IIS : Changes from 6 to 7
That is when I understood as system administrators, knowing about the changes of the IIS 7 architecture is just the first step to understand the changes. Those of you who are still unaware of the architectural changes you might want to check the post I wrote some time back. However, this post will attempt to bring together the changes in IIS 7 with respect to IIS Installation, Configuration, Security, IIS Manager and so on.
Note: The description is brief intended only to highlight the changes.IIS Installation:
How is it different with IIS 6 installation? Well it’s not different it’s just more customizable. IIS 7 is broken down into more than 40 modules, which, can be selected depending on the configuration you want for your server. If there is a dependency for a particular module, that will be auto-selected by the setup process. Within Windows Vista IIS 7 can be installed from Turn windows Features on\off from the control panel and from Windows Server 2008 you can install the Web Server Role through the Server Manager.
IIS Configuration System:
The configuration system within IIS 7 has evolved from the flat property description as in IIS 6 to a much structured and easier to understand. IIS 6 used Metabase.xml file within %windir%\system32\inetsrv as its configuration store. IIS 6 Metabase compatibility has been maintained but focus should be paid on the new configuration as the changes it brings can really help you get going quickly. If you are familiar with the .Net configuration system then understanding the new IIS configuration will be much easier. The new files that you should be aware of regarding IIS configuration are:
At the root (or global) level, there are two separate files:
· system32\inetsrv\applicationHost.config: Holds the global defaults for web server (IIS) settings.
· \windows\microsoft.net\framework\v2.0.50727\config\machine.config: Holds the global defaults for the .NET framework settings, including some of the ASP.NET ones (the rest of them are in the web.config at the same folder, which is sometimes called the root web.config)
Apart from this, in the web content directories, there may be optional web.config files. These can be used to control the features for their level and downwards.
Security:
IIS 6 is known for it's by default lockdown and it has done wonders for a lot of system administrators. In regard to IIS 7 a lot of changes in the security model of the web server is in direct relation to the changes of it's core architecture itself. In IIS 6, security was performed in a dual-mode when dealing with ASP. Thanks to the new integrated pipeline structure within IIS 7, authentication and authorisation is taken up just once. For a clear understanding you could refer my previous post on IIS 7 architecture.
Additionally, IIS 7 brings in the new feature of Delegated Administration. Using delegated administration you could allow changes of certain levels to non-admin users. To top it, these users could be both Windows and non-Windows (local IIS users). For example, you could now make a user, administrator for a particular web server or website. This user does not have to be the administrator of the box. How cool is that for a change!
All previous forms of Authentication schemes are support on IIS 7 with Passport Authentication being the only exception. For details on how security schemes have changed in IIS 7 read the article on IIS.Net
IIS Manager:
IIS manager is be far my favorite change in IIS 7 not that I dint like it's IIS 6 UI but this is much cooler and user friendly. IIS manager has been built into it's familiar tree view on the left hand corner. The center pane can now be used to see what is know as the "content view" and the "features view". Content view shows you the content that the selected application or the virtual directory holds and the feautres view shows the available features for that selected virtual directory. And at the right hand corner you would find this very helpful set of commands available for the selected attribute.
This was just to get you started. Hope this helps!