IIS Management Pack
It seems like more and more services are becoming dependent on using IIS as a foundation. Because IIS is the basis of such technologies as BITS, it's often used for more than just serving web pages. For instance, SMS is dependent on IIS to handle the BITS-capable checkpoint-restart downloads. All of the technologies covered in this book (MOM, SMS, and Windows Update) use IIS to some extent.
Installation
The Microsoft Windows Internet Information Services management pack consists of the following files:
-
MicrosoftWindowsIIS.akm
-
MicrosoftWindowsIISReports.xml
-
IIS MP Guide.doc
As of this writing, the latest version number is 05.0.3100.0000. After downloading the management pack, extract the contents to a common location, and follow the steps in Chapter 8 to import the management pack. After importing the management pack, check the version number against the version number stated in the Management Pack and Product Connector Catalog.
| Note | Do not use the management pack that comes with the MOM 2005 CD. It comes by default with a rule enabled that will block IP addresses based on a certain condition (utilizing the Automatic IP Deny script). This is discussed in more detail in the "Scripts" section. |
Additional information can be found in IIS MP Guide.doc, which comes with the management pack. There aren't any documents online currently that reference this version of the IIS management pack.
Configuration
The IIS management pack relies heavily on the logs generated by IIS. Because these logs provide the majority of the information on the general health and status of IIS, without these logs, many of the rules will not work. By default, IIS logging is enabled for web and FTP sites but not for NNTP or SMTP.
To enable logging (or just verify that someone hasn't disabled it), use the following steps. Be sure to use the W3C Extended Log format.
-
Open the Internet Information Services (IIS) Manager.
-
Select the computer name to administer.
-
Depending on the enabled services, you may see Web Sites and/or FTP Sites.
-
For every site that needs logging enabled, right-click the site name folder and select Properties.
-
Figure 9-1 displays the properties of the site. On the Web Site tab (FTP or General depending on the type), choose the Enable logging check box. For the Active log format, make sure that W3C Extended Log File Format is used.
Figure 9-1Continue with the following steps if the IIS server to monitor is Windows 2000. We recommend that you shut off CPU (or Process) Accounting logging. Leaving this value enabled can cause undependable events or alerts.
-
As described in Steps 1 and 2, choose the Default Web Site this time. Right-click and select Properties.
-
In the Web Site tab, select Properties of the W3C Extended Log File Format.
-
In the Logging Properties window, select the Advanced tab.
-
As shown in Figure 9-2, scroll down to the CPU Accounting node and clear the check box. (This may be called Process Accounting, depending on which version of IIS Manager you're using.)
Figure 9-2
Components
This exercise needs to be repeated for all of the IIS servers that will be monitored by the IIS MP.
The formulas for the Computer Groups work like the previous ones. The attributes in the table that follows make up one part of the formula. The Windows Current Version attribute is used to place the computers into the proper group depending on their OS version.
In order for notifications to work properly, an operator must be assigned to the Internet Information Services Administrators group. Refer to Chapter 6 for assigning operators to groups.
| Attributes | Microsoft Windows IIS FTP Server |
| Microsoft Windows IIS NNTP Server | |
| Microsoft Windows IIS Server | |
| Microsoft Windows IIS SMTP Server | |
| Microsoft Windows IIS Web Server | |
| Computer Groups | Microsoft Windows 2000 IIS FTP Servers |
| Microsoft Windows 2000 IIS NNTP Servers | |
| Microsoft Windows 2000 IIS Servers | |
| Microsoft Windows 2000 IIS SMTP Servers | |
| Microsoft Windows 2000 IIS Web Servers | |
| Microsoft Windows 2003 IIS FTP Servers | |
| Microsoft Windows 2003 IIS NNTP Servers | |
| Microsoft Windows 2003 IIS Servers | |
| Microsoft Windows 2003 IIS SMTP Servers | |
| Microsoft Windows 2003 IIS Web Servers | |
| Notification Groups | Internet Information Services Administrators |
Scripts
Aside from the capability to collect script map data, there are no other configurable scripts.
IIS Service Discovery
This option should be enabled carefully because collecting script map data can dramatically increase the discovery period and cause the processing requirements to increase. This is strictly for informational purposes.
| Name | Description | Value |
|---|---|---|
| CollectScriptMaps | Collects IIS Script Maps discovery data | False |
Automatic IP Deny
The most recent IIS MP does not have this script included anymore. However, if you're using an earlier version, it's worth mentioning here just because it has a potential to cause outages. Under certain conditions, rules can run this script as a response to block IP addresses from accessing a web site. The script does not go back through, however, and remove the IP addresses at some later interval. It requires manual administration to reset this list.
Tasks
The following table lists the available tasks in this management pack. It also states the context that the task runs in. Both of the following tasks execute in the context of the agent and are therefore not interactive.
| Task | Context |
|---|---|
| Run IIS Service Discovery | Agent |
| Restart IIS | Agent |
| Note | If the tasks execute in the context of the Agent, LocalSystem will provide all necessary permissions. However, if the Agent runs in least privilege configurations, it may require additional permissions to execute some of the tasks. All console tasks are executed under the permission of the user using the Operator Console. If the user doesn't ordinarily have the rights to execute the task, using the task may not work as expected. |
EAN: 2147483647
Pages: 132