Data Centers

Administer older versions of IIS with IIS 5.0

To run a mix of IIS 5.0, 4.0, and 3.0, you don't have to do the same tasks on each version with different tools. Brien Posey shows you how to administer all versions of IIS from IIS 5.0.


Those of you who have IIS 3.0 or 4.0 servers on your network, but also have an IIS 5.0 server, can use IIS 5.0’s Internet Service Manager console to manage your older servers. If you’ve already begun making the transition to IIS 5.0, performing all your IIS server management through a single console can make your life easier because doing so centralizes server administration.

Even if you haven’t yet made the jump to IIS 5.0, you can set up a Windows 2000 Server with a default installation of IIS. By doing so, you can learn to use the Internet Service Manager at your own pace, by using it to administer an already familiar Web site. If you get stuck and don’t know how to perform a specific task through IIS 5.0, you can always bring up your old IIS management tool to get the job done.

Author’s note
For this article, I’m going to assume that you’ve never used IIS 5.0 or the Internet Service Manager before. The techniques I’ll describe won’t allow you to manage Windows .NET services running IIS 6.0 from an IIS 5.0 console. If you do happen to have an IIS 6.0 machine, you can use IIS 6.0 to manage IIS 6.0, 5.0, 4.0, and 3.0 machines in a manner very similar to what I’ll describe here.

Connecting to the older server
To start the administration process, go to your Windows 2000 Server and load the Internet Information Services console by selecting the Internet Service Manager command from the Administrative Tools menu. If this command doesn’t exist on the menu, IIS may not be installed on the server. You can install IIS by opening the Control Panel and double-clicking on the Add/Remove Programs icon. In the Add/Remove Programs window, click the Add/Remove Windows Components button to start the Windows Components Wizard. Select the Internet Information Services (IIS) check box, click Next, and follow the prompts to install IIS.

Once you’ve installed IIS on your Windows 2000 machine, open the Internet Information Services console by selecting the Internet Services Manager command from the Administrative Tools menu. When the console opens, you’ll see that the left side of the console tree displays the current server beneath the Internet Information Services root.

Right-click on the Internet Information Services root and select the Connect command from the resulting context menu. You’ll be asked for the computer name to connect to. Enter the name or IP address of the older IIS server. You’ll see the older IIS server appear in the server list beneath the Internet Information Services root, as shown in Figure A.

Figure A
Use the Connect command to add an older IIS server to the console tree.


You can use the Connect command to attach to as many IIS 3.0, 4.0, and 5.0 servers as you want. Notice in Figure A that there is an asterisk next to the server cartman. The asterisk indicates that this is the local server. Also notice that the icons used by the two servers are different. The icon has nothing to do with server version, but rather with whether or not the server is local.

Creating a custom console
If you have lots of IIS servers, you can manage all of them through a single console session. Unfortunately, when you close the Internet Services Manager, your changes will disappear without giving you a chance to save them. You can, however, create a custom console that will give you easy access to all of your IIS servers by creating a custom MMC.

Enter the MMC command at the Run prompt. An empty Microsoft Management Console will appear. Next, select the Add/Remove Snap-In command from the Console menu. You’ll see the Add/Remove Snap-In properties sheet. Click Add on the properties sheet’s Standalone tab. You’ll see a list of all of the available snap-ins. Select the Internet Information Services snap-in and click Add, Close, and then OK.

You will have opened an editable version of the Internet Services Manager, as shown in Figure B. At this point, connect to your IIS servers in the manner that I showed you earlier. The console should contain an entire list of servers, as shown in Figure C.

Figure B
The editable version of the Internet Services Manager


Figure C
You can create a console capable of managing all of your IIS servers.


When you’re finished attaching to servers, select the Save As command from the console menu and save the console to your desktop or another handy location. You’ll have a desktop icon (assuming that you saved it to the desktop) that you can use to instantly manage any of your IIS servers.

Managing an IIS 4.0 server
Now that you know how to get to an older IIS server through the IIS 5.0 management console, let’s take a look at the actual process of managing an IIS 4.0 server through the new interface. IIS is a large application, and I can’t fit the entire IIS management guide into one article. I’ll show you what’s different between the two management interfaces. The vast majority of the configuration options are identical. In fact, if you’ve been using IIS 4.0, you should find yourself right at home in IIS 5.0.

The server properties sheet
If you right-click on the IIS server name and select the Properties command from the resulting window, you’ll see the server’s properties sheet. At first glance, the properties sheets seem to be identical, but they have some subtle differences. For example, in the Computer MIME Map section, the button is labeled File Types in IIS 4.0, and Edit in IIS 5.0. Clicking this button has the same effect in both versions.

At the top of the server properties sheet is a drop-down list that allows you to configure the default attributes for the FTP service and for the WWW service. If you click Edit after selecting either service, you’ll see a Properties sheet. The IIS 3.0 Admin tab that existed in IIS 4.0 has been replaced by a Service tab in IIS 5.0. The actual contents of the tabs are the same.

FTP site properties
If you right-click on the Default FTP Site (or any other FTP site), and select the Properties command from the resulting context menu, you’ll see the FTP site’s properties sheet. At first glance, the properties sheets appear to be identical on IIS 4.0 and IIS 5.0, but there are some differences.

If you select the FTP Site tab and look at the Active Log File Format section, you’ll see that both versions offer logging in the Microsoft IIS Log File Format, ODBC Logging, and W3C Extended Log File Format. However, if you select either Microsoft IIS Log File Format or W3C Extended Log File Format, and click the Properties button, you’ll notice some differences between the two versions.

Both IIS Logging and W3C logging have the option of performing hourly logging when using the IIS 5.0 console. This option is unavailable when you’re using the IIS 4.0 console. Also, W3C logging has an option available through the IIS 5.0 console for using local time for file renaming and rollover. This option is unavailable in the IIS 4.0 console. Figure D shows the W3C logging screen as seen through IIS 4.0 and Figure E shows the same screen in IIS 5.0’s console.

Figure D
The W3C Logging screen as seen through the IIS 4.0 console


Figure E
The W3C Logging screen as seen through the IIS 5.0 console


You’ll find another subtle difference on the FTP properties sheet on the Security Accounts tab. When you look at this tab through IIS 4.0, you see an Enable Automatic Password Synchronization check box. The functionality is the same, but the IIS 5.0 management console has renamed this check box Allow IIS To Control Password.

Default Web site properties
If you right-click on the Default Web site (or any Web site), and select the Properties command from the resulting context menu, you’ll see the Web site’s properties sheet. Like the FTP properties sheet, there are some slight differences between the two console versions.

The first set of differences is found on the properties sheet’s Web Site tab. At the bottom of the tab, you’ll see the Active Log File Format section. The same differences between the two versions exist here as in the FTP logging section.

Another difference is that in the IIS 5.0 console, the Web site tab contains an HTTP Keep-Alive check box that didn’t exist in the IIS 4.0 console. This option allows a client to keep a session open rather than having to establish a new session with each request. If you need to control the HTTP Keep-Alive option in IIS 4.0, you can find it on the Performance tab of the IIS 4.0 console rather than on the Web site tab. The HTTP Keep-Alive option is enabled by default, and I recommend leaving this option enabled; disabling it will usually degrade performance.

This leads me to another difference. The IIS 5.0 management console’s Performance tab contains an Enable Process Throttling and an Enforce Limits check box that don’t exist in the IIS 4.0 management console. These check boxes are grayed out, and there is no way to activate them because IIS 4.0 Server doesn’t support these features.

Perhaps the tab on the Web site properties sheet that’s the most different between the two management consoles is the Home Directory tab. This tab contains all the same options in both versions, but these options are presented quite differently. For example, in the IIS 4.0 console, the permissions are divided into Access Permission and Content Control sections. In IIS 5.0, these sections don’t exist; all permissions have been grouped together.

Some of the permission names have been changed as well. The Directory Browsing Allowed permission has been shortened to Directory Browsing. Log Access has been changed to Log Visits. And the Index This Directory permission has been renamed Index This Resource.

The tab’s Application Settings section has changed, too. The permissions in this section were controlled by radio buttons in the IIS 4.0 management console, but are controlled by the Execute Permissions drop-down list in the IIS 5.0 management console, to save space.

The Run In Separate Memory Space (Isolated Process) check box has been replaced with the Application Protection drop-down list. This list contains the options Low (IIS Process) and High (Isolated Process). Selecting the High (Isolated Process) option is equivalent to selecting the IIS 4.0 Run In the Separate Memory Space (Isolated Process) check box (see Figure F and Figure G).

Figure F
The default Web site’s Home Directory tab as seen through the IIS 4.0 console


Figure G
The default Web site’s Home Directory tab as seen through the IIS 5.0 console


The last tab with significant differences is the Web site’s properties sheet’s Directory Security tab. The Anonymous Access And Authentication Control section and the IP Address and Domain Name Restriction sections are identical in the two versions. What’s different is that the IIS 4.0 management console contains a Secure Communications section with a Key Manager button. This button is used to associate an SSL certificate with the Web site.

Although the IIS 5.0 management console does have a Secure Communications button, all the buttons in the section are grayed out because of an incompatibility in the way the two versions of IIS handle certificates. If you want to use SSL certificates on an IIS 4.0 Server, you’ll have to configure them through the IIS 4.0 management console. Figure H and Figure I show the differences between the Directory Security tabs in the two versions of the management console.

Figure H
The default Web site’s Directory Security tab as seen through the IIS 4.0 management console


Figure I
The default Web site’s Directory Security tab as seen through the IIS 5.0 management console

Editor's Picks