ADM 331

Administrative Scripting for IIS 6.0 Using WMI

Alexis EllerProgram Manager

Internet Information Services (IIS)

Agenda

Overview of the Windows Script Host

Manageability improvements in IIS 6.0

Overview of Windows Management Instrumentation

IIS 6.0 WMI Provider

Practical examples

Special notes regarding JScript & WMI

Overview of the Windows Script Host

Automation

Provisioning

Custom tools

Rich object modelAccess to automation COM objects

Manageability Improvements in IIS 6.0

Metabase stored in XMLEditable while the server is running

Automatic versioning and history

Password protected backups

Import & Export

Command line administration

Remote administration

IIS WMI Provider

The XML MetabaseThe XML Metabase

demodemo

Command line Administration for IIS 6.0

Use the IIS WMI provider

Supplied VBScript scripts manageCommon web and FTP tasks

Use from command line, batch jobs

Serve as IIS WMI scripting examples

ADSI provider still supported

Create scripts using the IIS providers

Playing with the Playing with the command line scriptscommand line scripts

demodemo

In the System32 Directory

Web: iisweb.vbs, iisvdir.vbs

FTP: iisftp.vbs, iisftpdr.vbs

Metabase backup/restore: iisback.vbs

Import/export: iiscnfg.vbs

Application extensions, dependencies, files: iisext.vbs

Mapping between worker process and application pool: iisapp.vbs

WMI Overview

Introduced in Windows 2000

Uses the object oriented model

Universal way to access machine information

Consistent, unified view of managed objects

Supports SQL-like queries (WQL)

Using CIM Studio (from Using CIM Studio (from WMI Tools)WMI Tools)

demodemo

IIS 6.0 WMI Provider

Extends WMI schema to include IIS classes

Represents the IIS metabase

Equivalent ADSI classes and more…

Class/Instance provider

Method provider

IIS Namespace: root\MicrosoftIISv2

IIS 6.0 WMI Provider

Each IIS object available through WMIIIsWebServer, IIsFtpServer, etc.

Similar to ADSI IIS classes

Separates read-only from read-write properties

IIsWebServer vs. IIsWebServerSetting

Association classes represent relationships

IIS 6.0 WMI Provider

New classes to represent structured dataServerBinding, SecureBinding

ScriptMap, MimeMap

ApplicationDependency, WebSvcExtRestrictionList

HttpError, HttpCustomHeader, CustomErrorDescription

Browsing through IIS WMI Browsing through IIS WMI Classes using CIM Studio: Classes using CIM Studio: classes, instances and classes, instances and propertiesproperties

demodemo

How the command line How the command line scripts work: going scripts work: going inside iisweb.vbsinside iisweb.vbs

demodemo

Going Deeper

MonitoringUsing notification queries

Security AuditLook for properties set with suspicious values

Bulk operations

Multiple operations

Monitoring: keeping an Monitoring: keeping an eye on that application eye on that application poolpool

demodemo

Security: Looking for Security: Looking for sites with WRITE access sites with WRITE access enabledenabled

demodemo

Friendly name to site ID Friendly name to site ID translationtranslation

demodemo

Bulk changes: Disabling a Bulk changes: Disabling a web service extension on web service extension on multiple machinesmultiple machines

demodemo

Working across WMI Working across WMI namespacesnamespaces

demodemo

Scripting WMI Using JScript

Method Output ParametersVBScript: Methods can be called directlyJScript: Methods are called with the SWbemMethod, InParam and OutParam objects.

WMI ArraysVBScript: handle as usualJScript: use the toArray() function to convert the WMI safearray to an array recognized by the JScript engine

Methods with OutParametersvdirPath = WScript.Arguments( 0 )

Set win32svc = GetObject( "winmgmts:/root/CIMv2" )Set iissvc = GetObject( "winmgmts:/root/MicrosoftIISv2" )

Set vdir = iissvc.Get( "IIsWebVirtualDirSetting='" & vdirPath & "'" )

Set obj = win32svc.Get( "Win32_LogicalFileSecuritySetting='" & vdir.Path & "'" )

result = obj.GetSecurityDescriptor( sd )

WScript.Echo "Result: " & resultWScript.Echo sd.GetObjectText_

var vdirPath = WScript.Arguments( 0 );

var win32svc = GetObject( "winmgmts:/root/CIMv2" );var iissvc = GetObject( "winmgmts:/root/MicrosoftIISv2" );

var vdir = iissvc.Get( "IIsWebVirtualDirSetting='" + vdirPath + "'" );

var obj = win32svc.Get( "Win32_LogicalFileSecuritySetting='" + vdir.Path + "'" );

var result = obj.ExecMethod_("GetSecurityDescriptor");

WScript.Echo("Result: " + result.ReturnValue);WScript.Echo( result.Descriptor.GetObjectText_() );

VBScript – perm.vbs

JScript – perm.js (includes a helper function for displaying object properties)

Direct Call

Call using ExecMethod_

Handling WMI Arrays in JScript

set wmi = GetObject("winmgmts:/root/MicrosoftIISv2")

set site = wmi.Get(“IIsWebServerSetting='w3svc/1'")

for each binding in site.ServerBindings

WScript.Echo "IP: " & binding.IP WScript.Echo "Port: " & binding.Port WScript.Echo "Hostname: " & binding.Hostname WScript.Echo

next

var wmi = GetObject( "winmgmts:/root/MicrosoftIISv2" );

var site = wmi.Get("IIsWebServerSetting='w3svc/1'");

var bindings = site.ServerBindings.toArray();

for ( i = 0; i < bindings.length; i++ ){ WScript.Echo("IP: " + bindings[i].IP); WScript.Echo("Hostname: " + bindings[i].Hostname); WScript.Echo("Port: " + bindings[i].Port);}

VBScript – enumerateBindings.vbs

JScript – enumerateBindings.js

Call To Action

Consider Scripting

Leverage IIS WMI provider advantagesUnified object model

Querying capabilities

Monitoring capabilities

Review IIS 6.0 command line scriptsUse them

Learn from them

Ask The ExpertsGet Your Questions Answered

I will be available in the “Ask The Experts” area after this presentation from 11:30 – 13:00

Community Resources

IIS Community Portalhttp://www.microsoft.com/windowsserver2003/community/centers/iis/

IIS Portalhttp://www.microsoft.com/iis

IIS NewsgroupsMicrosoft.public.inetserver.iisMicrosoft.public.inetserver.iis.ftpMicrosoft.public.inetserver.iis.security

Third-party sites:http://iisanswers.comhttp://iisfaq.com

Suggested Reading & Resources

Using WMI to Manage IIShttp://msdn.microsoft.com/library/en-us/iisref/htm/prog_wmi_using.aspWMI Downloads – WMI Tools http://msdn.microsoft.com/downloads/list/wmi.aspWriting WMI Scripts in JScript – describes how this is different from using VBScript http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/writing_wmi_scripts_in_jscript.aspEnumerating WMI Namespaces (ie. What other WMI providers exist?) http://www.microsoft.com/technet/treeview/default.asp?url=/technet/scriptcenter/scrguide/sas_wmi_khjg.asp

Additional IIS Resources

IIS 6.0 Deployment Guides:Medium to Large Organizationshttp://www.microsoft.com/downloads/details.aspx?familyid=f31a5fd5-03db-46d2-9f34-596edd039eb9&displaylang=en Small Organizations http://download.microsoft.com/download/d/a/7/da767448-6875-489c-96e6-2003e036de6d/06NT4IIS.doc

IIS 6.0 Resource Kit Tools http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&DisplayLang=en

evaluationsevaluations

© 2003 Microsoft Corporation. All rights reserved.© 2003 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.