Archives / 2009 / March
  • Caution while xcopying IIS 7.0 config files

    Metabase.xml is the central store where IIS 6.0 stores most of its configuration information. Its a plain text file and stores all the information in a simple XML format. The XML format naturally raised a notion of being able to XCOPY the config file to another server and transferring the settings with it. But if you copy over a metabase.xml file from another server your IIS admin service will no longer start. This happens because the metabase.xml file contains ACLs that control access to any metabase key. Stored under the AdminACL tag these keys are encoded based on the machinekeys of the server. When you move the metabase.xml to another server the keys can no longer be decoded and hence your IIS Admin service will not be able to start.

  • Changes to Application Pool identities in IIS 7.5 [BETA]

    IIS 6.0 introduced a lot of features to increase reliability and security. As an architectural change the worker process w3wp.exe was introduced. To increase security IIS 6.0 by default launched the worker process using the NTAuthority\Network Service account. Network Service is a low privilege predefined account that was introduced in Windows 2003. All guidance/documentation recommend running the worker process under the Network Service.