View
233
Download
6
Category
Preview:
Citation preview
ADM 331
Administrative Scripting for IIS 6.0 Using WMI
Alexis EllerProgram Manager
Internet Information Services (IIS)
Agenda
Overview of the Windows Script Host
Manageability improvements in IIS 6.0
Overview of Windows Management Instrumentation
IIS 6.0 WMI Provider
Practical examples
Special notes regarding JScript & WMI
Overview of the Windows Script Host
Automation
Provisioning
Custom tools
Rich object modelAccess to automation COM objects
Manageability Improvements in IIS 6.0
Metabase stored in XMLEditable while the server is running
Automatic versioning and history
Password protected backups
Import & Export
Command line administration
Remote administration
IIS WMI Provider
The XML MetabaseThe XML Metabase
demodemo
Command line Administration for IIS 6.0
Use the IIS WMI provider
Supplied VBScript scripts manageCommon web and FTP tasks
Use from command line, batch jobs
Serve as IIS WMI scripting examples
ADSI provider still supported
Create scripts using the IIS providers
Playing with the Playing with the command line scriptscommand line scripts
demodemo
In the System32 Directory
Web: iisweb.vbs, iisvdir.vbs
FTP: iisftp.vbs, iisftpdr.vbs
Metabase backup/restore: iisback.vbs
Import/export: iiscnfg.vbs
Application extensions, dependencies, files: iisext.vbs
Mapping between worker process and application pool: iisapp.vbs
WMI Overview
Introduced in Windows 2000
Uses the object oriented model
Universal way to access machine information
Consistent, unified view of managed objects
Supports SQL-like queries (WQL)
Using CIM Studio (from Using CIM Studio (from WMI Tools)WMI Tools)
demodemo
IIS 6.0 WMI Provider
Extends WMI schema to include IIS classes
Represents the IIS metabase
Equivalent ADSI classes and more…
Class/Instance provider
Method provider
IIS Namespace: root\MicrosoftIISv2
IIS 6.0 WMI Provider
Each IIS object available through WMIIIsWebServer, IIsFtpServer, etc.
Similar to ADSI IIS classes
Separates read-only from read-write properties
IIsWebServer vs. IIsWebServerSetting
Association classes represent relationships
IIS 6.0 WMI Provider
New classes to represent structured dataServerBinding, SecureBinding
ScriptMap, MimeMap
ApplicationDependency, WebSvcExtRestrictionList
HttpError, HttpCustomHeader, CustomErrorDescription
Browsing through IIS WMI Browsing through IIS WMI Classes using CIM Studio: Classes using CIM Studio: classes, instances and classes, instances and propertiesproperties
demodemo
How the command line How the command line scripts work: going scripts work: going inside iisweb.vbsinside iisweb.vbs
demodemo
Going Deeper
MonitoringUsing notification queries
Security AuditLook for properties set with suspicious values
Bulk operations
Multiple operations
Monitoring: keeping an Monitoring: keeping an eye on that application eye on that application poolpool
demodemo
Security: Looking for Security: Looking for sites with WRITE access sites with WRITE access enabledenabled
demodemo
Friendly name to site ID Friendly name to site ID translationtranslation
demodemo
Bulk changes: Disabling a Bulk changes: Disabling a web service extension on web service extension on multiple machinesmultiple machines
demodemo
Working across WMI Working across WMI namespacesnamespaces
demodemo
Scripting WMI Using JScript
Method Output ParametersVBScript: Methods can be called directlyJScript: Methods are called with the SWbemMethod, InParam and OutParam objects.
WMI ArraysVBScript: handle as usualJScript: use the toArray() function to convert the WMI safearray to an array recognized by the JScript engine
Methods with OutParametersvdirPath = WScript.Arguments( 0 )
Set win32svc = GetObject( "winmgmts:/root/CIMv2" )Set iissvc = GetObject( "winmgmts:/root/MicrosoftIISv2" )
Set vdir = iissvc.Get( "IIsWebVirtualDirSetting='" & vdirPath & "'" )
Set obj = win32svc.Get( "Win32_LogicalFileSecuritySetting='" & vdir.Path & "'" )
result = obj.GetSecurityDescriptor( sd )
WScript.Echo "Result: " & resultWScript.Echo sd.GetObjectText_
var vdirPath = WScript.Arguments( 0 );
var win32svc = GetObject( "winmgmts:/root/CIMv2" );var iissvc = GetObject( "winmgmts:/root/MicrosoftIISv2" );
var vdir = iissvc.Get( "IIsWebVirtualDirSetting='" + vdirPath + "'" );
var obj = win32svc.Get( "Win32_LogicalFileSecuritySetting='" + vdir.Path + "'" );
var result = obj.ExecMethod_("GetSecurityDescriptor");
WScript.Echo("Result: " + result.ReturnValue);WScript.Echo( result.Descriptor.GetObjectText_() );
VBScript – perm.vbs
JScript – perm.js (includes a helper function for displaying object properties)
Direct Call
Call using ExecMethod_
Handling WMI Arrays in JScript
set wmi = GetObject("winmgmts:/root/MicrosoftIISv2")
set site = wmi.Get(“IIsWebServerSetting='w3svc/1'")
for each binding in site.ServerBindings
WScript.Echo "IP: " & binding.IP WScript.Echo "Port: " & binding.Port WScript.Echo "Hostname: " & binding.Hostname WScript.Echo
next
var wmi = GetObject( "winmgmts:/root/MicrosoftIISv2" );
var site = wmi.Get("IIsWebServerSetting='w3svc/1'");
var bindings = site.ServerBindings.toArray();
for ( i = 0; i < bindings.length; i++ ){ WScript.Echo("IP: " + bindings[i].IP); WScript.Echo("Hostname: " + bindings[i].Hostname); WScript.Echo("Port: " + bindings[i].Port);}
VBScript – enumerateBindings.vbs
JScript – enumerateBindings.js
Call To Action
Consider Scripting
Leverage IIS WMI provider advantagesUnified object model
Querying capabilities
Monitoring capabilities
Review IIS 6.0 command line scriptsUse them
Learn from them
Ask The ExpertsGet Your Questions Answered
I will be available in the “Ask The Experts” area after this presentation from 11:30 – 13:00
Community Resources
IIS Community Portalhttp://www.microsoft.com/windowsserver2003/community/centers/iis/
IIS Portalhttp://www.microsoft.com/iis
IIS NewsgroupsMicrosoft.public.inetserver.iisMicrosoft.public.inetserver.iis.ftpMicrosoft.public.inetserver.iis.security
Third-party sites:http://iisanswers.comhttp://iisfaq.com
Suggested Reading & Resources
Using WMI to Manage IIShttp://msdn.microsoft.com/library/en-us/iisref/htm/prog_wmi_using.aspWMI Downloads – WMI Tools http://msdn.microsoft.com/downloads/list/wmi.aspWriting WMI Scripts in JScript – describes how this is different from using VBScript http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/writing_wmi_scripts_in_jscript.aspEnumerating WMI Namespaces (ie. What other WMI providers exist?) http://www.microsoft.com/technet/treeview/default.asp?url=/technet/scriptcenter/scrguide/sas_wmi_khjg.asp
Additional IIS Resources
IIS 6.0 Deployment Guides:Medium to Large Organizationshttp://www.microsoft.com/downloads/details.aspx?familyid=f31a5fd5-03db-46d2-9f34-596edd039eb9&displaylang=en Small Organizations http://download.microsoft.com/download/d/a/7/da767448-6875-489c-96e6-2003e036de6d/06NT4IIS.doc
IIS 6.0 Resource Kit Tools http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&DisplayLang=en
evaluationsevaluations
© 2003 Microsoft Corporation. All rights reserved.© 2003 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
Recommended