Dark Developments Where Knowledge Meets Power

3Feb/130

IIS – Move InetPub

Posted by Dark#Basics

After installing IIS it's default location is the system drive. For smaller websites and services that does not result in a problem, but when you're a hosting company or going to provide storage for a large number of websites you'll have to move the inetpub folder. When you don't have any websites installed this is quite easily done by copying the files to the new location and changing the settings on your website in IIS. But what if you already have more then one and are lazy just as me ?

Well I came across the following script that alows you to move inetpub to another drive without doing anything manually expect running the script using CLI.

 

Select All Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
REM PLEASE BE AWARE: SERVICING (I.E. HOTFIXES AND SERVICE PACKS) WILL STILL REPLACE FILES 
REM IN THE ORIGINAL DIRECTORIES. THE LIKELIHOOD THAT FILES IN THE INETPUB DIRECTORIES HAVE 
REM TO BE REPLACED BY SERVICING IS LOW BUT FOR THIS REASON DELETING THE ORIGINAL DIRECTORIES
REM IS NOT POSSIBLE. 
 
@echo off
IF "%1" == "" goto err
setlocal
set MOVETO=%1:\
 
REM simple error handling if drive does not exist or argument is wrong 
IF NOT EXIST %MOVETO% goto err
 
REM Backup IIS config before we start changing config to point to the new path
%windir%\system32\inetsrv\appcmd add backup beforeRootMove
 
REM Stop all IIS services
iisreset /stop
 
REM Copy all content 
REM /O - copy ACLs
REM /E - copy sub directories including empty ones
REM /I - assume destination is a directory
REM /Q - quiet
 
REM echo on, because user will be prompted if content already exists.
echo on
xcopy %systemdrive%\inetpub %MOVETO%inetpub /O /E /I /Q
@echo off
REM Move AppPool isolation directory 
reg add HKLM\System\CurrentControlSet\Services\WAS\Parameters /v ConfigIsolationPath /t REG_SZ /d %MOVETO%inetpub\temp\appPools /f
 
REM Move logfile directories
%windir%\system32\inetsrv\appcmd set config -section:system.applicationHost/sites -siteDefaults.traceFailedRequestsLogging.directory:"%MOVETO%inetpub\logs\FailedReqLogFiles"
%windir%\system32\inetsrv\appcmd set config -section:system.applicationHost/sites -siteDefaults.logfile.directory:"%MOVETO%inetpub\logs\logfiles"
%windir%\system32\inetsrv\appcmd set config -section:system.applicationHost/log -centralBinaryLogFile.directory:"%MOVETO%inetpub\logs\logfiles"
%windir%\system32\inetsrv\appcmd set config -section:system.applicationHost/log -centralW3CLogFile.directory:"%MOVETO%inetpub\logs\logfiles"
 
REM Move config history location, temporary files, the path for the Default Web Site and the custom error locations
%windir%\system32\inetsrv\appcmd set config -section:system.applicationhost/configHistory -path:%MOVETO%inetpub\history
%windir%\system32\inetsrv\appcmd set config -section:system.webServer/asp -cache.disktemplateCacheDirectory:"%MOVETO%inetpub\temp\ASP Compiled Templates"
%windir%\system32\inetsrv\appcmd set config -section:system.webServer/httpCompression -directory:"%MOVETO%inetpub\temp\IIS Temporary Compressed Files"
%windir%\system32\inetsrv\appcmd set vdir "Default Web Site/" -physicalPath:%MOVETO%inetpub\wwwroot
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='401'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='403'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='404'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='405'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='406'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='412'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='500'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='501'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
%windir%\system32\inetsrv\appcmd set config -section:httpErrors /[statusCode='502'].prefixLanguageFilePath:%MOVETO%inetpub\custerr
 
REM Make sure Service Pack and Hotfix Installers know where the IIS root directories are
reg add HKLM\Software\Microsoft\inetstp /v PathWWWRoot /t REG_SZ /d %mOVETO%\inetpub\wwwroot /f 
reg add HKLM\Software\Microsoft\inetstp /v PathFTPRoot /t REG_SZ /d %MOVETO%\inetpub\ftproot /f
REM Do the same for x64 directories
if not "%ProgramFiles(x86)%" == "" reg add HKLM\Software\Wow6432Node\Microsoft\inetstp /v PathWWWRoot /t REG_EXPAND_SZ /d %MOVETO%inetpub\wwwroot /f 
if not "%ProgramFiles(x86)%" == "" reg add HKLM\Software\Wow6432Node\Microsoft\inetstp /v PathFTPRoot /t REG_EXPAND_SZ /d %MOVETO%inetpub\ftproot /f
 
REM Restart all IIS services
iisreset /start
echo.
echo.
echo ===============================================================================
echo Moved IIS7 root directory from %systemdrive%\ to %MOVETO%.
echo.
echo Please verify if the move worked. If so you can delete the %systemdrive%\inetpub directory.
echo If something went wrong you can restore the old settings via 
echo     "APPCMD restore backup beforeRootMove" 
echo and 
echo     "REG delete HKLM\System\CurrentControlSet\Services\WAS\Parameters\ConfigIsolationPath"
echo You also have to reset the PathWWWRoot and PathFTPRoot registry values
echo in HKEY_LOCAL_MACHINE\Software\Microsoft\InetStp.
echo ===============================================================================
echo.
echo.
endlocal
goto success
 
REM error message if no argument or drive does not exist
:err
echo. 
echo New root drive letter required. 
echo Here an example how to move the IIS root to the F:\ drive:
echo. 
echo MOVEIISROOT.BAT F
echo.
echo. 
 
:success

Source: http://blogs.iis.net/thomad/archive/2008/02/10/moving-the-iis7-inetpub-directory-to-a-different-drive.aspx

7Mar/120

IIS – Could not load file or assembly…

Posted by Dark#Basics

Could not load file or assembly 'Microsoft.Web.Extensions'
When adding a new website to IIS it is possible that you receive the following error message when browsing to the site.

Select All Code:
1
Could not load file or assembly 'Microsoft.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.

In my case the solution was to change the application mode the classic instead of integrated (Default). This can be done by going to IIS Manager > Application Pools > Select Site > Edit Application Pool > Basic Settings... and changing the Managed Pipeline mode to Classic.

25Jul/110

D#B Backup&Recovery Notes [PART3]: Printer Services, IIS, NPS and ADCS

Posted by Dark#Basics

Printer Services

Printer Services - Backup

Making backups of the network printer services is really handy. When for some reason the service needs to be reinstalled on another server you will be able te restore lost of settings and drivers.
When preforming a backup of the Printer Services you'll backup the configurations and the drivers for all the configured printers.

A backup can be made by the CLI-tool Printbrm. It's a CLI-tool that is only available when you install the Printer Services-Role on that server. The tool enabled us to not only preform a backup but also to migrate to a new server.

Exporting the drivers and configuration can be done with the following syntax.

Printbrm -B -F <filename>.<extension>

The allowed extensions are .cab and .printerExport .

Printer Services - Recovery

A recovery can be done with the same CLI-tool using following syntax or by using the Printer Services Management Snapin.

Printbrm -r -F <filename>.<extension>

IIS

Internet Information Services (IIS) – formerly called Internet Information Server – is a web server application and set of feature extension modules created by Microsoft for use with Microsoft Windows. It is the most used web server after Apache HTTP Server: As of March 2010, it served 22.7% of all websites on the Internet. IIS 7.5 supports HTTP, HTTPS, FTP, FTPS, SMTP and NNTP. It is an integral part of Windows Server family of products, as well as all editions of Windows Vista and Windows 7, although some features are not supported on client versions of Windows. IIS is not turned on by default when Windows is installed.

IIS - Backup

Making a backup of all the IIS-settings like application pool configurations, bindings,... (this does not include the websites) can be done by the integrated IIS-CLI tool called appcmd.

appcmd add backup <filename>

If you want to make sure that the websites are also available for restore I suggest you use Robocopy for these website folders (ex.: wwwroot).

IIS - Recovery

Recovering the settings is as easy as preforming the backup with the CLI-tool.

appcmd restore backup <filename> /stop:false

NPS & ADCS

Network Policy Server (NPS) is the Microsoft implementation of a Remote Authentication Dial-in User Service (RADIUS) server and proxy in Windows Server 2008. NPS is the replacement for Internet Authentication Service (IAS) in Windows Server 2003.

As a RADIUS server, NPS performs centralized connection authentication, authorization, and accounting for many types of network access, including wireless and virtual private network (VPN) connections. As a RADIUS proxy, NPS forwards authentication and accounting messages to other RADIUS servers. NPS also acts as a health evaluation server for Network Access Protection (NAP).

Active Directory Certificate Services (AD CS) provides customizable services for issuing and managing public key certificates used in software security systems that employ public key technologies. AD CS is available as a server role in Windows Server 2008 and Windows Server 2008 R2.

NPS & ADCS - Backup
Exporting ADCS can be done with the certutil CLI-command. When using this command the whole database en the certificate is exported to the location specified.

certutil -backup -p "<apassword>" -f -seconds -v <destination>

NPS can be exported using netsh, the NPS-configuration will be exported to an XML-file.

netsh nps export filename=<filename>

NPS & ADCS - Recovery
Recovering the ADCS configuration and certificate can be done with certuril.

certutil -restore <filename>

Recovering the NPS configration by using the XML-file can be done by using netsh or the Network Policy Server GUI.

netsh nps import filename=<filename>

Source: