IIS

What is IIS (Internet Information Server)?

It is a windows component, a web server that accepts requests from client browsers and responds with the requested page(s)

IIS Manager: A tool to configure and manage IIS. To launch IIS Manager one of the below methods can be used.

Control Panel à Administrative Tools à IIS Manager

                                                (Or)

Start à Run à inetmgr.exe

Default Website: Default website is a website provided in IIS at the time of installation of IIS.  The physical directory used by the default website of IIS is c:\inetpub\wwwroot and the port is 80

IIS Website & Application

·         A computer connected to the internet that maintains a series of web pages on the World Wide Web

·         A Website is made up of one or more IIS b (Virtual Directories).

·         Every Web Application has a Virtual Directory but every Virtual Directory doesn’t necessary need to be an Application.

·         The physical directory of the web application need not be the subdirectory of the physical directory of web site.

Steps to Create Multiple Website on Port 80

1.       Go to IIS Manager

2.       Right click on Websites à New à Website

3.       Host Header = "DemoSite"

4.       Give Physical Directory: c:\DemoSite

5.       Edit: c:\windows\system32\drivers\etc\hosts (this is alternative to DNS server)

6.       Note: Hosts is a file...Which can map name to IP Address

127.0.0.1    DemoSite

Note: The above address should be IP of server.             

7.       In c:\DemoSite create and Html file (demo.html)

8.       Browser: http://DemoSite/Demo.html

What is an Application Pool?

·         An Application Pool contains one or more applications and allows us to configure a level of isolation between different Web applications.

·         If we want to isolate all the Web applications running in the same computer, we can do so by creating a separate application pool for every Web application and placing them in their corresponding application pool.

·         Because each application pool runs in its own worker process, errors in one application pool will not affect the applications running in other application pools.

·         When you configure application pools for optimum availability, you also should consider how to configure application pools for application security. For example, you might need to create separate application pools for applications that require a high level of security, while allowing applications that require a lower level of security to share the same application pool.

In the above example, IIS is hosting three Applications in two Application Pools.  For example, If Web Application 3 crashes Web Application 2 will not be affected.  However Web Application 1 will be affected as it is in the same Application pool

What is AppDomain

Asp.Net introduces the concept of an Application Domain which is shortly known as AppDomain. It can be considered as a Lightweight process which is both a container and boundary. The .NET runtime uses an AppDomain as a container for code and data, just like the operating system uses a process as a container for code and data. As the operating system uses a process to isolate misbehaving code, the .NET runtime uses an AppDomain to isolate code inside of a secure boundary.

ISAPI Programming Model (Internet Server Application Programming Interface).

1.       ISAPI extensions are true applications that run on IIS and have access to all of the functionality provided by IIS. As an example of how powerful ISAPI extensions can be, ASP pages are processed through an ISAPI extension called ASP.dll. In general, clients can access ISAPI extensions the same way they access a static HTML file or dynamic ASP file.

2.      ISAPI filters are DLL files that can be used to modify and enhance the functionality provided by IIS. ISAPI filters always run on an IIS server, filtering every request until they find one they need to process. The ability to examine and modify both incoming and outgoing streams of data makes ISAPI filters powerful and flexible.

ASP.NET uses ISAPI programming model and it uses the below

General Terms

Web Farm: When multiple machines are used with different role(s) designated for each server, it is called a Web Farm Scenario.  It is normally applied, where heavy request and processing loads are expected.  Using Web Farm, enhances performance of the entire system.

Web Garden: When a single machine is configured to perform multiple roles it is called a Web Garden scenario.  For example, the webserver machine itself also acts as the database server and the SMTP server etc.  Web Garden in normally applied when request and processing loads are not high.

Network Load Balancing (NLB) : It is a service for Windows 2008 server. NLB gives a common virtual machine name to all the web servers present in an organization, i.e., web servers on different machines, i.e., if 10 machines are used in NLB then all the 10 machines would have the same virtual name and all of them share the load.  NLB sends new requests to the server with least load.

HTTPS (Secured Socket Layer)

HTTPS is used for sites containing sensitive data that requires secured environment/transfer of information.

How does Https work?

All https pages will contain a Certificate (Private Key + Public Key) which is issued by a Certificate Authority.  The pages that are transferred are encrypted and it can be decrypted only if the Private Key is available. 

Certificate Authority:  It’s a server that creates certificates. Examples: Verisign, Windows Certificate Authority. 

Windows Certificate Authority is a built-in Certificate Authority which comes with Windows OS. 

It can be installed from Control PanelàAdd Remove ProgramsàWindows Componentsàselect Certificate Services.

To Create a Certificate:

Goto IIS Manager è Select Machine Name àIn Center Panel, under IIS section, Double on Server Certificates

On the right panel à Select Create Self Signed Certificate à Give Friendly Name = “DemoCertificate”

To Enable HTTPS for a Website

·         Select the WebSite in left panel

·         On right Panel click on Bindings (Opens a Dialog)

·         Click on Add button à Type = Https, Port = 443, SSL certificate = “DemoCertificate”

In Browser open the website with URL starting with HTTPS.

Active Directory users and groups creation

Creating a group in Active Directory

• Startà Administrative ToolsàActive Directory Users and Computers
• Right click on domain name à New à Group à Group Name : DevelopersàGroup Scope: Domain LocalàOK

v  Similarly create Faculty group, Staff group and Students group

To Create Users in Active Directory

• Startà Administrative ToolsàActive Directory Users and Computers
• Right click on domain name à New à User à First Name : Developer1àUser Logon :developer1àNEXTàPassword : dss@123 àSelect user cannot change password àSelect password never expiresàNEXTàFINISH

To Associate User to a Specific Group

àRight click on User NameàPropertiesàMember ofàAddàAdvancedàFind NowàSelect DevelopersàOKàOK

v  Similarly create users (Faculty1, Student1 and Staff1) for other groups and associate with their respective group.  

v  We also create another user “CIO” for whom we give access at a higher level so we don’t associate this user to any other group.  (email address: cio@deccansoft.com)

 

Configuring Internet Explorer to prompt Username and Password

Internet ExploreràToolsàInternet OptionsàSecurityàLocal InternetàCustom Levelà[under user authentication] Prompt for Username and PasswordàOK