Performing Common Management Tasks
First of all, let’s get familiar with the IIS Manager Console. How can we start the IIS Manager? We
can load the IIS Manager in the following ways.
1. Go to Start | Administrative Tools | Internet Information Services (IIS)
Manager.
2. Go to My Computer | Manage. Select and expand IIS Manager node.
IIS manager is the primary interface to handle all Internet-related functions. We can set up
Web sites,
Site Setup
We can set up Web and FTP sites using IIS Manager. We can also configure SMTP and NNTP vir-
tual servers using IIS Manager.The WWW, FTP, NNTP, and SMTP servers can be installed manu-
ally or using scripts (unattended setup). Please follow these steps to install the components manually:
1. Navigate to Start | Control Panel | Add Remove Programs.
2. Click the Add Remove Windows Component button.
3. Select the Application Server option from the Windows Component window, and then
click Details.
4. Select IIS and click Details in the Application Server window.
5. Select the options you want to install (Web, NNTP, FTP, and SMTP).
6. Click OK and the installation process will begin.
7. You will be presented with a confirmation screen at the end of the installation process.
Let’s look closely on how to create and maintain Web, FTP, NNTP, and SMTP sites.All these
subjects will be discussed as a subsection from now on.
Setting up a Web Site
All Web sites can be created and managed in IIS Manager.This is a wizard-driven example.
Therefore, it is a simple task to create a Web site from scratch. Let’s learn the process to create a Web
site using IIS Manager.
1. Start IIS Manager (refer to the previous section on Site Setup).
2. Navigate to Web Sites node and right-click it.
3. Select New then Web Site.You should get a screen similar to Figure 26.3. (You can also
create a Web site from XML file settings.This option is commonly used to create Web
sites from a backup configuration. In most case you will be using the wizard to create a

new Web site.)
906 Chapter 26 • Managing Web Servers with IIS 6.0
301_BD_W2k3_26.qxd 5/14/04 9:52 AM Page 906
4. You will be greeted with the Welcome to the Web Site Creation Wizard. Click Next
on this screen.
5. In the Web Site Description window enter the Web site name. We will create a Web
site called “TestWebSite.”Then click Next.Your screen should be similar to Figure 26.4
6. The next screen will be the IP Address and Port Settings window. Let’s assume my
Web site domain name is www.mytestwebsite.com and it runs on port 80. Put these details
under the Host Header (please refer to Hosting Multiple Web Sites in the next section for
further details) and TCP Post this Web site should use text boxes. Let’s assume that we
don’t assign a specific IP address for this Web site.Therefore, leave the Enter the IP
address to use for this web site combo box with (All Unassigned) property. (This is
the default value.) We will not be able to refer to the Web site by its IP address if we do
not assign an IP address.This could be handy for intranet development. We rely on Host
Headers to find the site by selecting (All Unassigned) option. We also don’t need to assign
Managing Web Servers with IIS 6.0 • Chapter 26 907
Figure 26.3 Creating a New Web Site in IIS Manager
Figure 26.4 Entering the Web Site Name
301_BD_W2k3_26.qxd 5/14/04 9:52 AM Page 907
port 80 as the default port. If any port is assigned other than port 80, then we need to
change the URL to reflect that. (For example, if we run www.mytestwebsite.com on port
100, we will use www.mytestwebsitecom:100 as the URL.) After all the values are entered,
please click Next.The screen should be similar to Figure 26.5.
7. The next window is the Web Site Home Directory window (Figure 26.6).The home
directory is where the physical files of a Web site reside. All the content and executable files
are stored here.
8. Enter the path to find the ASP.NET files that associate with the Web site. In my example,
the files are found at c:\inetpub\wwwroot\testWebSite directory.Therefore, when a user
enters www.mytestwebsite.com, it will point to this directory. Microsoft strongly recom-

mends that the home directory volume is an NTFS drive. Please click the Browse button
and navigate to that folder.The Allow anonymous access to this web site flag is
checked by default. Allowing anonymous access will enable the users to navigate the site
without authenticating themselves.This is not recommended for sites with sensitive busi-
ness information. Please refer to the Configuring Authentication Settings section for further
details. Click Next to navigate to the next window.
908 Chapter 26 • Managing Web Servers with IIS 6.0
Figure 26.5 Entering IP Address and Port Settings for a Web Site
Figure 26.6 Entering the Home Directory for a Web Site
301_BD_W2k3_26.qxd 5/14/04 9:52 AM Page 908
9. The next window is the Web Site Access Permissions screen.This is a very important
screen. We can configure the access to our Web site using this screen.The Read and Run
scripts options are ticked by default.The Execute option refers to granting execute per-
mission for Dynamic Link Libraries (such as ISAPI DLLs or CGI applications) in IIS
space. Most of the business logic and interfaces to 3
rd
-party business models will be stored
as ISAPI DLLs or CGI Applications.Therefore we may need to enable Execute access to
communicate with these entities.The Write option will enable the user of the Web site to
upload/write data into the Web site’s source directories (in this case, c:\inetpub\www-
root\testWebSite directory). Finally, the Browse option will enable directory browsing on the
Web site.This option will produce a complete directory information list (files and their
attributes – size, last modified time stamp, etc.) when a user navigates to the directory.
Therefore, we can get a complete file list using a Web browser interface.This is not widely
recommended. (Since it exposes all the files and interfaces to Web site users. It will be a
large security breach if Anonymous access is also enabled.) I have selected the default
options and the screen should be similar to Figure 26.7. Finally, click Next to finish the
creation of the Web site.You will get a window confirming your creation of the Web site.
Setting up an FTP Server
The FTP site setup is similar to Web site setup. Most of the setup has the same information as the

Web site setup. FTP site will enable the user to share data with others.The users can upload data or
download data from our FTP site. Let’s learn how to create an FTP site using IIS Manager.
1. Open IIS Manager.
2. Click the FTP sites, right-click and select New.
3. Select FTP Site from the context menu. (You can also read the FTP site settings from an
XML configuration file.)
4. Click Next from the Welcome to the FTP site Creation Wizard.
Managing Web Servers with IIS 6.0 • Chapter 26 909
Figure 26.7 Entering Access Permissions for a Web Site
301_BD_W2k3_26.qxd 5/14/04 9:52 AM Page 909
5. Enter the FTP site name in the FTP Site Description window. We will name our FTP
site “TestFTPSite” and click Next.
6. Let’s enter the IP address and the port number for the Web site in the IP Address and
Port Settings window.The default port number for an FTP site is 21.You can use a dif-
ferent port number than 21. (Most corporate firewalls will open port 80 for Web and 21
for FTP access. If you change the FTP port to another number, we need to reconfigure
the firewall to let the traffic into the enterprise.The next step is to select the correct IP
address from the combo box. We will use the default (All Unassigned) for our demon-
stration.You can also assign a dedicated IP address for the FTP site.The user will use this
IP address to access the FTP site. (We are using the IP address of the IIS machine if we
leave the (All Unassigned) option selected.) The screen should be similar to Figure 26.8.
Click Next to navigate to the next window.
7. The next window is the FTP User Isolation window.This window will enable you to
configure the security settings for the FTP site.The user access for FTP server can be
managed in several ways.The default setting is that every user has access to other user
directories.This will not be a problem in many cases since a company FTP site will dis-
tribute generic information regardless of the user (e.g., enable Beta product download to
the test users).The user will have access to all files if the user is authenticated. In some
cases this model may not work. We may need to give different users to access different
information. We need to isolate users to different directories in this case. FTP user isolation

prevents users from accessing the FTP home directory of another user on this FTP site.
We can select the Isolate users to accommodate this scenario.This option uses NTFS
directory authentication to perform this task. We can also go a step further by asking
Active Directory to authenticate the user and assign an FTP home directory for the user.
This can be configured using the Isolate the users using Active Directory option. We
can also use iisftp.vbs script to perform these functions at a command line with the /iso-
lation switch.This will be discussed later in the chapter. We will stick with the default and
click the Next button. (Figure 26.9 shows the isolation options.)
910 Chapter 26 • Managing Web Servers with IIS 6.0
Figure 26.8 Entering IP Address and Port Numbers for an FTP Site
301_BD_W2k3_26.qxd 5/14/04 9:52 AM Page 910
8. The next window will enable you to enter a physical directory path where the FTP site
refers. We will put C:\Inetpub\ftproot\TestFTPSite as the physical directory for our FTP
site.This directory will be exposed to the public access.Therefore, make sure the data in
this directory is not sensitive to the organization. Click Next.
9. The Next window is FTP Site Access Permission window. The default is just read
access to users.You can also enable the Write access if the users need to upload files to the
server.This option can be helpful in some cases (for example, your sales team needs to
upload sales data to the FTP server for the weekly accounting purposes).This option will
enable users to upload malicious content to the server.Therefore, it is not recommend to
enable write access unless necessary.The screen should be similar to Figure 26.10. Click
Next and the FTP site creation process will be completed.
Managing Web Servers with IIS 6.0 • Chapter 26 911
Figure 26.9 FTP Site User Isolation Options
Figure 26.10 FTP Site Access Permissions Window
301_BD_W2k3_26.qxd 5/14/04 9:52 AM Page 911
Setting up an SMTP Server
We can also set up a virtual SMTP server using IIS Manager. SMTP servers help IIS to deliver
simple e-mail functionality to its Web sites. E-mail delivery is a common task for Web sites. We use
e-mails to transmit business information or for administration purposes (e.g., e-mail error message to

the system administrators) from our IIS components.Therefore, Microsoft included the SMTP
server to be installed with IIS 6.0. SMTP server fully supports Simple Mail Transfer Protocol and is
compatible with SMTP clients. SMTP servers use Transport Layer Security (TLS) encryption to
protect the e-mail information.The SMTP server will communicate with the Domain Name
System (DNS) to validate the recipient’s e-mail address.The sent e-mails are transferred to the drop
directory.The SMTP server will transmit all the messages in the drop directory.Therefore, other
non-IIS 6.0 applications can also send e-mail by putting the application messages in the drop direc-
tory.The delivered e-mail will be picked up from a pickup directory. Let’s learn the process to set
up an SMTP server.
1. Start IIS Manager.
2. Navigate to the correct computer and select Default SMTP Server.
3. Right-click and select New. Then select Virtual Server.
4. Enter the SMTP site name in the New SMTP Virtual Server Wizard. We will use
“TestSMTPServer” for our demonstration. Click Next.You should have a screen similar to
Figure 26.11.
5. Select the correct IP address settings from the Select IP Address window. We will select
127.0.0.1. Click Next.
6. Select a home directory for the virtual server by using the Browse button of the Select a
Home Directory screen. We will refer to C:\Inetpub\mailroot\Mailbox for our home
directory. Non-IIS 6.0 applications can also use the SMTP server to send e-mail.
Therefore, it is a good practice to have general access to the home directory. (It shouldn’t
have any restricted NTFS permissions on it. It shouldn’t be an OS drive to make generic
mail access from other applications.) Click Next.
912 Chapter 26 • Managing Web Servers with IIS 6.0
Figure 26.11 Entering the Name of the SMTP Virtual Server
301_BD_W2k3_26.qxd 5/14/04 9:52 AM Page 912
7. Enter the domain name of the SMTP server at the Default Domain window and click
Finish. You will get a message to confirm the creation of the server.
Setting up an NNTP Server
The Network News Transfer Protocol (NNTP) server helps the IIS 6.0 server to facilitate discussion

group functionalities.The IIS setup creates an NNTP server by default. Let’s try to create a new
NNTP server.
1. Load IIS Manager.
2. Navigate to the correct computer and select Default NNTP Server.
3. Right-click and select New. Then select Virtual Server.
4. Enter the NNTP site name in the New NNTP Virtual Server Wizard. We will use
“TestNNTPServer” for our demonstration. Click Next.The screen should be very similar
to the initial SMTP screen.
5. Select the correct IP address settings from the Select IP Address window. We will select
127.0.0.1.You also need to provide a different port number for each NNTP server.The
common port number associated with NNTP servers is 119.You can also use another port
number. We will use 1001 for this demonstration.You can also have multiple NNTP
servers.The best practice is to use different IP addresses for each NNTP site. If a lot of IP
addresses are not available, then we can use multiple port numbers on a single IP address.
Click Next. The screen should be similar to Figure 26.12.
6. The Next screen will be to select a home directory for the NNTP virtual server. We will
select C:\Inetpub\nntpfile\root as our home directory. Click Next.
7. The next window is Select Storage Medium.This option will enable us to choose
between File System and Remote Share.This is where the news messages are stored.
The File System option will enable the user to store the news content on the local
Managing Web Servers with IIS 6.0 • Chapter 26 913
Figure 26.12 Entering IP Address and Port Numbers for NNTP Server
301_BD_W2k3_26.qxd 5/14/04 9:52 AM Page 913
machine.The Remote Share option will enable it to be stored remotely. We need to
know the machine name and user details (i.e., user name and password details) in order to
store news content remotely. We will select the default File System option.The screen
should be similar to Figure 26.13. Click Next.
8. The next screen will enable you to define the physical directory in which the messages are
going to be stored. Click the Browse button and navigate to the directory. We will use
C:\Inetpub\nntpfile\drop as our file system location. Click Finish to create the NNTP

virtual server.You will get a message to confirm the creation of the server.
Common Administrative Tasks
We have learned to install Web, FTP, NNTP, and SMTP servers. Now we are in a stage to practice
our knowledge and dive further into the IIS 6.0 world. Let’s concentrate on learning some common
administrative tasks now.
Enabling Web Service Extensions
Web Service Extensions is a new feature in IIS 6.0.This utility will give a Control Panel-like function-
ality on your IIS components. We will be able to allow, prohibit, or change the properties using this
tool.This will also enable you to add new IIS extensions (ISAPI applications and 3
rd
-party IIS tools) to
the IIS 6.0 server.You can also enable or disable All Web Service Extensions by using this manage-
ment console. Here is a list of components the Web service extensions can enable or disable.
■
ASP.NET executions
■
ASP executions
■
CGI and ISAPI Applications
■
Front Page Server Extensions 2000 and 2002
■
WebDAV support for IIS directories
914 Chapter 26 • Managing Web Servers with IIS 6.0
Figure 26.13 Selecting a File System for NNTP Server
301_BD_W2k3_26.qxd 5/14/04 9:52 AM Page 914
We can get to the Web service extensions by using Start | Administrative Tools | IIS
Manager and clicking on Web Server Extensions node on a selected server name. Figure 26.14 is
similar to a default view of the Web service extensions window.
Creating and Working with Virtual Directories

Creating virtual directories is a simple task in IIS 6.0. A virtual directory is a reference to an existing
directory by a Web or FTP site. We can get access to the subdirectories from a root Web or FTP
directory. Sometimes we need to go beyond the root directory access information to process a Web
request. We use virtual directories to remedy these scenarios. (For example, we can store all the images
file in a large shopping catalogue in one directory.Then we can point multiple Web servers to access
this images directory as a virtual directory. It will be low maintenance to modify one images directory.)
The Web or FTP site will be able to refer to this directory as it exists within its directory structure
(even if it physically exists out of its directory structure). One of the limitations will be the Web site
deployment to a new server. Because the virtual directory is not a physical subdirectory (under the
home FTP or Web directory) we simply cannot copy and paste the files to the new server. We also
need to configure the virtual directories manually. Here is the process to create a virtual directory for a
Web site. (The FTP server virtual directory creation process is very similar to this.)
1. Open IIS Manager.
2. Select the server and right-click on the Web site.This will be the Default Web Site for
our demonstration purposes.
3. Select New | Virtual Directory.The screen should be similar to Figure 26.15
Managing Web Servers with IIS 6.0 • Chapter 26 915
Figure 26.14 Web Service Extensions View
301_BD_W2k3_26.qxd 5/14/04 9:52 AM Page 915