Archives

Archives / 2007

  • List of registry keys affecting IIS7 behavior

    4 Comments

    Few months ago, I fired procmon and collected all the registry keys IIS7 processes read. I then gathered the information about these registry keys from different people in the team and also collected available information on the internet. I have been sitting on this information for quite a while hoping to make it complete and finally I got enough time during this holiday period to finish this. Below is what all I could gather. Keys affecting FTP/FTP7 and Asp.Net are not included in this article. There are few IIS7 keys omitted from this list either because I couldn’t think of why people would like to change it or because we don’t want to people to modify those. If you see any information missing or incorrect as per your knowledge, please send me a message.

    Common (keys read by many parts of IIS)

    1. HKLM\SOFTWARE\Microsoft\InetStp\Configuration\MaxWebConfigFileSizeInKB (REG_DWORD)
    Nativerd.dll uses the value of this registry key to determine the maximum allowed size (in KB) of web.config files. Configuration system will produce error “Cannot read configuration file because it exceeds the maximum file size” if it encounters a web.config larger than this size. Configuration system assumes a default value of 250 (100 in Vista RTM). Changing the value of this key will require a process restart.

    2. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\LastPriorityUPNLogon (REG_DWORD)
    This registry key switches the order in which IIS processes try to do a user logon.  Default value is 0 (false) which means UPN logon is not last priority. IIS uses the UPN format first and then the “domain” and username” fields.  Setting this key to non-zero switches it so that IIS uses domain and username first and then the UPN logon.

    3. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\UserTokenTTL (REG_DWORD)
    This key controls how long IIS will cache a user token before releasing it and recreating it (as needed). Default value is 900 (seconds). This key is used by token cache module in worker process and also by WAS. Read more about it here.

    WAS

    4. HKLM\System\CurrentControlSet\Services\WAS\Parameters\ConfigIsolationEnabled (REG_DWORD)
    Default value of this key is 1 (configuration isolation enabled). Setting this registry to key to 0 will disable configuration isolation and worker process will try to read applicationHost.config directly. Any value other than 0 or 1 is assumed as default value. If you disable configuration isolation, you might need to change ACLs of %windir%\system32\inetsrv\config folder to grant worker process read access to applicationHost.config. As configuration isolation feature is not available in Vista RTM, this key is not valid on it.

    5. HKLM\System\CurrentControlSet\Services\WAS\Parameters\ConfigIsolationPath (REG_SZ)
    This regkey dictates the folder path where temp apppool config files are created by WAS. Default value of this key is %systemdrive%\inetput\temp\apppools. If you change this location make sure that LocalSystem has full access to the folder. This is not valid on vista RTM as the configuration isolation feature is not available.

    6. HKLM\System\CurrentControlSet\Services\WAS\Parameters\AlwaysLogEvents (REG_DWORD)
    If WAS detects an invalid object for some reason, it doesn’t allow object to log errors.  This registry switch allows users to see these errors. Default is 0 which means WAS won’t log events. Any non-zero value enables logging.

    7. HKLM\System\CurrentControlSet\Services\WAS\Parameters\UseSharedWPDesktop (REG_DWORD)
    Read about it here.

    IISADMIN

    8. HKLM\System\CurrentControlSet\Services\IISADMIN\Parameters\EnableABOMapperLog (REG_DWORD)
    This registry key can be used to enable ABOMapper logging. When set to 0 (default value), ABOMapper doesn’t log any information. When set to non-zero value, a log is created as %windir%\system32\abomapper.log and ABO will spew debug information in this file. You need to restart iisadmin after you change this key. http://support.microsoft.com/kb/931208 has more information about it.

    9. HKLM\System\CurrentControlSet\Services\IISADMIN\Parameters\LazyWriteTime (REG_DWORD)
    This registry key can be used to make ABOMapper buffer the configuration changes for sometime before it commits the changes to disk. Default value of this registry key is 0 which means lazy writer is OFF by default. Setting this key to value greater than 0 turns on Lazywriter with the lazy write time equal to the time set in the registry (interpreted as number of milliseconds).

    W3WP

    10. HKLM\System\CurrentControlSet\Services\W3SVC\Parameters\ConfigPollMilliSeconds (REG_DWORD) (not there in vista rtm)
    Default value of this key is 0 (disabled) which means configuration system will rely on change notifications for tracking changes to configuration files. Positive value of this key means configuration system will check configuration file last modified time every N milliseconds to find changes to configuration files and will not use directory monitors.

    11. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\ObjectCacheTTL (REG_DWORD)
    This regKey is used by both user mode file cache and kernel mode output cache. Both these caches run a scavenger every ObjectCacheTTL seconds. Read more about it here.

    12. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\DisableMemoryCache (REG_DWORD)
    When this regKey value is set to non-zero, file cache is disabled. By default value of this key is assumed to be 0 and file cache is enabled. Read about it here.

    13. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\MaxCachedFileSize (REG_DWORD)
    This regKey is used by file cache to determine maximum size (in bytes) of file which can be cached. Any file of size greater than this value is not cached. Default value of this key is 256KB. Read more about it here.

    14. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\MaxCachedFileSizeInMB (REG_DWORD)
    MaxCachedFileSize which is the max size in bytes cannot be set to greater than 4GB. You can use MaxCachedFileSizeInMB instead to set max file size to cache greater than 4GB. If both MaxCachedFileSizeInMB and MaxCachedFileSize is defined, effective max cached file size is sum of both these values. As default value of MaxCachedFileSize is 256KB, defining only this regKey will increase effective max size by 256KB. Default value of this regKey is 0.

    15. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\MemCacheSize (REG_DWORD)
    This regKey dictates maximum amount of memory which will be used by file cache in a worker process. Default value of this regKey is 0 which means cache size is determined dynamically by looking at available physical memory and total virtual memory. When set to 0, value is adjusted every ObjectCacheTTL seconds. Read about it here.

    16. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\MaxOpenFiles (REG_DWORD)
    File cache caches a maximum of MaxOpenFiles number of files. Default value is 0 which means no limit.

    17. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\DoDirMonitoringForUnc (REG_DWORD)
    By default file cache doesn’t use change notifications for UNC files. Setting this regKey to 1 enables directory monitoring for UNC paths. Read more here.

    18. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\FileAttributeCheckThreshold (REG_DWORD)
    File cache checks last modified time of UNC files every FileAttributeCheckThreshold seconds to detect file changes. Default value of this key is 5 (seconds). Read about it here. User mode and kernel mode output caches also uses this key to determine how long output of files which have virtual file mapping (handler configured with resourceType=Unspecified) should stay in response cache.

    19. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\FlushTokenCache (REG_DWORD)
    Token cache module registers for a change notification for this key and as soon as this is set to 1, it flushes the token cache. You should set this back to 0 after changing to 1. Read more about it here.

    20. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\HttpResponseCacheTTL (REG_DWORD)
    This regKey defines http.sys response cache TTL whose default value is 900 (seconds).

    21. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\OutputCacheTTL (REG_DWORD)
    User mode output cache uses value of this regKey as TTL. Default is 30 (seconds). A scavenger is run every TTL seconds to remove content from the cache as needed.

    22. HKLM\System\CurrentControlSet\Services\W3SVC\Parameters\EnableTraceMethod (REG_DWORD)
    This regKey is read by protocol support module (protsup.dll). Trace verb is enabled only if this registry key is set to a non-zero value. If this key is not set or is set to 0, trace requests are returned as 404. Read more here.

    23. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\DigestPartialContextCacheTTL (REG_DWORD)
    First time when client connects to a site that requires digest authentication, it will receive an initial challenge. This initial challenge is based on the partial security context which needs to be kept around for the client to be able to finish the digest auth handshake. DigestPartialContextCacheTTL regKey allows you to set the timeout value which controls how long IIS should keep partial contexts around. Read more about it here.

    24. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\DigestContextCacheTTL (REG_DWORD)
    After successful digest auth handshake full security context can be kept around but eventually upon inactivity full security contexts have to be flushed. DigestContextCacheTTL controls how long full security contexts should be stored. Read more here.

    25. HKLM\System\CurrentControlSet\Services\W3SVC\Parameters\DontFlushCachedIsapiResponses (REG_DWORD)
    Default value of this key is false. When set to non-zero, ISAPI module calls SetKernelInvalidatorSet. Read about it here.

    26. HKLM\System\CurrentControlSet\Services\W3SVC\Parameters\ForwardServerEnvironmentBlock (REG_DWORD)
    CGI handler uses this key to determine if it should forward all the environment variables defined in the worker process are to CGI process or not. Default is true. Setting this regKey to 0 will make CGI handler to not forward environment block to CGI.

    27. HKLM\System\CurrentControlSet\Services\W3SVC\Parameters\MaxConcurrentCgisExecuting (REG_DWORD)
    This key is used by CGI handler to determine maximum number of CGIs that can execute concurrently. Default value of this is 256. Read more about it here.

    28. HKLM\System\CurrentControlSet\Services\W3SVC\Parameters\DoNotKillCgiOnRequestEnd (REG_DWORD)
    Default value is false. You can set it to true to tell CGI handler to not kill the processes on request end.

    ASP

    Registry keys listed below are used by ASP ISAPI. Details on all these regKeys can be found here.

    29. HKLM\System\CurrentControlSet\Services\ASP\Parameters\F5AttackDetectionEnabled (REG_DWORD)
    30. HKLM\System\CurrentControlSet\Services\ASP\Parameters\HangDetRequestThreshold (REG_DWORD)
    31. HKLM\System\CurrentControlSet\Services\ASP\Parameters\HangDetThreadHungThreshold (REG_DWORD)
    32. HKLM\System\CurrentControlSet\Services\ASP\Parameters\HangDetConsecIllStatesThreshold (REG_DWORD)
    33. HKLM\System\CurrentControlSet\Services\ASP\Parameters\HangDetEnabled (REG_DWORD)
    34. HKLM\System\CurrentControlSet\Services\ASP\Parameters\EnableChangeNotificationForUNC (REG_DWORD)
    35. HKLM\System\CurrentControlSet\Services\ASP\Parameters\FileMonitoringEnabled (REG_DWORD)
    36. HKLM\System\CurrentControlSet\Services\ASP\Parameters\FileMonitoringTimeoutSeconds (REG_DWORD)
    37. HKLM\System\CurrentControlSet\Services\ASP\Parameters\MaxCSR (REG_DWORD)
    38. HKLM\System\CurrentControlSet\Services\ASP\Parameters\MaxCPU (REG_DWORD)
    39. HKLM\System\CurrentControlSet\Services\ASP\Parameters\DisableOOMRecycle (REG_DWORD)
    40. HKLM\System\CurrentControlSet\Services\ASP\Parameters\DisableLazyContentPropagation (REG_DWORD)
    41. HKLM\System\CurrentControlSet\Services\ASP\Parameters\ThreadMax (REG_DWORD)
    42. HKLM\System\CurrentControlSet\Services\ASP\Parameters\DisableComPlusCpuMetric (REG_DWORD)
    43. HKLM\System\CurrentControlSet\Services\ASP\Parameters\AspMaxResponseHeaderLength (REG_DWORD)
    44. HKLM\System\CurrentControlSet\Services\ASP\Parameters\AspMaxPropertyStringLength (REG_DWORD)
    45. HKLM\System\CurrentControlSet\Services\ASP\Parameters\DisableCachedResponseOnUNCAccessFailure (REG_DWORD)

    46. HKLM\System\CurrentControlSet\Services\ASP\Parameters\DisableCertificateBlobAsArray (REG_DWORD)
    Certificates Blob can be returned as an Array. But some programs dont want them as a Array. Disable this for then. Read more here.

    IIS Manager and WMSVC

    47. HKLM\Software\Microsoft\Inetmgr\Parameters\IncrementalSiteIDCreation (REG_DWORD)
    Default value is 0 which means incremental site id is not enabled. You can set this key to 1 to enable it. This key is read by inetmgr.exe every time a site is created. So you don’t need to restart inetmgr.exe after changing this key. Read more here.

    Following registry keys are used to store settings required by WMSvc for remote management. Changes to these keys require WMSvc restart. You should use IIS7 UI to change these settings whenever possible. Some more information about these is available here here.

    48. HKLM\SOFTWARE\Microsoft\WebManagement\Server\IPAddress (REG_SZ)
    Default value of this regKey is * which means all unassigned IP addresses.

    49. HKLM\SOFTWARE\Microsoft\WebManagement\Server\Port (REG_DWORD)
    If this key is not defined, port is assumed as 8172.

    50. HKLM\SOFTWARE\Microsoft\WebManagement\Server\RequiresWindowsCredentials (REG_DWORD)
    Default value of this key is 0 which means both windows and IIS manager users can be used. When set to 1 only windows users are allowed.

    51. HKLM\SOFTWARE\Microsoft\WebManagement\Server\EnableLogging (REG_DWORD)
    Default value is 1 which means logging is enabled. Setting this key to 0 will disable WMSvc logging.

    52. HKLM\SOFTWARE\Microsoft\WebManagement\Server\LoggingDirectory (REG_SZ)
    Value of this key is used as the log location whose default is %systemdrive%\inetpub\logs\wmsvc.

    53. HKLM\SOFTWARE\Microsoft\WebManagement\Server\EnableRemoteManagement (REG_DWORD)
    Default value is 0 which means remote management is disabled. When this key is set to 1 remote management is enabled.

    54. HKLM\SOFTWARE\Microsoft\WebManagement\Server\RemoteRestrictions (REG_SZ)
    55. HKLM\SOFTWARE\Microsoft\WebManagement\Server\SslCertificateHash (REG_BINARY)
    56. HKLM\SOFTWARE\Microsoft\WebManagement\Server\SelfSignedSslCertificateHash (REG_BINARY)

    W3TP (Keys affecting thread pool manager used by WAS and worker process)

    57. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\MaxPoolThreads (REG_DWORD)
    These is soft limit on maximum number of threads which will be used and is adjusted dynamically. By default its value is 20 * number of processors. Read more here.

    58. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\PoolThreadLimit (REG_DWORD)
    This is the absolute maximum thread count. Min = 64, Max = 256. Default value is calculated based on available physical memory. Read more here.

    59. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\ThreadTimeout (REG_DWORD)
    Default is 1800 (seconds). Read about it here.

    60. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\ThreadPoolStartupThreadCount (REG_DWORD)
    Number of threads to start on startup. Default is 4 if number of processors is less than 4 or equal to number of processors. Less than 1 is interpreted as 1.

    61. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\ThreadPoolMaxCPU (REG_DWORD)
    If CPU usage is more than this value, new threads are not created. Default is 95. Read about it here.

    62. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\ThreadPoolStartDelay (REG_DWORD)
    Default is 1 sec. Read more here.

    63. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\ThreadPoolExactThreadCount (REG_DWORD)
    Default is 0 which means not set. If set initial thread count is set to this value and thread count is not changed dynamically.

    64. HKLM\System\CurrentControlSet\Services\InetInfo\Parameters\MaxConcurrency (REG_DWORD)
    This key dictates number of threads allowed to concurrently process I/O. Default value is 0 which means the system allows as many concurrently running threads as there are processors in the system. Read more here.

    Hope this helps.

    -Kanwal-

    Read more...

  • Ins & Outs of hostable web core

    3 Comments

    I started writing an application which uses hostable web core (HWC) functionality of IIS7 and before making it available for download I thought it will be useful to write about HWC in detail. Hostable web core enables processes other than w3wp.exe to load IIS core and do almost everything that a worker process can do. One of these “hostable” solutions is the new IIS7 UI tool.  It needs to be able to change the configuration of IIS without affecting itself.  So the tool needs to run independent of IIS and HWC gives it exactly that. I have also used it before to find native modules registration information (check it out here).

    Introduction

    HWC allows you to host IIS core in your own process and serve http requests. It allows you to operate using your own applicationHost.config and root web.config files and doesn’t require you to be dependent on applicationHost.config or root web.config which IIS uses. When you use HWC to serve http requests, you get the full power of IIS including SSL, compression, authentication etc. As you host the IIS core in your own process, WAS (windows activation service) doesn’t control this instance of IIS and you don’t get process model support. With this, you also don’t get support for RSCA and non-http protocols. IIS performance counters doesn’t count requests to this instance as well. Application pool identity is always host process identity and not the one configured in your appHostConfig but credentials configured for accessing virtual directories are still used. Pass-through authentication, tracing, logging works as expected. There is no support provided for you to pre-reserve the URLs with http.sys. You can pre-reserve the URL’s that the application will be wanting to use using “netsh http add urlacl” and also configure HTTP.sys SSL using “netsh http add sslcert” if needed.

    To use HWC in an application, all you need to need to do is call WebcoreActivate exposed from %windir%\system32\inetsrv\hwebcore.dll. You can refer to my previous blog for reference to how to call in native code. For calling from managed code, following class might be useful.

    class HWCInterop
    {
        [DllImport(@"%windir%\system32\inetsrv\hwebcore.dll")]
        public static extern int WebCoreActivate(
            [In, MarshalAs(UnmanagedType.LPWStr)]
            string appHostConfigPath,     // Required
            [In, MarshalAs(UnmanagedType.LPWStr)]
            string rootWebConfigPath,    // Optional
            [In, MarshalAs(UnmanagedType.LPWStr)]
            string instanceName);             // Required

            [DllImport(@"%windir%\system32\inetsrv\hwebcore.dll")]
        public static extern int WebCoreShutdown(
            bool immediate);
    }

    WebcoreActivate

    WebcoreActivate need to be called to load the IIS core in your process and activate the runtime. You need to pass full path to configuration file which will act as replacement of applicationHost.config, an optional replacement of root web.config and an instance name which will be used in event logs. As this instance of web core has its own applicationHost.config, global parameters values including list of global modules, isapiFilters etc can be different from what is configured for worker processes. WebcoreActivate does input validation and in turn calls HostedW3SVCStart in iisw3adm.dll which in turn loads all the dependent dll’s for the IIS core as well as configure http.sys.  Method returns successfully when HWC is successfully able to create the request queue in HTTP.sys and is ready to receive requests.

    Each instance of HWC requires its own applicationHost.config file which must conform to following restrictions.
      è Your process will act as the worker process. As there is only one process involved, appHostConfigPath can have only 1 application pool definition.
      è IIS uses application pool name as the request queue name in HTTP.sys. So application pool name in configuration should be unique. Else application which registers the request queue name first will only succeed.
      è You need at least 1 website defined in the configuration. Lack of any site being defined will produce an error on activation.
      è The site binding should not conflict with other site bindings which you might have on the system else IIS core will get an error from http.sys which will appear as a failed call to WebcoreActivate.
      è All applications configured must be configured to use the one application pool defined.

    If you see that this method is failing, following list might be helpful to find the error.

      o   If appHostConfigPath has multiple application pools defined in it, this method will fail with error 0x80070038.
      o   If site binding is not unique and http.sys fails to reserve URL for you or application pool name is already registered with http.sys, WebcoreActivate will fail with error 0x800700B7.
      o   If configuration file passed has no sites configured, method will fail with error 0x80070015.
      o   If configuration has only one application pool but applications configured use other application pools as well, a warning is generated that application is ignored and method fails with error 0x80070044.
      o   All configuration system checks are still valid. So invalid xml in configuration or duplicate site ids will produce 0x8007000D.
      o   Invalid appHostConfigPath (blank or null), invalid instance name (blank or null or consisting of space/tabs) fail with error 0x80070057 (ERROR_INVALID_PARAMETER).
      o   If method is called multiple times and method detects that web core is already loaded, method will fail with erro 0x80070420 (ERROR_SERVICE_ALREADY_RUNNING).
      o   If appHostConfigPath is not valid, method will return 0x80070490.

    WebcoreShutdown

    When ready to shutdown, call WebcoreShutdown which in turn calls HostedW3SVCStop in iisw3adm.dll. You can choose to do an immediate shutdown which closes the application pool disconnecting all the clients immediately or do a gentle shutdown which marks application pool as stopped but does complete requests in flight. Regardless of the type of shutdown, shutdown always allow the requests in the worker process to complete. If called when service is not even running (WebcoreActivate was never called or it failed), method fails with error code 0x80070426 (ERROR_SERVICE_NOT_ACTIVE).

    Note that WebcoreActivate and WebcoreShutdown can be called only once in process lifetime. Also HWC always uses .Net 2.0 schema and there is no way to make it pick .Net 4.0 schema. So root web.config passed to WebcoreActivate cannot have properties which are only supported in .Net 4.0. This problem will be fixed in Win8.

    I hope that now you feel much more confident while using this feature of IIS7.

    -Kanwal-

    Read more...

  • Things you can do by piping appcmd commands

    10 Comments

    Here are some of the cool things you can do by piping appcmd commands together in IIS7.

    Application Pools
    1. Recycle all application pools (replace recycle with start/stop to start/stop all apppools)
    appcmd list apppool /xml | appcmd recycle apppool /in

    2. Stop application pools with word "cheap" in it
    appcmd list apppool /name:"$=*cheap*" /xml | appcmd stop apppool /in

    3. Set property enable32BitAppOnWin64 to true for all apppools (Filter apppools as in 2 if needed)
    appcmd list apppool /xml | appcmd set apppool /in /enable32BitAppOnWin64:true

    4. Start apppools which are stopped
    appcmd list apppool /state:Stopped /xml | appcmd start apppool /in

    5. Recycle application pools which are used in some applications
    appcmd list app /xml | appcmd list apppool /in /xml | appcmd recycle apppool /in
    appcmd list app /xml | appcmd recycle apppool /in (This might recycle one apppool multiple times)

    6. Recycle apppools serving website “Default Web Site”
    appcmd list site "Default Web Site" /xml | appcmd list app /in /xml | appcmd list apppool /in /xml | appcmd recycle apppool /in
    appcmd list app /site.name:"Default Web Site" /xml | appcmd list apppool /in /xml | appcmd recycle apppool /in

    Sites
    7. Start all the sites (Replace start with stop to stop all sites)
    appcmd list site /xml | appcmd start site /in

    8. Start the sites which are stopped
    appcmd list site /state:stopped /xml | appcmd start site /in

    9. Set serverAutoStart to false for all sites
    appcmd list site /xml | appcmd set site /serverAutoStart:false /in

    10. Keep sites config data and restore later
    appcmd list site /config /xml > sites.xml
    appcmd add sites /in < sites.xml

    Applications and Vdirs
    11. Delete all apps which are using a particular apppool
    appcmd list apppool DefaultAppPool /xml | appcmd list app /in /xml | appcmd delete app /in

    12. Move all applications in a site to NewAppPool apppool
    appcmd list app /site.name:"Default Web Site" /xml | appcmd set app /in /applicationPool:NewAppPool

    13. List all sites with "/test" app
    appcmd list app /path:"/test" /xml | appcmd list site /in

    14. List apps created by user10 (assuming all his apps under a folder whose name contains user10)
    appcmd list vdir /physicalPath:"$=*user10*" /xml | appcmd list app /in

    15. List sites which read from C:\inetput\wwwroot
    appcmd list vdir /physicalPath:C:\inetput\wwwroot /xml | appcmd list app /xml /in | appcmd list site /in

    16. List the vdirs of sites which are stopped
    appcmd list site /state:stopped /xml | appcmd list app /xml /in | appcmd list vdir /in

    Worker processes and Requests
    17. Stop apppools of requests running for more than 60 seconds
    appcmd list request /xml /time:"$>60000" | appcmd list apppool /in /xml | appcmd stop apppool /in

    18. List apps served by wp 3600
    appcmd list wp 3600 /xml | appcmd list apppool /xml /in | appcmd list app /in

    Modules
    19. Disable all managed modules
    appcmd list module /preCondition:managedHandler /xml | appcmd delete module /in

    20. Uninstall all native modules
    appcmd list module /type:"" /xml | appcmd uninstall module /in

    21. Unlock all module entries under system.webServer/modules (won’t work on vista)
    appcmd list module /xml | appcmd set config /lockItem:false /in

    Configuration
    22. Keep config of a particular section and restore later
    appcmd list config http://localhost/app1/ /section:caching /xml /config > config.xml
    appcmd set config     http://localhost/app1 /in < config.xml

    Backups and Traces
    23. Delete all backups
    appcmd list backup /xml | appcmd delete backup /in

    24. List sites generating 404
    appcmd list trace /statusCode:404 /xml | appcmd list site /in

    Hope this helps.

    -Kanwal

    Read more...

  • Steps to enable tracing using appcmd

    1 Comment

    Here are the steps you need to enable tracing for a site using appcmd.

    1.       Enable tracing for site.
    2.       Enable tracing for all request paths and for all response codes.
    3.       Appcmd leaves verbosity to default value “warning”. Get the providers count to change verbosity in step 4.
    4.           Change verbosity to verbose for all providers.

    @REM Step1
    @REM Change site name in the commands if you need to

    %windir%\System32\inetsrv\appcmd configure trace "Default Web Site" /enablesite

    @REM Step2
    @REM Change /statusCodes if you don’t want to enable tracing for all response codes.
    @REM Status code range doesn’t work in vista client. Change accordingly.
    @REM Use /path to enable tracing for requests to particular file. Eg. /path:*.aspx
    @REM Use /timeTaken to enable tracing based on time taken to process request

    %windir%\System32\inetsrv\appcmd configure trace "Default Web Site" /enable /statusCodes:100-999 -commit:apphost

    @REM Step 3
    @REM Change %%V to %V if you are not running in batch mode

    %windir%\System32\inetsrv\appcmd list config "Default Web Site" -section:traceFailedRequests -text:* | findstr provider:> traceproviders.txt
    SET PROCOUNT=-1
    for /F %%V in (traceproviders.txt) do set /a PROCOUNT = PROCOUNT + 1

    @REM Step 4
    @REM Change %%V to %V if you are not running in batch mode

    for /L %%V in (0,1,%PROCOUNT%) do %windir%\System32\inetsrv\appcmd set config "Default Web Site" /section:traceFailedRequests /[path='*'].traceAreas.[@%%V].verbosity:Verbose -commit:apphost

    You can remove step3 and change step 4 to run blindly from 0 to 3. You might get invalid index errors from appcmd if you have less than 4 providers installed on your machine which you can ignore.

    -Kanwal-

    Read more...

  • AppcmdUI - appcmd command autocompletion tool

    5 Comments

    Do you always find yourself using “/?” in appcmd to find what switches you need? Do you always run “appcmd list” commands to see the list of apppools/sites/apps/traces etc before actually running the command? Do you always end up opening schema when working with "appcmd config" commands? Worry no more. I have written AppcmdUI to alleviate your pains. AppcmdUI provides you available options at each step so that you only need to pick the option from the list as in the snapshot below.

    AppcmdUI 

    Features
    §  Works with both “appcmd <object> <verb>” and “appcmd <verb> <object>” command styles.
    §  Shows list of objects and verbs available. Builds auto complete list dynamically so that you see only few options.
    §  Builds list of current application pools, sites, applications, virtual directories, backups, module, traces, worker processes and shows them as parameter values. Updates this list when “appcmd add/delete” commands are used.
    §  Force update option for tool to pick latest configuration data when “appcmd set config” or other scripts/tools are used to add/delete apppools/sites/apps/vdirs.
    §  Parses the schema and shows section names in commands which require section names. Custom defined sections are automatically picked.
    §  When working with a particular section, shows list of attributes/elements/collections and helps you setting attributes and adding/removing collection elements.
    §  Shows attributes, elements, collections which you can set using “appcmd set apppool|site|app|vdir|module” commands.
    §  Shows general appcmd parameters. Uses –parameter for general parameters rather than /parameter to show they are different.
    §  Shows possible attributes when “appcmd –text:” used.
    §  Can execute command and see the output in the same window.
    §  Shows examples of commands you are working with which are in “appcmd <verb> <object> /?” help.
    §  Supports auto complete and command execution even when piping commands together.
    §  Limited support for identifiers. There is a corresponding /parameter option for most of the identifiers. Uses /parameter:value.
    §  NEW - Up-down lets you browse recently executed commands.
    §  NEW - If you run the application without sufficient privileges, it shows UAC dialog box for you to grant access.

    Installation
    You can use AppcmdUI only on machines which has IIS7 and appcmd.exe installed. Download attached AppcmdUIInstall.zip and run self extracting package AppcmdUIInstall.exe. Extract files (AppcmdUI.exe and AppcmdUI.xml) to a folder on your machine and you are done.

    How to Use
    Run AppcmdUI.exe as elevated (newest version will demand administrator access if needed only if when you don't run it from command window). Running from an elevated command prompt is not enough because of UAC settings for applications which are not under windows directory. Start typing appcmd commands in the textbox. You will get list of available options as you go along. Use mouse or down/up arrow keys to select any of available options. Auto complete list is updated every time you type space/comma/colon/dot so that you only see few options which are valid in current context and helps you choose only next option. Snapshot below shows list of available objects in appcmd which are shown on typing “appcmd “.

    Appcmd Objects

    AppcmdUI uses “appcmd <object> <verb>” format. So you see list of available objects after appcmd. If you type “appcmd <verb>” and then space, you will see list of objects which you can use with the verb you typed. If you want to get list of verbs and not objects when you type “appcmd “, you can set <verb> <object> option in the menu as shown below.

    Change command style

    When you have the <verb> <object> option set, you will see the available verbs after appcmd as shown below.

    Appcmd Verbs

    Once you have selected verb and object, you will see list of available options which can be used with them.

    Parameter Values
    When you need the available application pools, sites, applications, virtual directories, backups, traces, worker processes in the command, AppcmdUI shows the values you can use. Next time when you need to start or stop apppools/sites, delete apps/vdirs or inspect traces, you won’t need “appcmd list” command first.

    Parameter Values

    Force Update
    AppcmdUI picks up list of application pools, sites, applications, virtual directories, backups once and update this list only when “appcmd add/delete” calls are made. If you use “appcmd set config” call or some other means of creating apppools/sites/apps etc, you would see the list is not updated. Eg. If a new application pool “AppcmdAppPool” is created using “appcmd set config /section:applicationPools /+[name='AppcmdAppPool']", that apppool is not shown in the list of available apppools.

    Using Appcmd set

    You can use "Force Update" option to force AppcmdUI to update list of application pools, sites, applications etc.

    Force Update

    After forcing an update, "AppcmdAppPool" is shown in the list of available application pools.

    After force update

    Working with configuration
    When you are working with “appcmd list config” or “appcmd set config”, you get list of available sections as soon as you enter “/section:” as shown below.

    Available sections

    AppcmdUI also shows you list of attributes, elements, collections when working with set/list commands. Adding a collection element is now a whole lot easier as you can see below.

    Add Collection Element

    List of attributes, elements, collections is also available when you work with “appcmd set <apppool|site|app|vdir”. In the snapshot below, I am getting attributes which can be set for a virtual directory.

    vdir attributes Schema elements are available with various list commands as well after you type “-text:”. –text with list command allows you to print only particular attributes.

    List properties

    Hope you find working with appcmd much easier with this.

    View the original post

    Read more...

  • Using ahadmin to read/write IIS configuration - Part 1

    No Comments


    We will work with ahwrite in this post. You should always use an instance of AdminManager to read the config which always give you effective config for a config path. WritableAdminManager might give wrong values which can vary depending on value of CommitPath. If you are not planning to write to IIS config files, you can just replace ahwrite with ahread in the samples. CommitChanges(), CommitPath get/set calls need ahwrite. Lets read system.webServer/urlCompression doStaticCompression, doDynamicCompression property values for server root using IAppHostAdminManager. You do this by getting IAppHostElement instance corresponding to urlCompression section using GetAdminSection. GetAdminSection take two parameters. First parameter is the section name and second parameter is config path. MACHINE/WEBROOT/APPHOST is the path corresponding to server root. This can be changed to  MACHINE/WEBROOT/APPHOST/<SITENAME>/<APPNAME>/<VDIR>/<FOLDER>/<FILENAME>.

    Read more...