Process for Migrating a Web Site from IIS 4.0 to IIS 6.0

The process for migrating a Web site hosted on IIS 4.0 consists of preparing for and performing the migration. During the preparation phase, you gather information about your existing server running Windows NT Server 4.0 and about the Web site that you are going to migrate to IIS 6.0. This information will be used as input when you run the IIS 6.0 Migration Tool. Then, you perform the migration with the IIS 6.0 Migration tool. After the migration is complete, you must change several settings in the IIS metabase. You can also enhance security by further configuring your server after migration.

The procedure for migrating one of your existing Web sites from IIS 4.0 to IIS 6.0, as described in this chapter, is based on the following assumptions:

• Your existing server is a dedicated Web server . A dedicated Web server is a server that is being used only as a Web server and not for other purposes, such as a file server configured to run the File Transfer Protocol (FTP), a mail server configured to run the Simple Mail Transfer Protocol (SMTP), or a database server running Microsoft SQL Server .

  Note

  In many small and medium- sized organizations, a single server supports multiple roles. For example, combining a Web server with a file or print server is a common scenario. If your Web server will also function as a file or print server, you should still be able to migrate your IIS 4.0 Web site by using the process described in this chapter. For more information about migrating a file or print server, see Migrating File and Print Servers to Windows Server 2003 in this book.

• The Web site that you want to migrate to IIS 6.0 is a public Internet site that is configured for Anonymous authentication only, using the IUSR_ computername account.

• The Web site that you want to migrate to IIS 6.0 runs correctly on IIS 4.0.

• The Web site that you want to migrate to IIS 6.0 contains mostly static content (or files that have .htm or .html file name extensions), with some dynamic content, which can include ASP.

• The Web site that you want to migrate to IIS 6.0 uses FrontPage Server Extensions from Microsoft.

• The content of the Web site that you want to migrate to IIS 6.0 is stored in one of two locations:

  • The home directory and subdirectories of the Web site

  • A virtual directory

• The Web site that you want to migrate to IIS 6.0 does not contain any third-party or custom applications, such as an e-commerce application.

• If the Web site uses Secure Sockets Layer (SSL), one certificate is assigned to the Web site.

If your Web server and site do not meet these requirements, you cannot perform the Web site migration process as described in this chapter. For more information about migrating Web sites to IIS 6.0, see Migrating IIS Web Sites to IIS 6.0 in Deploying Internet Information Services (IIS) 6.0 of the Microsoft Windows Server 2003 Deployment Kit (or see Chapter 6: Migrating IIS Web Sites to IIS 6.0 on the http://www.microsoft.com/reskit).

The following quick-start guide shows the steps of the Web site migration process. You can use this guide to identify the steps for which you need to gather additional information to complete, and then you can skip the information with which you are already familiar.

Prepare for Migration

1. Determine hardware compatibility with Windows Server2003.

2. Gather the following information about your server and Web site:

   • The name of the source server

   • The friendly name of the Web site

     Whether the Web site is compatible with worker process isolation mode

   • Whether the Web site content requires Inetinfo.exe

   • Whether ASP pages use relative parent paths

3. Before running the IIS 6.0 Migration Tool, identify the following:

   • Tasks that are automated by the migration tool

   • Subsequent tasks that must be performed manually

Deploy the Target Sever

1. Install and configure Windows Server2003.

2. Install and configure IIS 6.0.

3. Verify connectivity between the source server and the target server.

Migrate the Web Site with the IIS 6.0 Migration Tool

1. Install the IIS 6.0 Migration Tool.

2. Verify that clients are not accessing the Web site.

3. Run the migration tool.

4. Verify that the migration tool ran successfully.

5. Modify IIS 6.0 metabase properties that refer to the location where Windows is installed.

Configure IIS 6.0 Properties

1. Enable ASP and FrontPage Server Extensions.

2. If applicable for the Web site, migrate server certificates for SSL.

3. Migrate Microsoft FrontPage users and roles.

Complete the Migration

1. Verify that the Web site migrated successfully.

2. Back up the target server.

3. Enable client access.

Enhance and Maintain Web Site Security After Migration

1. Further reduce the attack surface of the Web server by configuring Windows Server 2003 security settings:

   • Disable and rename the Administrator account.

   • Convert all disk volumes to the NTFS file system.

   • Remove NTFS permissions that are granted to the Everyone group on the root folder of all disk volumes.

   • Remove any compilers or development environments.

   • Disable NetBIOS over TCP/IP.

2. Prevent unauthorized access to the Web site by doing the following:

   • Store Web site content on a dedicated disk volume that does not contain the operating system.

   • Set IIS Web site permissions.

   • Set NTFS file system permissions.

3. Maintain Web site security by doing the following:

   • Obtain and apply current security patches.

   • Enable Windows Server 2003 security logs.

   • Enable file access auditing for Web site content.

   • Configure IIS logs.

   • Enable IIS logging.

4. Review security policies, processes, and procedures.