- November
- 11
- 2005
Troubleshooting Internet Information Services (IIS) 6.0 Issues on Windows Server 2003 SP1
Posted by unclaimed blog
No Comments »
The following information may help you with your IIS sites you plan to migrate to Windows Server 2003 SP1 with IIS 6.0.
KB Articles
Disable the loopback checkWindows Server 2003 SP1 include a loopback check security feature that is designed to help prevent reflection attacks on your computer. Therefore, authentication fails if the FQDN that you use does not match the local computer name.
You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or IIS 6
http://support.microsoft.com/default.aspx?scid=kb;en-us;896861
Users receive an authentication prompt, enter their user and password credentials, then get prompted two more time and failing to a 401.2 error.
IIS log files were reporting failure on all files listed in the virtual directories under the site
Cause
The virtual directories and files permissions are not being inherited by the site.
Workaround
Set the site’s Directory Security to Basic Authentication to push inheritance, and then set back to Integrated Windows authentication. You should receive a prompt to propagate permissions to the virtual directories. If so, select all then OK. You may receive this prompt one more time. Try to access the site to see if you can access the site without a login prompt.
If the problem continues, remove all permissions on the Web Sites directory’s Directory Security. You should receive a prompt to propagate permissions to the virtual directories. If so, select all then OK. You may receive this prompt one more time. Once the permissions are inherited to all sites and virtual directories, set the Web Sites directory back to Enable anonymous access. Try to access the site to see if you can access the site without a login prompt.
Enabling HTTP Keep-Alives (IIS 6.0)
Most Web browsers request that the server keep the client connection open while the server sends multiple elements (.htm files and .gif or .jpeg files) to the client. Keeping the client connection open in this way is referred to as an HTTP Keep-Alive. Keep-Alive is an HTTP specification that improves server performance. HTTP Keep-Alives are enabled by default.
IIS 6.0 References
Frequently Asked Questions About IIS 6.0
http://www.microsoft.com/windows2000/community/centers/iis/iis6_faq.mspx
Interne Information Services (IIS) 6.0 Resource Kit
(THIS ONE IS A GREAT RESOURCE!!!!)
Default permissions and user rights for IIS 6.0
401.1 and 401.2-Authentication Problems (IIS 6.0)
Authentication may fail with "401.3" Error if Web site's "Host Header" differs from server's NetBIOS name
You receive an "HTTP Error 401.1 – Unauthorized: Access is denied due to invalid credentials" error message when you try to access a Web site that is part of an IIS 6.0 application pool
http://support.microsoft.com/default.aspx?scid=kb;en-us;871179
Configuring Launch Permissions for COM+ Server Objects (IIS 6.0)
Application Launch Issues (DCOM)
http://support.installshield.com/kb/view.asp?articleid=Q104986
Improving Performance of IIS 6.0 Applications (Reid A Blog)
http://reidablog.blogspot.com/2005/07/improving-performance-of-iis-60.htm
DNS References
Fixing Replication DNS Lookup Problems (Event IDs 1925, 2087, 2088)
IIS 6.0 Troubleshooting Tools
AuthDiag 1.0 http://msmvps.com/bernard/archive/2004/09/02/12722.aspx
IIS Log Files – Start=>Run=>Type logfiles=>Go To directory that hosts IIS site
Fiddler – HTTP Debugging Proxy Tool – http://www.fiddlertool.com/fiddler/
For Detailed information on the following tools, see 24_CHAPTER_11_Troubleshooting_IIS_6.0.doc of the Internet Information Services (IIS) 6.0 Resource Kit
WFetch (WFetch.exe). This tool allows you to generate customized HTTP requests and view request and response data.
Microsoft Network SMS Network Monitor (NetMon2) Captures Network Traffic
File Monitor (FileMon.exe). This tool allows you to view and capture real-time file system activity.
Registry Monitor (RegMon.exe). This tool allows you to view and capture real-time system registry activity.
IIS Enterprise Tracing for Windows. This tool allows you to enable tracing for various providers. IIS includes a set of providers that can be used to troubleshoot various internal processes in addition to application performance. IIS Enterprise Tracing for Windows is new in Windows Server 2003. Logman.exe and Tracerpt.exe are the tools used to enable IIS ETW tracing.
Network Monitor. This network tracing utility allows you to view activity in the network stack. Network Monitor is included with Windows Server 2003.
System Monitor. This tool allows you to view and collect system performance data. System Monitor is included with Windows Server 2003.
HRPlus. This tool provides error lookup functionality.
Microsoft Debugging Tools for Windows. This tool allows you to debug and diagnose application problems.
Hopefully this will help you out.