Different IIS Server over a load balancer, Load balancer is responsible for distribute the
load on different server.

What are the major innovation in IIS 7.0 ?


Below are the Major Innovation in IIS 7.0
Components are designed as module and there are major change in administration settings.
FYI : You can find out many of them, just go thorugh Microsoft IIS web site.

What are the worker process for IIS 5.1 and IIS 6.0 ?
For IIS 5.1 > aspnet_wp.exe
For IIS 6.0 > w3wp.exe

What are the different type of application pool available in IIS 7.0 ?
IIS 7.0 having two types of application pool.
1. DefaultAppPool (Integrated)
2. ClassicAppPool

Where is the default location for IIS Log files ?


Its C:\WINDOWS\system32\LogFiles\W3SVC1

Can we have multiple web sites on IIS ?


Yes. IIS Can have multiple web sites and Each and every web sites can have multiple virtual Directory.
Note : Here web sites means the Root Node.

Why do we need to IIS Remote Debugging ?


There are following reasons where we can use remote debugging
1. Your development server does not have IIS installed.
2. Development server and Build/Released/Hosting Server is different
3. Multiple user want to debug simultaneously.

What is the use of Enable Pinging Properties for Application Pool ?


IIS should periodically monitor the health of a worker process [ Idle or not , Time for recycle or not, All Worker
process are running properly or not ] .
Pining means, Activation Process monitor Worker process performance, health, idle time etc.
By default it sets to 30s .

What is the use of aspnet_regiis -i command ?


This is used automatically register the .NET Framework with your IIS.

Does IIS allows multiple user to Remote debug simultaneously ?


Yes. This is one of the great features of msvsmon.exe . Each instance of the remote debugger has a unique server
name.we can give an instance of the remote debugger any server name. Now multiple user can able to access the
server instance.

If there are multiple worker process running on IIS, then how can you attach a particular worker process for
application ?
Well, If there are multiple worker process running in IIS, it means I have to know the name of my application
pool. Then I can run cscript iisapi.vbs script to find out the process ID and Application Pool name . Based on the
process Id for particular application I have to attache the process from Visual studio IDE.

Page 11 of 20
IIS

How can we get the list of worker process running in IIS along with the Application pool name ?
By running iisapp.vbs script from command Prompt.
Below are the steps :
1. Start > Run > Cmd 2. Go To Windows > System32 3. Run cscript iisapp.vbs

What are the different authentication mode available for IIS Remote Debugging ?
For IIS Remote Debugging msvsmon supported two authentication mode
1. Windows Authentication 2. No-Authentication

Which Tool is used for Remote IIS Debugging ?


Tools is : msvsmon.exe
This is located at : Install path\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86

How we can save an Application Pool Settings?


Application Pool Settings can be save as "XML" Format.
Right Click on Application Pool > All Task > Save Configuration to a File .
This will save all the settings of Application Pool as an XML file.We can make it password protected also.

Which version of IIS is available in Windows Server 2008 ?


IIS 7.0 . Even Vista Home Premium and Ultimate edition is also having IIS 7.0

Does One Web Application can have multiple Application Pool ?


No. Every Web Application should have one Application Pool. Bydefault it is "DefaultAppPool ".

What is the folder location for Virtual Directory ?


<Drive>:\inetpub\wwwroot

What is web garden ?


By default Each Application Pool runs with a Single Worker Process (W3Wp.exe). We can assign multiple
Worker Process With a Single Application Pool. An Application Poll with multiple Worker process called Web
Gardens. Each Worker Process Should have there own Thread and Own Memory space.
Generally its not recommended to use InProc Session mode while we are using Web Garden.

How we can open IIS Configuration manager ?


Just simply Run >inetmgr Or we can open it from control panel > Administrative tools.

What are the permission settings are available for Virtual Directory ?
Below are the list of permission that can be set during virtaul directory creation
1. Read 2. Run Scripts 3. Execute: 4. Write: 5. Browse

How we can create a Virtual Directory on IIS ?


Open IIS Configuration Manager First of all Right Click on Default web sites > New > Virtual Directory .
Browse the Physical Path. Set the properites. Click on OK

How we can debug a web application which is hosted on IIS ?


We can easily debug any web application that are hosted on IIS by using Attaching of Worker Process.
From Visual Studio IDE > Tools > Attach To Process Select the particular Process, then start debugging

How we can create an web garden ?


For creating web graden we need to go to Application Pool, then Right Click on Application Pool > Properties >
Goto Performance Tab In Web Garden Section, increase the number of worker process. By default it is 1

Where session data stores in case of "In-Proc" Session mode ?


Session data store inside process memory of worker process [ w3wp.exe ]

What is the default authentication settings for IIS ?


Anonymous authentication is the default authentication mode for any site that is hosted on IIS, and it runs under
the "IUSR_[ServerName]" account

What are the different security settings available in IIS ?


Below are the commonly used IIS Security settings

Page 12 of 20
IIS

1 Anonymous 2 Integrated Windows Authentication 3. Basic Authentication 4. Digest Authentication


5. Passport Authentication
For Set security permission you need to go to Virtul Directory > Right Click > Properties > Directory Security
Click on Edit Button

What is the Role of Http.Sys in IIS ?


HTTP.SYS is the kernel level components of IIS. All client request comes from client hit the HTTP.Sys of Kernel
level. HTTP.SYS then makes a queue for each and every request for each and individual application pool based on
the request.
Whenever we create any application pool IIS automatically registers the pool with HTTP.SYS to identify the
particular during request processing

What are the main layers of IIS Architecture ?


IIS having mainly two layer Kernel Mode and User Mode
Below are the subsection of both of them.
1. Kernel Mode o HTTP.SYS
2. User Mode o Web Admin Service o Virtual Directory o Application Pool

What is Recycling of Application Pool ?


recycling Application pool means recycle the Worker process (w3wp.exe ) and the memory used for the web
application. There are two types of recycling related with Application pool
1. Recycling Worker Process - Predefined Settings
2. Recycling Worker Process - Based on Memory .

What is Application Pool in IIS ?


Before Giving the Definition : you can say like this, Concept of Application pool has from IIS 6.0 .
Application pools are used to separate sets of IIS worker processes that share the same configuration and
application boundaries. Application pools used to isolate our web application for better security, reliability, and
availability and performance and keep running with out impacting each other . The worker process serves as the
process boundary that separates each application pool so that when one worker process or application is having an
issue or recycles, other applications or worker processes are not affected.
One Application Pool can have multiple worker process Also.
Main Point to Remember:
1. Isolation of Different Web Application
2. Individual worker process for different web application
3. More reliably web application
4. Better Performance

What is the Role of IIS ?


Visual studio having It own ASP.NET Engine which is capable enough to run Asp.net web application from
visual studio. So we just click on Run button to start the application.
Now this is the scenarios of local environment. But If we want to host it on server from where all user can access
the sites then IIS comes into the picture.
IIS provides a redesigned WWW architecture that can help you achieve better performance, reliability, scalability,
and security for our Web sites. IIS can support following Protocol HTTP/HTTPS, FTP, FTPS, SMTP Etc. We
need to host the site on IIS, when request comes from client it first hits the IIS Server, then the server passed it to
ASP.NET worker process to execute. Then the response also passes to client via IIS itself.
Note only Hosting of Site we can create our FTP Server, SMTP Server using IIS itself.
There are different version of IIS available like 5.1, 6.0, 7.0 etc

Name of default Identity of IIS6.0


Default Identity of IIS 6.0 is NetworkServices .
Which is having very minimum rights on your system. The user can only have the read access of the site.

What are the different types of Identity available in IIS 6.0 ?


IIS having three different Identity.
1. Local System 2. Local Services 3. NetworkServices

What is the Name of Default Application Pool in IIS ?


Though we can create new application pool IIS with different settings, but IIS having its own default application
pool named : DefaultAppPool

Page 13 of 20
IIS

What are the different version on IIS that you have worked on ?
Before answering this question you need to know what are the different IIS version is available in different OS.
Below is the list of IIS version with different Operating system.
Windows Server 2008 - Windows Vista - Home Premium/ Ultimate - IIS 7.0
Windows Server 2003 - IIS 6.0
Windows XP Professional - IIS 5.1
Now based on your working experience you can say that you have worked on IIS 5.1 and 6.0 or only IIS 7. Etc.

Q: I want to upgrade my IIS 5 server to IIS 6. How do I?


A: You can't upgrade to IIS 6 without upgrading from Windows 2000 to Windows 2003 server. It is easy to think
that Microsoft enforces this rule arbitrarily and could allow you to install IIS 6 on Windows 2000 with just a few
bits of code changed, but that is not so. IIS 6 is a complete overhaul and is not an "add on program" like Microsoft
Office that can be installed on several platforms. It includes integration with new features, accounts, and drivers
that do not exist in Windows 2000 and cannot exist without a sizeable overhaul of the operating system. The good
news is that IIS 6 is a much, much better web server than it would be if it could be installed on Windows 2000.
The bad news is that you have to upgrade to Windows 2003 Server to get it.

Q: How do I install IIS 6 on Windows XP?


A: See the above answer with the addition that you can't directly upgrade from XP to 2003.

Q: Where do I download IIS 5? Where do I download IIS 6?


A: No version of IIS 5 or IIS 6 can be downloaded. They are installed using Add/Remove Windows Components

Q: How do I install IIS 5 on XP Home Edition?


A: IIS is not available on the home edition. If you need a web server to develop ASP.net applications,

Q: What limits are on the XP Pro version of IIS (IIS 5.1)?


A: There are several. The most significant is that you cannot create more than one website and it is limited to 10
connections. Why? It's a client operating system not intended to act as a server. IIS is provided to serve as a
development platform, not act as a server. To get unlimited websites and connections, you need to invest in a
server operating system. You can buy the Windows 2003 Server Web Edition for less than $400 online at various
places.

Q: What limits are on the Windows 2003 Server Web Edition?


A: It is essentially a Windows 2003 Server intended to act as a web server and nothing else. You can run most
applications on it, but can't turn it into a SQL server, domain controller, or Exchange server. It supports an
unlimited number (limited by system resources) of websites and http connections, but it is limited to 10 UNC style
connections (file://servername/share). This limitation is built in to prevent people from using the Web Edition as
inexpensive file server. Perhaps the most severe limitation is 2GB of RAM and 2 CPUs.

Q: What platforms can be used to develop ASP.net applications?


A: To develop .net applications, all you really need is the .net framework installed and notepad. You can develop
on XP Home with the webmatrix, but it will not host IIS. I have seen some messages around touting some hacks
that theoretically make it possible if you steal the bits from an XP Pro OS, but have not tried and do not
recommend you try this. When you mess around with operating system in this way, you are just asking for
problems when upgrades, service packs, etc come around - not to mention the ethics issue. My advice to people
who need to develop or learn to develop professionally: XP Pro upgrade costs about $180 and is well worth the
investment for professionals..
Host Headers

3) What is the difference between IIS 5.0 and IIS 6.0 ?


IIS 5.1 is for Windows XP IIS 6 is for Windows Server, We can create separate application pool with worker
process for a separete website
in IIS 6.0 only.

How will you check the memory usage of 2000 servers ?


Using performance monitor

Page 14 of 20
IIS

Monitoring IIS Performance in Windows Server 2003


The primary performance monitoring MMC snap-ins and tools used for monitoring Windows Server 2003, and IIS
are:
System Monitor: The System Monitor is the one of the main MMC snap-ins used to monitor system performance.
This was previously the Performance Monitor tool in Windows NT. The name change to System Monitor
occurred in Windows 2000. Through System Monitor, you can monitor various elements of the performance of a
server, and you can collect and view real-time data or you can view historically collected data. System Monitor
can be displayed in a graph, histogram, or report format. System Monitor uses objects, counters and instances to
monitor the system. An object can be described as a collection of counters that is associated with a system
resource or service which produce the data you can assess. When an object executes a function, its associated
counters are updated. A counter can be regarded as a data reporting component in an object. The counter
represents data for a particular component of the system or service. An instance refers to the incident of multiple
performance objects of the identical type on a computer. An object can have one or multiple instances.
You have to be a member of one of the following groups to use System Monitor:
Administrators / Server Operators / Performance Monitor Users / Performance Log Users /To open System
Monitor,
Click Start, Run, enter perfmon.exe in the Run box, and click OK.
Click Start, Administrative Tools, Performance, and then click System Monitor.
A few of commonly monitored objects include,
Processor Memory Logical Disk Physical Disk DNS DHCP Server Network interface Web service

To add counters in System Monitor,


Open System Monitor
Click Add to open the Add Counters dialog box.
You can choose the Use Local Computer Counters option to monitor the local computer, or you can choose the
Select From Computer option.
When you use the latter option, you can select a computer from the list and choose counters for that particular
computer.
Choose the performance object from the list.
You can click the All Counters option to monitor all counters associated with the object, or you can click the
Select Counters From List option to individually select counters.
Click the All Instances option to track all instances, or alternatively click the Select Instances From List option to
individually select instances.
Click the Add button to add the counters.
Performance Logs and Alerts: You can create counter logs and trace logs, and configure alerts by using
Performance Logs and Alerts. Any created logs can be viewed through System Monitor, or exported to a database
or spreadsheet. Because performance logging runs as a service, a user does not need to be logged on to the
computer being monitored to collect data. You can view data while it is being collected, or after the data has been
collected. You can define an alert for a counter to initiate an action when the counter value surpasses or drops
below a predefined setting. Counter logs are used to record system performance data at specified intervals. Trace
logs are used to record comprehensive system events after the particular event occurred.
To access Performance Logs and Alerts,

Click Start, Administrative Tools, Performance, and then expand Performance Logs And Alerts.
Task Manager: If you want to view all applications and processes running on a Windows Server 2003 computer,
and view a few common performance measures, you should use Task Manager. You can Task Manager to view
system activities such as active applications and processes, memory and CPU usage of processes, and the users
who are currently logged on to the server. You can also view a number of memory and network usage statistical
information.
To open Task Manager, use of the methods listed below:

Click Start, Run, enter taskmgr.exe in the Run box, and click OK.
Press Ctrl + Alt + Delete and select the Task Manager button.
Right-click an empty section of the taskbar, and then click Task Manager.
Network Monitor: You can use Network Monitor to monitor network traffic, and to troubleshoot network issues
or problems. You can also use Network Monitor to gather network information that can be used in capacity
planning efforts, and to establish baselines. Network Monitor shipped with Windows Server 2003 allow you to
monitor network activity and use the gathered information to manage and optimize traffic, identify unnecessary
protocols, and to detect problems with network applications and services. In order to capture frames, you have to
install the Network Monitor application and the Network Monitor driver on the server where you are going to run
Network Monitor. Network Monitor saves captured data to a temporary capture file that you then save with a

Page 15 of 20
IIS

.CAP extension. This enables captured data to be examined in Network Monitor. You can design a capture filter to
capture only specific frames, or you can configure it to respond to a specific condition.
To install the Network Monitor Driver :

Open the Network Connections folder


Right-click Local Area Connection, and select Properties
When the Properties dialog box is displayed, click the Install button.
When the Select Network Component Type dialog box is displayed, click Protocol in the Component list, and
click the Add button
When the Select Network Protocol dialog box is displayed, click Network Monitor Driver.
Click OK.
To install the Network Monitor application

Click Start, click Control Panel, and click Add or Remove Programs
When the Add Or Remove Programs dialog box is displayed, click Add/Remove Windows Components
This initiates the Windows Component Wizard
Select Management and Monitoring Tool, and click the Details button
Select the Network Monitor Tools check box, and click OK
Click Next and Click Finish
Web Application Stress Tool (WAST): You can use WAST to simulate the following:
Simulate the effect of multiple web browsers concurrently connecting to IIS to run applications
Simulate the effect of multiple web browsers concurrently connecting to IIS to download Web content
Simulate different loads so that you can determine the effect on the Web server.
When monitoring Windows Server 2003 and IIS, it is recommended to monitor counters for the following system
resources, or objects:
Memory
Processor
Disk
Network
The performance counters that you should enable for the above system resources to monitor IIS performance are
listed below.
Memory: The counters useful for IIS monitoring are:
Available Bytes, maintain over 20MB.
Cache Bytes, a decrease could be indicative of IIS memory depleting
Committed Bytes, maintain beneath 75 percent of physical memory.
Page Faults/sec, consider adding additional RAM when hard page faults are degrading IIS performance.
Pages/sec, maintain a low figure. You should consider supplementing RAM when the counter is over 80.
Pool Nonpaged Bytes, if the counter gradually increases, verify that none of your applications have memory leaks.
Processor: The counters useful for IIS monitoring are:
% Processor Time, a processor bottleneck typically exists when this counter is over 80 for a continued time, and
network usage is low.
Disk: The counters useful for IIS monitoring are:
% Disk Time, it is recommended to maintain a low value for this counter.
Avg. Disk Bytes/Transfer, it is recommended to maintain a high value for this counter.
Avg. Disk Queue Length, it is recommended to have a value of 4 or lower.
Network: The counter useful for IIS monitoring are:
Bytes Total/sec, the value should be checked to the bandwidth of the network card to determine if any network
connection bottlenecks exist.
The performance counters of the WWW Service objects that you should enable to monitor the WWW service are
listed below.
WWW Service: The counters useful for IIS monitoring are:
Bytes Total/sec, the counter value should be high
File Cache Hits, for static content, the counter value should be quite high.
File Cache %, a low counter value could possibly mean that you have to re-examine the design of your
applications.
ISAPI Extension, a drop of this counter during heavy load could mean that your application might be a bottleneck.
The performance counters of the Active Server Pages object that you should enable to monitor ASP are listed
below.
Active Server Pages: The counters useful for IIS monitoring are:
Requests/Sec, a drop of this counter during heavy load could mean that your applications might be a bottleneck.
Request Queued, maintain a low counter value
Request Wait Time, the counter value should generally be low.

Page 16 of 20
IIS

Tuning IIS for Maximum Performance


One definite way to ensure maximum IIS performance and security is to have your servers running in the worker
process isolation mode of IIS 6. This is the default application mode in IIS 6, where all the new architectural
features of IIS 6 are enabled, including:
Application pools and worker processes provide the following key features:
CPU monitoring, Processor affinity, Health monitoring, Rapid-fail protection, Recycling, Startup and shutdown
time limits, Queue length limits, and Idle timeout capabilities.
ASP.NET provide the following features for applications:
Improved performance over ASP applications, extensive programming language support, and XML integration.
To switch to worker process isolation mode,
Open the IIS Manager
Right-click the Web Sites node, and click Properties from the shortcut menu.
When the Web Site Properties dialog box opens, click the Services tab.
If you want to use worker process isolation mode, clear the Run WWW service in IIS 5 isolation mode checkbox.
Click OK.
Restart IIS
How to tune application pools through recycling
Recycling a worker process improves the reliability of IIS. Recycling is beneficial for faulty Web applications
which are typically caused by memory leaks. Through recycling, you enable IIS to periodically restart worker
processes which are currently servicing an application pool. You can configure recycling for a worker process
using a number of criteria:
Once a predetermined number of minutes of inactivity have passed: The default setting is 1740 minutes.
Once a worker process has serviced a predefined number of requests. The default setting is 35,000 connections.
After the virtual memory usage by the worker process attains a specific threshold.
At a specific time of the day
To manually recycle a worker process,
Open IIS Manager
Locate and right-click the application pool associated with the worker process, and select Recycle from the
shortcut menu.
To configure all worker processes in each application pool to recycle according to the same criteria,
Open IIS Manager
Right-click the Application Pool node in the console tree, and select Properties from the shortcut menu.
The Recycling tab is utilized for configuring recycling.
How to configure the idle timeout feature for all application pools
Through the idle timeout feature, you can enhance web server performance by enabling IIS to shut down idle
worker processes. Enabling the idle timeout feature assists in eliminating system resource wasting that normally
occurs when worker processes run idly. It allows you to better manage system resources, preserve resources so
that they are available when needed, and free up resources.
To enable the idle time feature,
Open IIS Manager
Right-click the Application Pool node in the console tree, and select Properties from the shortcut menu.
Click the Performance tab.
In the Idle Timeout area of the Performance tab, enable the available checkbox and specify the inactivity time
duration after which the worker process should shut down. The default setting is 20 minutes.
Click OK.
How to enable the Request Queue Limits, CPU Monitoring, and Web Gardens features to improve IIS
performance
A lengthy request queue can result in clients considering the performance of the IIS server as being slow. To
prevent this from happening, you can limit the request queue for applications in an application pool. This feature
is configured on the Performance tab of the Application Pool's Properties window.
You can enable CPU monitoring to track the usage of CPU by the worker processes of an application pool. You
can also configure IIS to shut down the worker processes of the application pool when their CPU usage has
exceeded a specified threshold. This feature is also configured on the Performance tab of the Application Pool's
Properties window.
Web Gardens, another IIS feature, improves IIS performance by allowing multiple worker processes to service
one application pool. When a worker process fails, the remainder of the worker processes continue to service the
application pool.
To configure the Request Queue Limit, CPU Monitoring, and Web Garden features,
Open IIS Manager
Right-click the Application Pool node in the console tree, and select Properties from the shortcut menu.
Click the Performance tab.
Enable the checkbox under the Request Queue Limit section of the Performance tab, and set the appropriate limit.

Page 17 of 20
IIS

Enable the checkbox under the CPU Monitoring section of the Performance tab, and specify the fitting setting
value. Specify the action that IIS should take when the specified CPU usage level is exceeded.
Enable the Web Garden feature by selecting a value greater than one in the Web Gardens area of the Performance
tab. A value of one indicates that the Web Garden feature is disabled.
Click OK.
How to configure Health Monitoring features
You can enable health monitoring for worker processes to determine whether they are functioning correctly.
Health monitoring is enabled by selecting the Enable Pinging checkbox on the Health tab of the Application
Pool's Properties window.
Rapid-fail protection is another IIS feature that enables you to detect when multiple worker processes associated
with an application pool are performing incorrectly. You enable rapid-fail protection by selecting the Enable
Rapid-Fail Protection checkbox on the Health tab of the Application Pool's Properties window. To configure the
feature, you would need to specify how many worker process failures need to occur, and in how many minutes;
before IIS shuts down the application pool which the worker processes are servicing.
You can also configure Startup Time Limit and Shutdown Time Limit settings on the Health tab for worker
processes that are not running as they should. The Startup Time Limit value indicates the time interval in which
another worker process should replace an unhealthy worker process. The Shutdown Time Limit value indicates
the time in which an unhealthy worker process can shut itself down, before IIS forcefully terminates it.
The Quality of Service (QoS) features of IIS
The various QoS features of IIS which you can enable and configure to tune IIS performance are listed below:
HTTP Keep-Alives: This feature allows you to maintain TCP connections between the Web server and a client for
a specified duration.
To enable or disable the HTTP Keep-Alives QoS feature,

Open the IIS Manager.


Right-click the Web Sites node and select Properties on the shortcut menu.
When the Web Sites Properties dialog box opens, click the Web Site tab.
To enable HTTP Keep-Alives, check the Enable HTTP Keep-Alives checkbox.
To disable HTTP Keep-Alives, clear the Enable HTTP Keep-Alives checkbox.
Click OK.
Connection Timeouts: Connection timeouts and HTTP Keep-Alives are basically interconnected features.
Connection timeouts allow IIS to claim back resources when connections are idle. You can enable connection
timeouts by setting the Connection Timeout value on the Web Sites Properties windows and then enabling HTTP
Keep-Alives. Connection timeouts can be configured at the following levels:
Global level for Web sites and FTP sites.
For each individual Web site and FTP site
HTTP Compression: If you have limited bandwidth, or you need to more effectively us your existing bandwidth,
you should consider enabling HTTP compression. HTTP Compression can be used to compress static HTML files
and dynamic response content for web browsers that support HTTP compression. HTTP compression is supported
by:
Internet Explorer 4 or aboveNetscape Navigator 4.5 or aboveOpera 5 or aboveTo enable HTTP Compression,

Open the IIS Manager.


Right-click the Web Sites node and select Properties on the shortcut menu.
When the Web Sites Properties dialog box opens, click the Services tab.
If you want to compress dynamic content, click the Compress Application Files checkbox.
If you want to compress static files, click the Compress Static Files checkbox.
Click OK.
Limiting Connections: You can also limit the number of simultaneous connections which IIS allows on the
Performance tab of the Properties window for a website, and on the FTP Site tab on the Properties window for an
FTP site. The default setting for Limiting Connections for websites is Unlimited. This means that IIS allows
allincoming connections by default. For FTP sites, the default setting is that connections is limited to 100, 000
simultaneous connections. To assist in deciding on the connection limit that you should configure, monitor the
Current Connections, Maximum Connections, and Total Connection Attempts counters for the WWW service and
the FTP service.
Bandwidth Throttling: This feature of IIS allows you to specify the quantity of network bandwidth IIS can
consume, and the quantity of network bandwidth each individual website can consume. It is recommended to
enable Bandwidth Throttling if the IIS machine uses over 50 percent of available network bandwidth. Bandwidth
throttling can be enabled and configured on the Performance tab on a Properties window for a website. The
recommended setting is 1024 kilobytes/second.
How to tune the IIS metabase

Page 18 of 20
IIS

The properties of the metabase which affect IIS performance, and the performance of ASP.NET, ASP and ISAPI
applications which you can configure to tune IIS performance are:
AppAllowDebugging: This property should be set to False so as not to negatively impact application performance,
and should only be set to True on development servers. Enabling the AppAllowDebugging property results in IIS
application threads being serialized.
AspScriptEngineCacheMax: For websites that are large, it is recommended to increase the
AspScriptEngineCacheMax property's value to increase the number of scripting engines ASP caches in memory.
AspScriptFileCacheSize: It is strongly recommended to enable ASP caching to increase the performance of your
ASP applications.
AspQueueConnectionTestTime: It is recommended to set the value of this property to only a few seconds, to
compel the IIS server to verify that the client is indeed connected, prior to it servicing his/her request.
AspBufferingOn: This property should be set to False so that application output is saved prior to flushing to
clients.
CacheISAPI: This property should be set to True to improve performance by caching ISAPI extensions in
memory.
How to tune Registry settings to improve IIS performance
While the majority of IIS configuration information is stored in the metabase, there are still a few IIS settings
which are stored in the Registry. The Registry settings which you can tune to improve IIS performance are
discussed below.
The Registry settings located under HKLM\SYSTEM\CurrentControlSet\Services\ Inetinfo\Parameters are:
CacheSecurityDescriptor: Do not change the default value of 1 for this setting because it means that the caching of
security descriptors for file objects is enabled. This in turn quickens the retrieval of cached content when an
authentication method other than Anonymous access is utilized.
CheckCertRevocation: For production servers which are not being utilized for intranet environments, the
CheckCertRevocation setting's value should be 0 (disabled).
DisableMemoryCache: A setting of 0 enables static file caching.
ListenBackLog: Tune this setting's value according to the load of the server.
MaxCachedFileSize: Tune this setting's value according to whether or not your server is servicing clients with
large files (images or video clips)
MemCacheSize: If you set the value of the setting for the cache size, then IIS no longer controls the cache size
dynamically.
MaxPoolThreads: This setting determines the number of pool threads that can be created for each processor. It is
recommended to not set this value to more than 20.
MinFileBytesPerSec: Change the setting to limit the time in which the client has to receive a response.
ObjectCacheTTL: The value of this setting determines the time duration for which objects are stored in the static
file cache.
The Registry settings located in KLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters are:
UriMaxCacheMegabyteCount Through the value of this setting, you can tune the performance of Http.sys. A
default setting of 0 allows Http.sys to determine what memory the cache utilizes.
UriScavengerPeriod: This setting controls how often the URI cache scavenger removes stale entries. The default
value is 120 seconds.
The Registry setting located in HKLM\SYSTEM\CurrentControlSet\Services\ASP\Parameters is:
DisableLazyContentPropagation: It is recommended that the value of the DisableLazyContentPropagation key be
left at its default value of 0. This prevents the Web server from failing when a large quantity of content needs to be
updated.
The Registry setting located in HKLM\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters is:

UploadReadAhead: This setting determines how much request data IIS accepts prior to forwarding it to a
particular application. Increase this value according to the amount of RAM on the server.
Common Server Tuning Methods for Tuning the IIS machine
A few common methods that should be considered to tune the performance of the IIS machine:
Consider using a SMP-capable motherboard so that you can easily add a CPU if you need to improve processing
power.
If you are using Windows Server 2003, use its capability of effectively defragmenting NTFS drives to ensure that
the disk subsystem performs efficiently.
Consider setting a large enough fixed paging file size, and distributing the paging file over multiple drives. This
also assists in improving performance of the disk subsystem.
You should consider using a hardware RAID solution over software RAID. Software RAID solutions place an
additional burden on the processor subsystem.
If your Web servers host e-commerce sites, consider using Windows clustering and network load balancing
(NLB).

Page 19 of 20
IIS

The simplest method which can be used to improve the performance of your IIS machine is to add additional
RAM.
You should also maximize data throughput so that your RAM is being utilized efficiently. You enable Maximize
Data Throughput using Control Panel. A few benefits of enabling Maximize Data Throughput is SMP scalability
on multiprocessor machines, improved networking performance, and support for a larger amount of physical
memory
To enable Maximize Data Throughput,

Open Control Panel


Click Network Connections, and then select Local Area Connection
Click the General tab, and then click Properties.
When the Local Area Connection Properties dialog box opens, select File and Print Sharing for Microsoft
Networks, and then click Properties.
Select the Maximize Data Throughput for Network Applications option.
Click OK.
IIS logging depletes processor, disk and memory resources. You should therefore not extensively enable IIS
logging. Before enabling remote logging, be sure to check for any performance impacts. Remote logging is
definitely slower.
It is recommended to not enable ODBC logging because it disables IIS kernel-mode caching.
When using virtual directories, use the local IIS machine over mapping them to a share located on a remote server.
Use the FTP user isolation feature with caution. It is recommended to use a separate IIS machine for FTP if you
have to use FTP user isolation.
Steer clear of using old CGI applications. A better solution would be to use ASP or ASP.NET applications.
You should also use ISAPI extensions over ISAPI filters. It is recommended to rewrite any existing ISAP filters to
operate as ISAPI extensions.
You can save on your CPU resources by disabling content indexing if you are not applying user search pages.
Tuning the Performance of ASP, ASP.NET, and ISAPI Applications
A few common tuning methods which you can use for applications running on IIS 6 are:
You should use static HTML files because they utilize a lesser amount of memory and processor resources
Because SSL encryption needs extensive CPU resources, only use it when you really have to.
You should configure expire headers for static HTML files and for image files.
Tune your ASP.NET applications for high performance by implementing the following best practices:
Caching should be enabled.
All input validation should be performed on the client
If it is not being utilized, disable Session State.
It is recommended to store application session data out-of-process if are deploying web gardens and web farms.
You should utilize stored procedures to access data on SQL servers. Do not use ad hoc queries.
For VBScript code, utilize Option Strict.
You should trap exceptions rather than using it for directing program flow.
How to enable ISAPI caching to improve application performance on IIS 6:
Open IIS Manager
Open the Properties window for the website which contains the particular application.
Click the Home Directory tab.
Click Create to enter a name for the application if it needs one.
Click the Configuration button
When the Application Configuration Properties dialog box of the application opens, click the Mappings tab.
Select the Cache ISAPI Extensions checkbox.
Click OK.

Page 20 of 20

You might also like