IIS7 in Windows Server 2008 R2

Windows Server 2008 R2 includes new additions to the IIS7 Web server, adding fit, finish, and a few extras to the best IIS platform ever.

For the last year and a half, the IIS product team has been working hard on building IIS extensions on top of the IIS7 platform, releasing betas, RCs and RTWs that add new support for optimizing media hosting, web content publishing, site and server administration, deployment and migration, and request handling.  We would not be able to innovate and build production-ready, fully supported MS software in 12-18 months like this without the architectural changes we introduced in IIS7 in Windows Server 2008. Now with Windows Server 2008 R2, we have added some improvements, fit and finish to that IIS7 platform. 

Highlights of the main IIS7 improvements in the Windows Server 2008 R2 Beta today:

Integration of Content Publishing Extensions (FTP, WebDav) into the Windows Server OS
We started development on a complete rewrite of the FTP server and our WebDav implementation well before the Windows Server 2008 release. Early last year, we released the new FTP Publishing Service as a Web download for Windows Server 2008 with features like secure publishing of content using FTPS, IPv6 support, integrated management of FTP/HTTP sites using IIS Manager, and more powerful logging and authentication support. Like all of our extensions, the FTP Publishing Service for Windows Server 2008 is fully supported by Microsoft product support with rich forum support provided by expert users and our own product team. What we have done in Windows Server 2008 R2 is to integrate the FTP Publishing Service into the server OS.

From a customer perspective, that means:

    1. With the FTP Publishing Service installed on Windows Server 2008, you had to uninstall the old FTP server before installing the new one, which is a complete replacement of the old and outdated FTP. With Windows Server 2008 R2, you can install the new FTP server as part of the IIS component install. The IIS setup will replace your old FTP server and even upgrade the new IIS7 FTP publishing service if you have installed it on Windows Server 2008.
    2. You can take advantage of bug fixes that we have made since the release of the FTP Publishing Service in February 2008.
    3. You can use newly added extensibility for authentication, logging, authorization and the home directory that will be documented on MSDN.

We will also ship an updated FTP Publishing Service for Windows Server 2008 for Web download on www.iis.net in May 2009 so that those customers can also take advantage of the bug fixes and extensibility. In other words:

(Web May 2009 release of FTP Publishing + Windows Server 2008) == (FTP Publishing feature in Windows Server 2008 R2)

With the following exception:

FTP Publishing Server for Windows Server 2008 is always installed with a Web download, whereas FTP is now integrated into setup for Windows Server 2008 R2 and later.

Same thing with WebDav, which released in July 2008. WebDav for Windows Server 2008 provided a brand new implementation (to spec) of the WebDAV extension to the HTTP protocol. We have included WebDav in the setup/installation for Windows Server 2008 R2, which means that you can install WebDav as part of Windows Server 2008 R2 setup. The big new feature for WebDav is support for locks. We will also ship a new version of WebDav for Windows Server 2008 that has locking -- look for this release in May 2009 as well. Same model applies:

(Web May 2009 release of WebDav + Windows Server 2008) == (WebDav Publishing feature in Windows Server 2008 R2)

With the following exception:

WebDav for Windows Server 2008 is always installed with a Web download, whereas WebDav is now integrated into setup for Windows Server 2008 R2 and later.

Integration of Administration Pack Extension into the Windows Server OS
We integrated the functionality of the IIS7 Administration Pack into the Windows Server 2008 R2 installation, which provides customers with:

  1. Integrated administration support in IIS Manager for the ASP.NET authorization, custom errors, FastCGI, and Request Filtering features. 
  2. Configuration Manager, which gives you a visual editor for managing the IIS7 configuration system. If you want to check it out, Carlos Aguilar Mares, our IIS Dev Manager, wrote a comprehensive blog on the Config Editor's capabilities. My favorite part of Configuration Editor is the script generation functionality -- comes in very handy with demos! :-)

We didn't incorporate the IIS Reports feature into the Windows Server OS, so if you need that particular functionality, you can use it as part of the Web download IIS Administration Pack. As with our usual policy, we will be releasing an update of the IIS Administration Pack for Windows Server 2008 users with the bug fixes and other changes that you see in Windows Server 2008 R2 (except for the setup integration).

The Administration Pack for Windows Server 2008 will release by Windows Server 2008 R2 general availability to keep on par with the Administration Pack functionality in the Windows Server 2008 R2 release.

New IIS7 PowerShell Provider and Commandlet Support in Windows Server 2008 R2
The IIS PowerShell provider, also downloadable for Windows Server 2008, lets users manage IIS, ASP.NET and custom configuration using the PowerShell programming environment. Yes, it's true -- we have IIS:/> for the PowerShell users out there. With our PowerShell support, we have implemented three levels of support:

  1. PowerShell provider: Use the provider if you are familiar with the IIS configuration system and want to adminster config directly in the PS programming environment.
  2. Low-level commandlets: Use our collection of low-level commandlets to manage every IIS setting if you want this level of fine-grained control.
  3. Task-oriented commandlets: Use our many task-oriented commandlets to manage websites (ex: New-WebSite to create a site), backup and restore web server configuration, and other common tasks.

With the integration into Windows Server 2008 R2, you can install the PowerShell provider and 60+ commandlets using Windows Server setup. 

As with FTP and WebDav:

(summer 2009 Web release of PowerShell + Windows Server 2008) == (PowerShell feature in Windows Server 2008 R2)

With the following exception:

PowerShell for Windows Server 2008 is always installed with a Web download, whereas PowerShell is now integrated into setup for Windows Server 2008 R2 and later.

Check out Thomas Deml, Group Program Manager and PowerShell guru's blog, for more information about our PowerShell support (http://blogs.iis.net/thomad).

Rich Application Hosting on Server Core
With Windows Server 2008 R2, you can host ASP.NET applications on IIS installations running Server Core. ASP.NET/CLR did some work to refactor and make sure that the managed code environment for ASP.NET pages could work on Server and voila! We have support for not just images, media, PHP, and classic ASP pages on Server Core but also ASP.NET applications.

The PowerShell 2.0 release in Windows Server 2008 R2 handles remote management now, which comes in handy with Server Core installations and our new IIS7 PowerShell provider. So not only can you host all your apps on IIS with Server Core, it is also much easier to administer them locally and remotely using our new IIS PowerShell provider and commandlets. For overall PowerShell mojo, check out the Windows PowerShell blog.

Improvements to FastCGI Support
IIS7 supports PHP hosting through our FastCGI implementation, which we substantially overhauled and improved in IIS7. Enhancements for PHP support on Windows Server 2008 R2 include:

  1. Support in IIS Manager for administering FastCGI settings. 
  2. Automatic recycling of php-cgi.exe whenever php.ini changes. In this release, IIS monitors changes to a file for each process pool and recycle FastCGI process for the process pool when a change to the file is made. By default, this feature is turned off. If you turn it on (by setting a property in the user interface), you can specify a file path to monitor changes. 
  3. FREB support for FastCGI, so you can troubleshoot PHP and other FastCGI-compliant apps more effectively.
  4. MaxInstance is now dynamic -- if maxInstance is set to 0, IIS automatically detects the system load and adjusts the maxInstances count. This allows us to optimize performance for our PHP support.
  5. New support for controlling FastCGI error behavior based on specific errors.

IIS Core Changes
We have also made a number of changes to our core IIS7 platform, based on customer request and our own development experience for extensions using the IIS7 platform:

  1. Support for custom tracing in the configuration system. This new feature will come in handy for troubleshooting config.
  2. The ability to audit or trace configuration changes through configuration polling -- this was a request from our hosters in particular who want to monitor changes to the configuration system by their customers.
  3. Support for ASP.NET to support different CLR versions (for example, CLR 4.0). With multiple versions of the CLR in use, this feature is important for developers to be able to switch versions. We have also backported this functionality to Windows Server 2008 SP2.
  4. Better control over application pools with the ability to set the CLR setting per application pool and to monitor performance with new Application Pool performance counters.
  5. Delegateable custom errors, which was a top request from developers to be able to change custom errors locally or remotely as a non-server admin.
  6. IPv6 support for IP restriction list.
  7. More fine-grained control over request filtering, specifically for query strings to help prevent SQL injection attacks on applications hosted on the server. Request filtering also now supports request-specific rules so that SQL Injection rules apply to specified requests only.
  8. Nego2 support, which will allow for built-in support of LiveID providers, FedSSP, and more granular Kerberos/NTLM enablement.
  9. Support for Managed Service Accounts for domain accounts that don't require a password.
  10. AppPool identity support -- this one calls for a whole separate blog posting, so stay tuned for that.
  11. Support for application pool warm-up for large applications that want to "prime" an application pool for better performance on the intial request.

IIS Best Practice Analyzer
Windows Server 2008 R2 introduces a new feature in Server Manager called the Best Practice Analyzer. The BPA provides a single console experience within Server Manager to manage best practice rules for configuration across different server roles, like Exchange, AD, and IIS. In Server Manager, you can run the BPA against some IIS rules that focus on best practices for security and performance -- for example, checking to make sure that basic authentication is not enabled without SSL. This list of BPA rules for IIS is not exhaustive by any means but it does give a good core set of guidance to get started. We will also be updating and increasing the rule set automatically through Server Manager. Note that this functionality lives in Server Manager only, and is not hosted in IIS Manager.    

And of course, we have fixed bugs along the way.

Your feedback helped us refine IIS7, which is the best Web server platform yet. You can download the Windows Server 2008 R2 beta today here. A nice way to bring in 2009!

Thanks for reading,

Mai-lan

15 Comments

  • Just a note on PowerShell... The proper use for PowerShell commands is "cmdlets" vs "commandlets". PowerShell is a very powerful scripting and automation tool, and works great for managing IIS. Alone, it is also more appropriate to name it "the IIS PowerShell snapin". A snapin provides the provider and cmdlets extending PowerShell's functionality.

  • Thank you for this i have been looking how to do all night lol

  • So, does this mean that there'll be more documentation of how to run multiple ftp sites WITH MEMBERSHIP AUTHENTICATION? Because one article on learn.iist.net on how to do it for the default website isn't really enough.

  • "11. Support for application pool warm-up for large applications that want to "prime" an application pool for better performance on the intial request."

    This sounds like a great thing for SharePoint - recycle my app pool and warm the cache - do you know if there are any issues with IIS7.5 and MOSS2007?

  • Mai-Ian, great post!

    Looking forward for learning more about the new AppPool identity support.

    Martin Kulov
    www.kulov.net

  • The FTP thing is nice.  I don't see anything about being able to install IIS on something other than C: though.  This is a huge problem for a lot of people....

  • Hi, folks: I wanted to reply to a few of the comments posted to this blog entry...

    Marcoshaw: Thanks for the clarification on the terminology. You are right about the snap-in terminology. We made sure that we are consistently using the right terminology through our documentation (http://learn.iis.net/page.aspx/447/managing-iis-with-the-iis-70-powershell-snap-in/).

    Anonymous about FTP Membership Auth support: I passed along the feedback to FTP guru Rob McMurray, who loooves to talk about FTP. :-) I will cross-link when some more content is available.

    Anonymous about app pool warmup: Yes, this feature targets apps like SharePoint that would benefit from the initial warm-up. SharePoint doesn't make use of it in Sharepoint 2007. SharePoint versions target the OS currently in the market, so one version downlevel from WS/IIS. I haven't heard anything about issues between the two, but it's a good question to ask the SharePoint folks. http://blogs.msdn.com/sharepoint/

    Kulov: Thanks! Either Thomas Deml or I will add more about the AppPool identity change.

    Anonymous about install: I hear the pain on not being able to install on anything other than c. We depend on CBS (Windows Server setup platform) for our OS setup, so this is unfortunately not something that we can fix at our layer.

    Thanks all for writing!

    Mai-lan



  • One additional note: You can also install IIS to the c:\ drive and then use Thomas' nifty script to move it.

    http://blogs.iis.net/thomad/archive/2008/02/10/moving-the-iis7-inetpub-directory-to-a-different-drive.aspx

  • Hi
    I have a problem on creating an App pool from existing one on IIS 7 for windows server 2008, what I’m trying to do is to create a new app pool from an existing one as we have it before in IIS 6 for windows server 2003
    I tried many ways but the thing I couldn’t find HOW!!!

  • Hi, I am trying to find more information on how I can add support for this feature in my application:
    "11.Support for application pool warm-up for large applications that want to "prime" an application pool for better performance on the intial request."

    Can you give me som link to more information on this feature ? Thanks!

  • I am tryin gto install the WebDav extensions for IIS 7.5 Windows 2008 R2 RC. The webdav installer fails . It states that IIS 7.0 "must be installed".

    I am required to have Web Dave for SCCM 2007 R2. The installers "webdav_x64_75" and "webdav_x64_rtw" both fail.

    Any ideas how to solve this?

    Thanks in advance

  • Hi, TeakWoodKit: WebDAV is actually part of IIS 7.5 in Windows Server 2008 R2. The install fails because it's built into the Web server as one of the features. If you have WS 2008 R2, you have WebDav. If you are working with IIS7 on Windows Server 2008, you will need to install WebDav as a Web download.

    Thanks,
    Mai-lan

  • Yes

    This is a great post about iis web entry!
    Some web hosting who can support IIS7 can be found at

    http://www.webhost4lifereview.com/microsoft-iis-7-web-hosting/

    Best Regards,

  • You say "We didn't incorporate the IIS Reports feature into the Windows Server OS, so if you need that particular functionality, you can use it as part of the Web download IIS Administration Pack."

    You cannot install the 7.0 Administration Pack on R2, how do we get the IIS Reports on R2?

    Am I missing something? Thanks,

    -Nino

  • "We didn't incorporate the IIS Reports feature into the Windows Server OS, so if you need that particular functionality, you can use it as part of the Web download IIS Administration Pack. "

    Are you referring to IIS7 on 2008 and not IIS7.5 on R2 right? Because I cannot find this feature anywhere and obviously you cannot install the admin pack for IIS7 on R2 ??

Comments have been disabled for this content.