Introduction

Over the last few years, I've found an abundance of books that answer the question, "What can I do when administering Internet Information Server?" But I have yet to find a book that answers the more pertinent question: "What should I do when administering Internet Information Services?" This is the question I attempt to answer in this book.

During the course of this book, I highlight the pros and cons of many of the options available in Internet Information Services, while not actually covering the details of some of these options. These details are covered in other books and, of course, in the product documentation. I try to explain which options make sense in which situations, and why. This book also provides many recommendations based on my experience with the current version of Internet Information Services, as well as my past experience with each previous version. Most of these recommendations are also targeted at small Internet service providers (ISPs), because this is the environment in which I work. Still, the majority of the information in this book applies to all environments in which Internet Information Services could be installed, whether by a small ISP, a large ISP, or a corporate intranet.

Who Should Read This Book?

This book is written for experienced Web server administrators who intend to either upgrade to or migrate to Internet Information Services 5. It is also an excellent reference for the first-time Internet Information Services administrator, although it is not intended to be an exhaustive reference on the product. It also can be an invaluable tool for anyone planning to start a Web hosting company.

What Is Covered in This Book?

The following is a brief overview of the chapters in this book:

• Chapter 1: "Installing and Managing IIS." Chapter 1 starts by providing a list of questions to consider before installing Internet Information Services. The majority of the chapter focuses on making recommendations for installing Internet Information Services, including hardware and software needed, security planning, and organizing content. This chapter also includes a survey of management options and a discussion of backup options.

• Chapter 2: "Internetworking Considerations." Chapter 2 discusses the options available for placing your Web server on the Internet and making the Web sites housed on it available to clients. This chapter also includes a survey of third-party hardware and software solutions for guaranteeing the availability of your Web sites.

• Chapter 3: "Integrating IIS with Windows 2000 Security." Chapter 3 is the first of two security chapters in this book. This chapter first introduces the security measures available to Internet Information Services and then reviews the options provided by Windows 2000, including users and groups; passwords, policies, and access tokens; NTFS; and authentication features.

• Chapter 4: "IIS Security." Chapter 4 supplements the first security chapter by discussing the security measures provided by Internet Information Services. This chapter discusses the role of IP address and domain name restrictions, access permissions, and user authentication in Internet Information Services 5.

• Chapter 5: "Customizing WWW Sites." Chapter 5 provides a technical discussion of HTTP clients and servers and discusses configuration options of a Web site, including virtual servers and virtual directories. It also discusses delegating administrative privileges and issues you'll deal with when working with local and remote directories.

• Chapter 6: "Customizing the FTP Service." Chapter 6 begins with a brief review of FTP architecture. This chapter then details options configured on the FTP Site tab, security accounts that can access an FTP site, and options configured on the Home Directory tab. Finally, this chapter provides a discussion of FTP virtual directories and a step-by-step setup of an FTP site.

• Chapter 7: "Running Web Applications." Chapter 7 overviews how to run Web applications on Internet Information Services. This chapter focuses on information needed by the Web server administrator, not a developer, and includes topics, such as MIME type configuration, ISAPI applications, and ASP applications.

• Chapter 8: "Microsoft FrontPage Server Extensions." Chapter 8 explains how to install and effectively configure the FrontPage2000 Server Extensions. This chapter then discusses administering the Server Extensions and configuring security. Finally, this chapter explains how FrontPage administrators connect to a FrontPage Web and how the Server Extensions integrate with other services.

• Chapter 9: "SSL and Certificate Services." Chapter 9 discusses Secure Sockets Layer and why it is fundamental to security, encryption, client certificate mapping, certificates, and certificate authorities. This chapter also provides a complete walk-through of the installation of Microsoft Certification Authority Server.

• Chapter 10: "IIS SMTP Service and NNTP Service." Chapter 10 overviews SMTP architecture, surveys SendMail components available for use with Internet Information Services, reviews the SMTP property sheets, and introduces NNTP.

• Chapter 11: "Connecting to Databases." Chapter 11 provides an architectural overview of Open Database Connectivity, details three methods of connecting to a database, outlines the pros and cons to using Microsoft SQL Server databases and Microsoft Access databases, and explains the concept of and need for version checking.

• Chapter 12: "Managing Log Files." Chapter 12 provides details of the different log file formats available in Internet Information Services 5 and discusses the benefits of each. It also surveys utilities that will interpret log file data and generate valuable statistics and reports. This chapter finishes with recommendations for managing log files.

• Chapter 13: "Performance Tuning and Reliability." Chapter 13 starts by discussing the Performance tab of the Web Site Properties sheet and the options available when configuring Web applications. This chapter then focuses on monitoring the performance of Internet Information Services and specific Web sites, improving the performance of Internet Information Services, and the effects of ASP pages on Internet Information Services.

Conventions Used in This Book

Use of the term Internet Information Services generally applies to Internet Information Services 5, although a large portion of the topics covered in this book also apply to Internet Information Server 4 and occasionally to versions earlier than that. If the information is new to Internet Information Services 5, I have tried to highlight that. If I felt that the information was not well-known but applied to multiple versions, I tried to highlight that also.

Following these same lines, Windows 2000 generally applies to Windows 2000 Server. Internet Information Services is included in other flavors of Windows 2000, but my experience and testing is with Windows 2000 Server. Almost all the information on Windows 2000 is the same for all flavors, with the exception of the Professional version. Because Professional is targeted for the desktop, it does not offer all the features of Windows 2000 Server, and its Internet Information Services component does not offer all the features of the Internet Information Services component included with Windows 2000 Server.

In addition, there are also a few typographical conventions in the book. Anything the reader selects or types is set off with bold; check boxes are in quotes; and Web sites, filenames, and utilities are monospaced font.