IIS 6 is a standard component of all versions of Windows Server 2003, but some of the additional components you can use with IIS and some of the more advanced functionality is only available in certain versions.

IIS 5.1 VS. 6.0

Although Windows Server 2003 is the server equivalent of Windows XP, Windows XP comes with IIS 5.1, an updated version of the original IIS 5 provided with Windows Server 2000.

Windows Server 2003 Family

Windows Server 2003 is essentially available in the same three core versions as Windows 2000?Standard Edition, Enterprise Edition, and Datacenter Edition. Windows Server 2003 also incorporates one version, Web Edition, specially designed for supporting Web sites and ideal for use in Web server farms.

graphics/web_icon.gif WEB RESOURCE

For more detail on Windows Server 2003, visit www.samspublishing.com and enter this book's ISBN number (no hyphens or parenthesis) in the Search field; then click the book cover image to access the book details page. Click the Web Resources link in the More Information section and locate article ID# 020102.

Windows Server 2003, Standard Edition

The basic edition of Windows Server 2003 incorporates the main components required by the majority of users. It's ideally suited for low-demand application serving, but because of its limit of 4 CPUs, 4GB of RAM, and 4TB of disk space, it's unsuitable for higher-demand IIS applications.

Standard Edition is also limited only to Network Load Balancing in multiserver environments?with other clustering facilities only available in other editions.

If you intend to use only the Web serving capabilities, Web Edition will probably offer a more cost effective solution.

Windows Server 2003, Enterprise Edition

Enterprise Edition is designed to extend the reliability and scalability of the Standard Edition through a combination of extended hardware support and additional functionality.

Up to eight-way CPU systems can be used with Enterprise Edition, and it's the first version to support the 64-bit Itanium processor when it becomes available. This edition also increases the maximum RAM capability to 32GB. In addition, it supports Address Windows Extensions (AWE), which in a 4GB server can specifically reserve just 1GB for the core operating system, enabling the remaining 3GB to be used by applications. In the Standard and Web Editions, the addressable memory is split equally between the OS and applications.

Windows Clustering allows up to eight computers to be configured either for high performance, essentially using an extended form of the network load balancing technology, or as a high-availability setup, enabling automatic fail-over to a 'hot spare' machine in the event of a system failure.

The Enterprise Edition is unlikely to be used as an IIS platform largely because its main advantage over the Standard and Web Editions is the inclusion of clustering technology. Although clustering technology is useful, most Web sites and farms that require high availability and performance can achieve the same effect by using the Network Load Balancing features of the other editions.

However, this does not mean that the Enterprise Edition is not used in Web-based solutions. For sites that make use of either SQL Server or Exchange technologies, an Enterprise Edition server is likely to be in the background and it's mission critical when two or more servers will be configured in fail-over clustering mode.

Windows Server 2003, Datacenter Edition

You are unlikely to ever come across a server running Datacenter Edition. Unlike the other editions that are available separately for installation on the your own selection of hardware, Datacenter Edition is only available through some very select Datacenter partners.

These hardware manufacturers are responsible for supporting and providing the vital Hardware Abstraction Layer (HAL) for the Datacenter Edition. The hardware must also meet some very strict requirements and pass a battery of tests for compatibility and reliability before Microsoft will endorse the product. Once approved, the system can only use drivers signed and certified by Microsoft, and any hardware changes must also have been verified and passed the tests.

The result is a platform that is ultra reliable and specially designed both for high performance and high reliability. In fact, servers certified for the Datacenter program must achieve a 99.999% reliability, or about five minutes of unplanned downtime each year.


If Datacenter Edition is being used in a clustered setup, it's possible to achieve 100% availability, planned or unplanned, just by taking each individual server in a high-availability cluster out of service one at a time.

Therefore, Datacenter Edition is only available with the very high-end, top of the range and limits of current technology type hardware that you can normally only dream of. As a reflection of this, Datacenter Edition includes support for up to 64GB of RAM (256GB on Itanium) and 32 processors (64 on Itanium). Clustering support remains the same at 8 nodes per cluster.

As with the Enterprise Edition, it's highly unlikely that a Datacenter Edition machine will be used as a platform for IIS services, but it might be used to provide SQL Server or Exchange systems, or more likely clusters to support a Web application.

Windows Server 2003, Web Edition

If you look at the majority of machines that are used to support Web sites and applications today, you'll see that the vast majority of sites and companies are using a high number of relatively low-specification hardware. Often these units are 'pizza box' style; probably 1U high stacked into numerous 19 inch rack mount cupboards.

Physical limitations mean that these boxes are often limited to two processors and just 2GB of RAM. Coincidentally, this limitation also suits most strategies for providing high availability and performance Web sites. A large rack will take 42 1U high units: That's 42 dual-processor machines?all of which could be part of an NLB structure for handling thousands of Web site requests every second.

Microsoft has responded to this hardware-led approach by producing a version of Windows Server 2003 targeted squarely at this level of hardware with a comparable set of features specially designed for providing only Web-based services.

Windows Server 2003, Web Edition is therefore limited to supporting just 2GB of RAM and only two processors and without clustering technology, although it does include Network Load Balancing support.

The Web Edition also removes the need for the usual licensing restrictions. Because Web Edition doesn't allow anybody to actually connect directly to the machine?we have no file, print, or AD services to support?there is no need for either per connection or per seat licensing.

graphics/web_icon.gif WEB RESOURCE

For more information on how licensing and IIS operate, visit www.samspublishing.com and enter this book's ISBN number (no hyphens or parenthesis) in the Search field; then click the book cover image to access the book details page. Click the Web Resources link in the More Information section and locate article ID# 020103.

In addition, Web Edition removes support for many of the features that a pure Web server just doesn't need, including

  • Internet Authentication Services

  • Internet Connection Sharing

  • Internet Connection Firewall

  • Network Bridging

  • Removable Storage Management

  • Fax Services

  • Remote Installation Services

  • Windows Media Services

  • Services for Macintosh

Strangely, it also removes support for the Universal Data Definition Interface (UDDI) services, which are used to publish information on Web services. Web Edition is also only capable of being a member of an Active Directory domain; it cannot be a domain controller.

The result is a lighter, but more highly optimized and efficient, version of Windows Server 2003 designed especially for supporting Web applications.

The biggest benefit is probably the cost?almost a third of the price of the Standard Edition. Companies currently using Standard Edition in their rack mount systems will potentially save thousands of dollars each year.

Server Roles

Windows Server 2003 introduces some changes into the Windows server arena by giving administrators the power to assign their servers various different roles. These roles control the core feature set and available technologies installed and activated on the server. Although Windows 2000 included the concept of server roles, they were neither enforced nor easily available as configurable options. With Windows Server 2003, roles become a selectable component within the configuration of your Windows server.

For example, you can select the File Server role, which sets up the necessary services and systems on a server optimized for file serving, including the Windows and Mac file sharing systems, Distributed File System features, and Encrypted File System components. Other roles exist that automatically configure the server for print serving, terminal services, email, remote access, streaming media, WINS, domain controller, DNS server, and DHCP server

The Application Server role incorporates the various technologies designed for providing applications to other computers on a network. Because these typically consist of a Web component (including static content), various dynamic components such ASP pages, scripts, and database and other interfaces, the key technologies installed by selecting the Application Server role are

  • Internet Information Server

  • ASP


  • COM+

  • Microsoft Message Queuing (MSMQ)

The benefit of the role system is that it enables an administrator to set up a machine with only the components required to support the services he wants the machine to provide. With previous versions of Windows, you would need to install the operating system and then manually switch off components and services that you didn't need, such as file serving, print spoolers, and often many other components to optimize your server. The result is a more efficient and optimized server with lower installation and administration overheads.

Each server can have one or more roles, and you can configure the role setting in two places within Windows Server 2003. The primary location, and probably the easiest, is to use the Configure Your Server application. After the role has been selected and the software installed, you can manage the role and its capabilities through the Manage Your Server application.

Alternatively, you can manually install the components that make up different roles using the Add/Remove Components application. Using this method allows you to select the individual components and sub-components that you want to install, therefore giving you much finer control over the exact software installed on your system. For example, you could use this to install only IIS if your server were to be used only for static Web page serving.

Installing IIS

Over the years, Windows Server 2000 has had a number of different security problems. Although many of these have been internal problems, a large proportion?and many of the most public and embarrassing?have been directly attributable to IIS.

Part of the reason behind the problems, particularly when dealing with worms and viruses spread through IIS, has been that IIS is installed and enabled by default in all Windows 2000 installations. The moment you reboot after the installation has finished, IIS is running with a default series of security permissions, static elements, and some dynamic (and potentially lethal) elements.

It's often true that IIS is not the highest priority in many server installations. Although IIS is the primary Web server of choice on Windows, the majority of machines are used internally to provide directory, file, and print services, not as Web servers.

To help combat the problem, Microsoft has made IIS 6 an optional install and activate component rather than a default one. You enable and install IIS 6 by activating the Application Server role for your server after the initial installation.

Once enabled, IIS is in Lockdown mode, restricting the system to just basic static page serving. To enable more advanced features, including switching on ASP and ASP.NET extensions, you must separately configure IIS.


Lockdown mode is a new security level defined by the new and improved security system built into both IIS and Windows Server 2003. I discuss Lockdown mode and other security options in Chapter 3, "Security."

To install IIS, perform the following steps:

  1. Open Manage Your Server from the Start menu and click Add or Remove a Role.

  2. You will be asked to attach any necessary peripherals before continuing. Click Next and wait while Windows checks your hardware.

  3. In the list of server roles (as shown in Figure 1.1), click on Application Server. Click Next.

    Figure 1.1. Selecting the Application Server role for your server.


  4. If you want to enable FrontPage Server Extensions and ASP.NET, check the appropriate boxes. Click Next.

  5. A summary of the operations to be carried out will appear (shown here in Figure 1.2). Click Next to start the installation.

    Figure 1.2. Checking the elements to be installed.


  6. Windows will now install IIS and any additional components you selected. This can take a while. Be prepared to insert the installation CD-ROM if asked.

  7. Click Finish to complete the configuration of your machine as an Application Server.

You should now be able to configure IIS using the IIS Manager that will have been installed in the Administrative Tools folder on the Start Menu.