Welcome to the Beta 3 release of Internet Information Server version 4.0. Please refer to these release notes to obtain the most up-to-date information on installation, documentation, support, and known problems.
Installing IIS Version 4.0 Beta 3
Product Documentation
Obtaining Support and Providing Feedback
Other Known Problems and Limitations
Important This release of IIS Version 4.0 Beta 3 is intended for testing purposes only. Microsoft recommends that you install this release in a test environment and not for mission-critical needs.
These are the system requirements for the installation of IIS.
Intel x86 platform
| Hardware Component | Requirement | Recommendation |
|---|---|---|
| Processor | 66 MHz 486 | 90 MHz Pentium® |
| RAM | 32 MB | 64 MB |
| Free hard disk space | 50 MB | 200 MB |
| Monitor | VGA | Super VGA |
Alpha platform
| Hardware Component | Requirement | Recommendation |
|---|---|---|
| Processor | 150 MHz | 200 MHz |
| RAM | 32 MB | 64 MB |
| Free hard disk space | 50 MB (min) | 200 MB |
| Monitor | VGA | Super VGA |
IIS version 4.0 Beta 3 requires the following before setup:
Windows NT 4.0 and Service Pack 3 The Windows NT server service must be installed and running.
Important IIS 4.0 will not upgrade an IIS 2.0 system if IIS 2.0 was installed after the Windows NT 4.0 system was upgraded to Service Pack 3. Users must first uninstall IIS 2.0 from these systems, and then install the Windows NT Option Pack. Please note that IIS 4.0 has no problem upgrading IIS 2.0 systems that have been upgraded to Windows NT 4.0 Service Pack 3 after IIS 2.0 has been installed.
Internet Explorer version 4.0 Make sure that you have the Product Developer's Conference (PDC) release installed, and that it is not running when you run Setup. If you do not have IE 4.0 installed, you will be prompted to install it during setup.
Important IIS 4.0 requires the PDC build of Internet Explorer 4.0 to be installed on your computer. Removing or reinstalling IE 4.0 after IIS is installed will result in the Web server not functioning.
Administrator privileges To install IIS, you must be logged on to the server computer by using an account with Administrator privileges. You must also be logged on in such an account to administer multiple Web sites or multiple FTP sites.
Removal of Alpha or Beta 1 software If you have IIS version 4.0 Alpha or IIS version 4.0 Beta 1, be sure to uninstall that release (before installing the current release). To do this, first start the Setup program from the compact disc containing the earlier release or, in Windows NT, click Start, point to Programs, point to Microsoft Internet Information Server (Common), and then click Internet Information Server Setup. Click Next, then click Remove All.
Caution ODBC installation errors will occur during setup if there are any other applications or system services running that use the existing ODBC on the system. If any ODBC errors occur, please stop all desktop and system service applications, and run setup again.
Notes
The Windows NT 4.0 Option Pack Beta 3 will only install on Windows NT Server 4.0 and Windows NT Workstation 4.0.
The Personal Web Server for Windows 95 contained in the Windows NT 4.0 Option Pack will install on both Windows 95 and Beta 3 of Windows 98.
The Windows NT 4.0 Option Pack Beta 3 will NOT install on the Beta 1 version of Windows NT 5.0.
The version of Microsoft Message Queue contained in the Windows NT 4.0 Option Pack Beta 3 should not be installed on Windows NT Server Enterprise Edition.
When upgrading from IIS Beta 2 to IIS Beta 3, you cannot add Microsoft Message Queue during the upgrade process.
To stop the Certificate Server service on Windows NT, from the Start menu, choose Settings, Control Panel, and run the Services application. Select Certificate Server, and click the Stop button. This service may be restarted by pressing the Start button after the IIS installation has successfully completed .
If you receive an error during setup that msdasql.dll or odbc*.dll failed to be loaded, you will need to either exit setup, stop the services, and restart; or finish setup and re-run it again choosing Reinstall after stopping the Certificate Server service.
Note To publish on the World Wide Web (WWW) and the Internet, you must contact an Internet Service Provider (ISP) to obtain an Internet connection. Your ISP provides your server's Internet Protocol (IP) address, subnet mask, and the default gateway's IP address. (The default gateway is the computer through which your computer routes all Internet traffic.)
All documentation for the product is available online. You can access the Help topics by clicking Start and pointing to the program group where the product is installed, or by using the Help menu of the administration tool. Context-sensitive help is also available by clicking the Help button on a property sheet or dialog box.
Please observe the following guidelines when using the online documentation:
The WWW service must be installed and the server must be running in order to view the documentation (with the exception of release notes and troubleshooting files). If the Web site is stopped, when you click Product Documentation you will get a "A connection with the server could not be established" error message. If you get this error, start Internet Service Manager and check the status of the Web site; if stopped, then start the service.
Most navigation of the documentation occurs in left frame. To view the table of contents, click the Contents button to view the table of contents. Single-click a heading to view the welcome pages that contain summaries of the information included in that section of the contents tree. Expand and collapse branches of the contents tree to view or hide topics.
To view the index, click the Index button in the left frame. Type a word to advance to the portion of the index that is closest to the word you type. Double-click a topic to see topic or a list of topics containing the keyword.
Click the Search button in the left frame to launch a full text search. Note: This feature is available to clients only by viewing the documentation installed on Windows NT Server.
Note Depending on the browser you use, the left frame navigational devices are either ActiveX controls (on Internet Explorer) or Java controls (on Netscape browsers); therefore, if you do not see a Table of Contents appear in the left frame, ensure that you have the following browser settings. For Internet Explorer, set your browser security to medium and enable ActiveX controls and plug-ins. For Netscape browsers, enable Java and JavaScript.
Some of the functionality available in the documentation's left frame, such as the table of contents (TOC) synchronization button, may not function properly if you have a previous version of Hhctrl.ocx installed. Because version control for this file has not been activated in the documentation, please search for Hhctrl.ocx and delete any copies of this file found on your local drive. The next time you access the documentation, you will be prompted to accept the certificate that will install the updated TOC control.
In order to view the IIS documentation remotely, please use the following URL: http://<servername>/iisHelp/iis/misc/ where <servername> is the name of the server running IIS.
The documentation is designed for viewing with the Verdana font; if the documentation appears in your Web browser with a font other than Verdana, you can go to the System\Font folder and open it. The Verdana font will then be added.
Multimedia
The Help on MMC menu item in Internet Service Manager is not functional. In order to view the documentation for Microsoft Management Console, select an item in the Internet Information Server snap-in, then select the Help on Internet Information Server menu item. Microsoft Management Console documentation appears as a node in the IIS Table of Contents.
In the Authentication Methods dialog box (accessed from the Directory Security property sheet by clicking the Edit button under Anonymous Access and Authentication Control), the online help contains misplaced information about enabling SSL client authentication. This information belongs in the online help for the Secure Communications dialog box, which can be reached from the Directory Security property sheet by clicking the Edit button under Secure Communications.
Context-sensitive help for the Inheritance Overrides dialog box is not functional in this release. The help content should read as follows:
Use this dialog box to determine whether the properties you set at one level in the tree view of Internet Service Manager are inherited by the levels below that higher level, or parent node. By default, child nodes inherit properties that are set at the higher level; that is, the child nodes do not automatically override the values that you set at the parent node with their current settings unless those settings have been previously set at the child node level explicitly. This dialog box allows you to designate which child nodes should inherit the changed value of the parent node.
To designate which child nodes should inherit the value that is being set at the parent node level, select the nodes in the list box and click OK.
Click Select All to indicate that all child nodes should inherit the new value that is being set at the parent node level.
The IRequestDictionary::get_Item reference page does not completely explain how to use the method to retrieve an item from a Request Collection. The method returns a pointer to a Variant. The datatype of the variant that is returned is VT_DISPATCH. If you need to convert the returned item to a BSTR, you can use the Win32 API function VariantChangeType. For more information on VariantChangeType, see Variant Manipulation API Functions in the Platform SDK.
The Java Class and Interface definitions topic contains an error. It states
"The Java type libraries are not installed with ASP. If you are using Microsoft® Visual J++, you can generate classes from the Microsoft Active Server Pages Object Library with the Java Type Library Wizard.
To use the built-in object interfaces in a Java component, you must import the ASP classes into your code as shown below.
import asp.*;"
The topic should read
"The Java ASP interface class files are installed with IIS.
To use the built-in object interfaces in a Java component, you must import the ASP classes into your code as shown below.
import com.ms.asp.*;"
The ASP Script Timeout property documentation contains the following errors.
In the Applications Tasks topic, the documentation incorrectly states that " A special value of -1 allows scripts to run for an indefinite amount of time." The minimum value for this property is 1 second.
In the Administration Property Reference, the documentation for the AspScriptTimeout property incorrectly states that "A value of -1 for this property will disable script timeout and allow the script to run indefinitely." The minimum value for this property is 1 second.
In the Metabase Identifier Reference, the documentation for the MD_ASP_SCRIPTTIMEOUT property incorrectly states that "A value of 0xFFFFFFFF will allow a script to run indefinitely." The range of values for this property is 1 - 0xFFFFFFFE.
Peer-to-peer newsgroups are available to help you interact with other users of our products, including Microsoft Most Valuable Professionals (MVPs). You can use any newsreader software to access these newsgroups, however, we suggest using Internet Mail and News. Regardless of the newsreader or news client you are using, you may need to configure it to read the newsgroups. When prompted for News Server, specify msnews.microsoft.com. You do not need to enter an account name or password. Before posting to the newsgroups, please review the Microsoft Newsgroup Rules of Conduct. For more information about Microsoft newsgroups please see http://www.microsoft.com/support/news/ and choose Internet Information Server.
The following groups have been established at msnews.microsoft.com to support this product.
The following list contains problems and limitations that are known to exist in this Beta 3 release:
Administration
Active Server Pages
ISAPI Applications
Common Gateway Interface (CGI)
Component Object Model (COM)
Secure Sockets Layer (SSL)
Database
Software Development Kit (SDK)
General
Internet Service Manager for IIS Version 4.0 Beta 3 cannot manage or show WWW, FTP, or Gopher services on computers running previous versions of IIS or PWS.
Although Internet Service Manager will allow you to enable password synchronization on a non-local anonymous user account, this is not a supported configuration, and may cause all access to your Web or FTP server to be denied. Password synchronization should only be used with anonymous user accounts defined on the local computer.
If you install only the FTP services for Beta 3, in order to manage the service, you must also create a new console with only the IIS snap-in. To do this, run the MMC from the command line. Go to the menu item Console-Add/Remove Snap-in, select the IIS(K2) Snap-in from the Dialog and click OK. You will need to save this console setting when prompted.
If, after creating a new FTP site in Internet Service Manager, you get the error "The system cannot find the path specified" when trying to start the site, then stop and restart the FTP service. You can do this from a command line with the command Net stop msftpsvc. To restart the service, enter the command Net Start msftpsvc. Alternately, you can reboot the machine. This problem only happens after creating a new FTP site.
If you enter an IP address in the IP Address box of the Web Site property sheet in Internet Service Manager and click the Apply button, the IP Address will be incorrectly cleared in the IP Address box; however, the IP Address will still be saved and will still appear in the Advanced Multiple Web Site Configuration dialog box.
When using the IIS Admin Objects to manage the metabase, File and Directory keys may be found that do not have the KeyType property set. You will need to use the MMC to determine the type of the key, and then use the IIS Admin Objects or other metabase tools to set the KeyType property to the proper value (IIsWebFile or IIsWebDirectory) before you can access other properties at the key.
In Internet Service Manager (HTML), logging modules are not installed until the Microsoft Management Console Internet Information Server snap-in is run. If Internet Service Manager (HTML) is run before the snap-in is run, the drop down list box will read "No logging modules are currently installed". In order to install logging modules in Internet Service Manager (HTML), run the IIS snap-in in Internet Service Manager first.
If you are setting properties in Internet Service Manager (HTML), and you stop and then restart W3svc, you must refresh your Internet Service Manager (HTML) session.
The FTP Site property sheet in the HTML version of Internet Service Manager does not show Current Sessions; you cannot monitor or disconnect FTP sessions for users that are currently connected by using Internet Service Manager (HTML).
When using a non-secure connection, the only safe way to use Internet Service Manager (HTML) is through Secure Sockets Layer (SSL).
Restoring a configuration is not supported in Internet Service Manager (HTML); it is referenced in the online help, but it is not supported for this release.
In order to for Internet Service Manager (HTML) to function properly, you must set your browser's cache to refresh with every visit to an HTML page. In IE 4.0 you can set this by following these steps:
You cannot administer Internet Service Manager (HTML) over a proxy connection.
In order to use Netscape to administer Internet Service Manager (HTML), you must enable Basic Authentication (Windows NT Challenge/Response can be enabled as well); Netscape does not support Windows NT Challenge/Response.
To fully secure an ASP application, be sure to set NTFS file permissions for the appropriate user or group on your application’s Global.asa file. If your Global.asa includes commands that return information to the browser and you do not secure Global.asa, that information will be returned to the browser, even if the application’s other files are secured.
For IIS 4.0 Beta 3, it is recommended that Active Server Pages scripts using Microsoft Active Directory Services Interface (ADSI) to access the IIS metabase (such as HTML version of Internet Service Manager) be set to run in process. This is the default. Internet Service Manager allows ASP scripts to be configured to run out of process; however, there is a security bug that could allow nonauthenticated users access to the metabase by using the ADSI interface in an out-of-process ASP script. Non-ASP applications using ADSI that are written in Visual Basic or other languages are secure.
If there are virtual roots underneath an application root, the following limitations apply:
1) The application's physical path (physical path corresponding to AppRoot) will not be resolved correctly.
2) Directory change notifications inside Active Server Pages are not processed for individual directories when virtual roots inside the application root point to different directories.
If you have a component with Visual C++ running Inetinfo.exe as a process, you will not be able to debug that component. Microsoft Script Debugger will launch Inetinfo.exe, but you will not be able to debug any .asp pages that reference the component.
This release of ASP supports the HTTP 1.1 chunked transfer encoding. When ASP responds to a browser that supports HTTP 1.1, it transfers the body of a document in chunks along with the size of each chunk. By default, support for chunked encoding is enabled. If you are using ASP for testing purposes, you should keep chunked encoding enabled.
If you are using this release of ASP on a server that might receive requests from the Beta 2 version of Internet Explorer 4.0, you should consider turning off chunked encoding. The Beta 2 version of IE has a bug that prevents it from receiving chunked documents. If your users have a later beta version of IE 4, you should leave chunked encoding enabled. Internet Explorer version 3.0 and earlier are not affected.
To turn chunked encoding off, set the registry entry EnableChunkedEncoding to 0 (False). To turn chunked encoding on, set the entry to 1 (True). The registry path to this entry is:
HKEY_LOCAL_MACHINE\SYSTEMThis registry entry is available only for this release of ASP. The final release of Internet Explorer 4.0 will work with chunked encoding, and this registry entry will no longer exist.
The VBScript and JScript engines that come with ASP do not provide detailed error messages, as they have in earlier versions. Later versions of the scripting engines will provide more complete error messages.
A new feature has been added to ASP which allows ASP scripts to access constants declared in a component type library. A type library is a file that contains information about objects and types supported by an ActiveX component. In previous versions of ASP, scripts that needed to refer to constants declared by a component did so with server-side include statements. This method of referring to constants is still supported; however, using TypeLibraries may be an easier alternative.
TypeLibraries should be declared in an application's Global.asa file. When the TypeLibrary has been declared, all scripts within the application boundary will have access to the constants declared in the TypeLibrary. The exact syntax for declaring a TypeLibrary is described in the TypeLibrary Declarations reference topic.
ASP scripts that access the metabase require administrator privileges on the machine on which IIS is running. When you execute these scripts from a remote machine, you must connect through a secure connection, such as the Windows NT Challenge/Response authentication method. It is suggested that you create a server or directory for your administrative .asp files and set the directory security authentication method to Windows NT Challenge/Response for the server or directory.
Java ActiveX Components cannot be easily debugged because a breakpoint cannot be set until the source to the java class is loaded in the Microsoft Script Debugger. Currently, the source can not be found by a typical user because of a defect in the Java Virtual Machine (VM).
When the script debugger is used to enter the path to Java source files, a user enters or browses to the absolute path of the .java files. Then, when the java class appears in the script debugger Running Documents window and the class name is double clicked, the source does not appear. Instead, an error is generated saying that the source could not be found.
For example, Asp2Htm.class is in the package IISSample - c:\Winnt\Java\Trustlib\IISSample\Asp2Htm.class.
Asp2Htm.java is found in the directory - c:\InetPub\IISSamples\Components\ASP2HTM\Source\Asp2Htm.java.
If the script debugger is given the source path of c:\InetPub\IISSamples\Components\ASP2HTM\Source, then the source will not be found.
The workaround is to move the source to a directory named IISSample under the Source directory.
IIS supports ISAPI application DLLs and has the mechanisms to execute requests for these DLLs in process and out of process. Some ISAPI application DLLs may not work in out-of-process scenarios (or in multiple instances) due to a variety of reasons including exclusive access to files, security considerations, poor coding, dependence on internal data structures of IIS, combined ISAPI Application and Filter, and performance limitations. An administrator can use scripts that utilize the IIS Admin Objects to add to the metabase a list of the in-process-only ISAPI DLLs. Requests for such ISAPI DLLs are routed to the default application root in IIS (/LM/W3SVC). Given that the default application root is marked in-process only, all such requests are guaranteed to run in process.
Warning A software error in ISAPI DLLs will stop the IIS server. Therefore, unless you are sure that your DLL will never run out-of-process, do not add the DLL to this list.
Note
1)Setup will create this property in the metabase and it will be populated with Ssinc.dll and Httpodbc.dll, which work only in process.
2) Asp.dll works very well out of process; there is no need to put ASP in this list.
If the same ISAPI application DLL has been loaded and is being cached by more than one Web site, then clearing the Cache ISAPI Application check box on the Application Config property sheet for one server does not unload the DLL from memory. You must clear the Cache ISAPI Application check box for all Web sites that use the ISAPI application DLL. Clearing the Cache ISAPI Application check box does not unload ISAPI applications that were run prior to clearing this item. Only subsequent requests are not cached.
For CGI access to a script that is mapped to Cmd.exe over a UNC connection, the default directory will be set to %SYSTEM32%. This restriction is imposed by Cmd.exe.
For example, if you have a metabase path of /W3SVC/1/root/remote, a virtual path of \\remoteserver\share, and a script that is mapped to .cmd,\winnt\system32\cmd.exe /c %s %s,3, then accessing //.../remote/Script.cmd will execute \\remoteserver\share\Script.cmd using Cmd.exe with a working directory set to the local %SYSTEM32%.
COM components can be built as either in-process (.dll) or out-of-process (.exe) components. We recommend that you not use out-of-process components, because subsequent users of a component inherit the original user's security context. Using out-of-process components may also have a negative effect on performance. Rather than building out-of-process components, you should build in-process (.dll) components and use Microsoft Transaction Server to register your component in a package. Transaction Server will properly isolate your component. For more information, see the Microsoft Transaction Server documentation.
If you choose to use out-of-process components, you should have a thorough understanding of how to use them. As an example, you must use DCOM Configuration (Dcomcnfg.exe) to set up a specific identity under which to run the component. Setting a specific identity avoids problems with different users inheriting each other's security contexts. For more information on out-of-process components, refer to the Microsoft Win32 Software Development Kit documentation. The OLE Programmer's Reference describes how to set up an identity for components.
To require Secure Sockets Layer Client Certificates, you must do the following: in the Secure Communications section of the Directory Security property sheet, click Edit to reach the Secure Communications property sheet. Select the Require Secure Channel and Require Client Certificates check boxes.
If you include a file that resides in an SSL-enabled directory from an .asp file that resides in an unsecured virtual root, SSL is not applied to the included file. Thus, to ensure that SSL is applied, be sure that both the including and the included files reside in SSL-enabled directories.
To allow Internet Explorer 3.x and Internet Explorer 4.x clients to connect using Secure Sockets Layer (SSL) when the "Allow client certificates" option is checked in Internet Service Manager, you should disable the PCT cryptography option in Internet Explorer. You can do this by following these steps:
This workaround works for Windows NT4.0 Service Pack 3, but does not work for Windows NT4.0 Service Pack 1, Windows NT4.0 Service Pack 2, or Windows 95. For these clients to connect using SSL, they must either have a client certificate installed in the browser or deselect the "Allow client certificates" checkbox on the server.
The "Require 128 bit encryption" feature cannot currently be set in Internet Server Manager. In order to set it, you must use adsutil.vbs.
Adstul.vbs is installed when you select "Internet Information Server"/"World Wide Web Samples" in setup, and requires that you also install Windows Scripting Host. Adstul.vbs gets installed to %windir%\system32\inetsrv\adminsamples.
To require 128 bit encryption use the command:
cscript adsutil.vbs SET w3svc/<instance>/root/<path>/AccessSSL128 TRUE
To disable it use the command:
cscript adsutil.vbs SET w3svc//root/ /AccessSSL128 FALSE
For example:
cscript adsutil.vbs SET w3svc/1/root/AccessSSL128 TRUE
(will require 128 bit encryption for all content of instance 1)
cscript adsutil.vbs SET w3svc/1/root/dir1/AccessSSL128 TRUE
(will require 128 bit encryption only for the files in dir1 and its subdirectories)
For performance and reliability reasons, we strongly recommend the use of a client-server database engine for the deployment of data driven Web applications that require high-demand access from more than 10 concurrent users. Although Active Server Pages works with any ODBC-compliant database, it has been extensively tested and is designed to work with client server databases such as MS SQL Server, IBM DB2 and Oracle.
ASP supports shared file databases (MS Access, MS FoxPro, Borland Paradox) as valid data sources. Although some SDK examples in this release use a shared file database, we recommend that these types of database engines be used only for development purposes or limited deployment scenarios. It has been our experience that shared file databases are not well suited to high-demand, production-quality Web applications. When many multiple, concurrent users make requests of a shared file database from a Web server, unpredictable results may occur.
If the only database you use with Active Server Pages (ASP) is Microsoft SQL Server—that is, you never use Microsoft Access (.mdb) files with ASP—and you create instances of the Database Access Component that you store in the Session object, you can enhance performance by changing the threading model for Database Access Component instances from Apartment to Both in the registry. To change from Apartment to Both, double-click Makefre15.bat in the Program Files\Common Files\System\Ado folder.
To reverse this process, (that is, to change the threading model from Both to Apartment) double-click Makeapt15.bat in the \Program Files\Common Files\System\Ado folder.
Note We recommend that you not store instances of the Database Access Component in the Session object.
During installation the IIS SDK headers are installed in one of two places. If the Platform SDK is installed on the system, then the headers are copied into its include directory. If the Platform SDK is not installed on the system, then the headers are copied to: \inetpub\iissamples\sdk\include. Before building IIS 4.0 specific projects, you must copy these headers to the include directory of your build environment.
Please note that the Microsoft Transaction Server (MTS) headers and libs must be copied into your development environment before building Server Components that use the IContextObject interface to access the Active Server Pages (ASP) intrinsics. MTS installs its headers and libs in the \program files\mts\ directory.
The sample Java components described in the documentation have been replaced by the Java Component Framework samples. These samples, along with the relevant documentation, can be found in the directory \Inetpub\SDK\iissamples\components\java\Component_Framework.
Microsoft Message Queue (MSMQ)Installation of the Microsoft Message Queue (MSMQ) Site Controller, Backup Controller, Routing Server, Independent Client, and Dependent Client requires that an MSMQ Enterprise Controller already be installed and accessible on the network.
In order to properly compile the correct versions of the MSMQ SDK files, please make the following changes.
Open the workspace msmq\sdk\samples.dsw with Visual C 5.0 and correct the directories in the Debug, Win95 Debug/Release, Win32 Debug/Release ANSI, and Alpha configurations for each of the projects Disdraw, MQApiTst, mqtest, mqtestoa, and mqtrans.
They will then become analogous to Release.
The fields to change are:
General - Intermediate files (these should be .\{debug;debug95;release;release95} )
C/C++ to Preprocessor - Additional directories (should be "..\..\include")
Link to General - Object/library modules (should point to mqrt.lib as ..\..\lib\mqrt.lib", xolehlp.lib as "..\..\lib\xolehlp.lib")
Link to General - Output file name (should be .\{ Debug; Debug95; Release; Release95} )
Next, call Project - Export Makefiles.
There are 2 additional changes to make in the source of sdk\samples\mqtrans\mqtrans.cpp.
Line 394 and line 730 (same changes): Was retcode = SQLSetConnectOption (gSrv.hdbc, SQL_DTC_DONE, (UDWORD)pTransaction);
Should be retcode = SQLSetConnectOption (gSrv.hdbc, SQL_COPT_SS_ENLIST_IN_DTC, SQL_DTC_DONE);
The PStore service must be running in order to run IIS.
IIS Version 4.0 Beta 3 does not support Gopher services.
In previous versions of IIS, you could stop the entire Web service by typing at the command line net stop w3svc. This would terminate all of the Web services on the computer, and shut down the Inetinfo.exe process. As a result of the new multiple Web site architecture, there is another service, Iisadmin, that keeps running, even when w3svc is shut down. The same is true for starting and stopping services from Control Panel. If you truly want to unload the Inetinfo.exe process, and make sure that all of the extensions are unloaded properly, you should now type net stop iisadmin, rather than net stop w3svc. Typing net start w3svc or net start msftpsvc automatically starts Iisadmin. w3svc and msftpsvc must be running in order to use Internet Service Manager to start individual virtual Web sites or FTP sites.
IIS version 4.0 Beta 3 is not compatible with Microsoft Proxy Server 1.0. In order to use Proxy server with IIS, please upgrade Proxy Server from version 1.0 to version 2.0.
ODBC 3.5 will now enable connection pooling at two levels: the database driver and the driver manager. This means that Internet Information Server now automatically supports connection pooling at the driver manager level and enables connection pooling for Microsoft SQL Server. Additionally, if you want your ODBC driver to participate in connection pooling you must set the driver's CPTimeout value in the Windows NT registry. For more information about setting this value, see the ODBC documentation and visit the Microsoft ODBC Web site at http://www.microsoft.com/data/.
If you have trouble registering components on Windows NT Server and Windows NT Workstation, you may be using the wrong version of Regsvr32.exe. Use the version that is installed with Internet Information Server or Personal Web Server. By default, this file is installed in C:\Winnt\System32\Inetsrv.
After creating a Web project by using Visual Interdev 1.0, you will need to create an application root by using the Microsoft Management Console (MMC):
If you do not create this application root, your Web project will not be able to execute your Global.asa properly, which will probably cause your Web application to fail.
In Visual Basic or VBScript, if you call GetObject() to instantiate an IIS Admin Object and GetObject fails, the returned error code is changed in ole32 from MkParseDisplayName() to a MK_E_SYNTAX error.
When you install IIS Beta 3 over an existing IIS Beta 2 installation, any existing packages will be automatically upgraded to Beta 3. However, IIS Beta 2 packages cannot be remotely administered from an IIS Beta 3 installation. In order to remotely administer an IIS Beta 2 package from IIS Beta 3, install IIS Beta 3 on the remote machine.
There are currently known problems with using PerlScript in an ASP; if you are running PerlScript from ActiveWare, please contact ActiveWare for a new PerlScript engine.
If you are using static custom error files (HTML files), you should always use the File option. If you plan on developing an application (via ISAPI or ASP) to handle errors, then use URL, but be aware that the error status is handed to the application in the URL parameters and it is the application's responsibility to set the HTTP header status, otherwise the HTTP response status will be HTTP 1.1 200 OK.
Some network access features in this beta release of Windows NT Remote Access Services were designed to meet the specific needs of Public Network Operators and Internet Service Providers (ISPs). These features are being released in total to facilitate distribution and interoperability testing, as well as ensure quality of service implementations upon market release. These ISP-centric features will not be available in the final version of Windows NT Server. These features will instead be made available in a future release specifically designed for Public Network Operators and ISPs. For more information on these new VPN technologies, and to determine what specific features will be made available in Windows NT Server, visit the Windows NT Communications Web site located at http://www.microsoft.com/communications/.
If you try to use the Restore mechanism from within a Web page, ASP page, CGI script, ISAPI, SSINC, or any other executable method associated with an HTTP request, the server will try to shutdown, but will instead hang on to the last request being processed, which is the Restore request. The server will no longer accept new requests, nor will it complete the initial request. In effect, the server will be deadlocked.
The Microsoft Data Access Components (MDAC) are built for the released version of Internet Explorer 4.0. The version of Internet Explorer provided with Internet Information Server Beta 3 will work with this product, but the Preview 2 of Internet Explorer will not.
If you install Internet Authentication Services(IAS) as part of Windows NT 4.0 Option Pack installation on a computer running a previous beta version of IAS and the Japanese version of Windows NT Server 4.0, an error may appear indicating that Setup was unable to install IAS. If this happens, uninstall IAS, and then re-install it.
The iissync.exe tool used to replicate the IIS configuration will also replicate the MTS configuration, which might take a few minutes. To successfully replicate the MTS configuration, open the MTS explorer on the source machine, select Computers, then My Computer, and view its properties. On the My Computer property sheet, select the Options tab and provide a public share name on the source machine by typing the name of a valid Replication share.
For example, if publicdir is the share name on the source machine that can be accessed by the destination machine, you would type publicdir for the Replication share.
Microsoft Transaction Server (MTS) role-based package access control does not work when use in conjunction with ISAPI client impersonation. MTS packages that are used from Active Server Pages or other ISAPIs should be configured with security disabled.
Per-instance bandwidth throttling is not supported for FTP Sites; however, some counters that are related to performance monitoring have not been removed from the FTP Object. Please note that under the FTP Object, the following counters are meaningless: Measured Async. I/O Bandwidth Usage, Total Allowed Async. I/O Requests, Total Blocked Async I/O Requests, and Total Rejected Async. I/O Requests. These counters will be removed in a future release.
If you request a certificate from a Certificate Authority and fail to install the certificate before starting the Certificate Server service, the service will take up the majority of your Central Processing Unit (CPU) cycles. If this happens, stop the Certificate Server service, install the certificate, and restart the computer.
When running java components on a busy server, it is possible for the Java Virtual Machine (VM) to become deadlocked during initialization, as a result of being initialized from 40 or more threads. This only occurs the first time the Java VM is initialized per process. As a workaround, add the following code to the global.asa file for your application (the "YourJavaObject" can be a dummy component that does nothing).
<SCRIPT LANGUAGE=vbscript RUNAT=SERVER>
Sub Application_OnStart
set initobj = Server.CreateObject("YourJavaObject")
End Sub
</SCRIPT>
ActiveX Data Objects (ADO) uses the standard COM method of passing error information but does not check to see if anything else has been put into the ErrorInfo object and erases it when it destructs. There is a code workaround for this problem in Visual Basic, Visual C, and Visual J++ that should be implemented in your error handler.
For Visual Basic, the code should read:
ErrorHandler:
' cleanup
If Not adoRS Is Nothing Then
Set adoRS = Nothing
End If
If Not adoConn Is Nothing Then
Set adoConn = Nothing
End If
Err.Raise Err.Number, "Bank.Accout.Post", Err.Description
Exit Function
For Visual C, the code should read:
// // ErrorInfo is saved here because the following // ADO cleanup code may clear it. // IErrorInfo * pErrorInfo = NULL; GetErrorInfo(NULL, &pErrorInfo); if (adoRsBalance) adoRsBalance->Release(); if (adoCoConnection) adoCoConnection->Release(); AtlReportError( CLSID_CAccount, pErrMsg, IID_IAccount, hr); // // put the error back in TLS // SetErrorInfo(NULL, pErrorInfo);
For Visual J++, the code should read:
if (adoRsBalance != null) {
if (adoRsBalance.getState() == ObjectStateEnum.adStateOpen)
adoRsBalance.Close();
ComLib.release (adoRsBalance);
}
if (adoConn != null) {
if (adoConn.getState() == ObjectStateEnum.adStateOpen)
adoConn.Close();
ComLib.release (adoConn);
}
Note: In Visual J++ you must explicitly close recordsets and/or connections as well as explicit release of the ADO objects.
If you are upgrading from a previous version of IIS and you have trouble viewing default.asp, then you probably have an older version of this file. In order to install the newer IIS 4.0 Beta 3 version of this file, you must manually remove the older version of default.asp from the location drive:\InetPub\wwwroot.
Support for Microsoft Cluster Server in the Internet Information Server snap-in of Microsoft Manangement Console for resident FTP and Web sites is currently under development and thus is not supported for this beta release. Please utilize the Wolfpack Cluster Administrator program for these purposes.
In order to allow client certificates issued by Microsoft Certificate Server (or any issuer other than the default Certificate Authorities shipped with Internet Explorer 4.0 ) to be recognized by IIS 4.0, you will need to disable the Certificate Authority (CA) checking done by IIS by creating the CertCheckCA registry entry (using regedt32.exe) as a REG_DWORD with a value of 1. The registry path is:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\Inetinfo
\Parameters
CertCheckCA
Warning Disabling Certificate Authority checking will allow clients to use certificates that have not been verified by a trusted Certificate Authority such as Verisign. You should only disable this in situations where this is an acceptable procedure.
This will be fixed for the final release.
If you encounter problems getting certificates from the locally installed Certificate Server and your Application Event Log contains the following error:
"The Certificate Server could not process request * due to an error: 0x8007000d. The request was for CN=*, OU=*, O=*, L=*, S=*, C=*. The certificate would contain an encoded length that is potentially incompatible with older enrollment software. Submit a new request using different length input data for the following field: Extensions"
you can edit the registry to disable the 127 character length checking by changing the value of CertEnrollCompatible from 1 to 0 and restarting Certificate Server. The registry path is:
HKEY_LOCAL_MACHINE\SYSTEM\
CurrentControlSet\
Services\
CertSvc\
Configuration\
<Your CA's Common Name>\
CertEnrollCompatible
If you do not want to disable this feature, the workaround is to reinstall Certificate Server using a different length of Certifying Authority name information.
Manually removing IIS packages using the MTS administration tool, or manually removing components from those packages can cause your IIS applications to become unusable and unrecoverable. Please exercise caution when administering your packages directly.
If two users are administering applications at the same time through the IIS administration tool and one tries to restore a previous version of the configuration store an error will occur. The restore operation will work if you retry the operation with only one user connected.
Microsoft Proxy Server (MPS) can be used to chain multiple Proxy Server computers connected in a cascaded configuration. You may use IIS 4.0 Beta 3 and MPS 2.0 on any of the servers in the chained configuration; however, the following limitation applies:
You may not install and use IIS 4.0 Beta 3 on an upstream proxy in the chain and use Windows NT Challenge Response authentication for proxy-to-proxy authentication.
In IIS 4.0 Beta 3, it is recommended that you stop and restart all IIS services after performing a Restore Configuration. Failure to do so may lead to unexpected results, including an inability to read some configuration information. To stop IIS services, run the following command at a command prompt: "Net stop IISADMIN". To restart the services, run "Net start IISADMIN".
There are a few configuration parameters that, in this release, can only be configured programmatically using the IIS Admin Objects (IISAO). These include the following properties. For more information on these properties and where they can be set, look in the product documentation under "IIS Admin Objects Reference".
AspLogErrorRequests
AspScriptFileCacheSize
AspScriptEngineCacheMax
AspExceptionCatchEnable
AspAllowOutOfProcComponents
AspCodePage
AccessSSL128
To simplify setting these properties, we have included a program written in VBScript called adsutil.vbs that can be used configure IIS. Adsutil.vbs is installed when you select "Internet Information Server/World Wide Web Samples" in setup, and requires that you install Windows Scripting Host as well. It is installed to %windir%\system32\inetsrv\adminsamples.
To set a property, use the command
cscript adsutil.vbs SET <Path> <Value>
For example:
cscript adsutil.vbs SET W3Svc/1/root/AppName/AspLogErrorRequests true
cscript adsutil.vbs SET W3Svc/AspScriptEngineCacheMax 35
© 1997 Microsoft Corporation
These materials are provided “as-is,” for informational purposes only.
Neither Microsoft nor its suppliers makes any warranty, express or implied with respect to the content of these materials or the accuracy of any information contained herein, including, without limitation, the implied warranties of merchantability or fitness for a particular purpose. Because some states/jurisdictions do not allow exclusions of implied warranties, the above limitation may not apply to you.
Neither Microsoft nor its suppliers shall have any liability for any damages whatsoever including consequential incidental, direct, indirect, special, and loss profits. Because some states/jurisdictions do not allow exclusions of implied warranties, the above limitation may not apply to you. In any event, Microsoft’s and its suppliers’ entire liability in any manner arising out of these materials, whether by tort, contract, or otherwise shall not exceed the suggested retail price of these materials.