For the first time, Microsoft has rightfully opted not to include IIS as a default installation option. This way, a file and print server, a domain controller, or any other type of server that isn't supposed to be a Web server won't have IIS installed by default and potentially increase security vulnerabilities. You must have administrator privileges to be able to install IIS. There are two ways to begin installation: through Add or Remove Programs in the Control Panel or through the Manage Your Server Wizard that is automatically displayed after Windows Server 2003 installation. To install IIS using Add or Remove Programs in the Control Panel, follow these steps:
To install IIS using the Manage Your Server Wizard, do the following:
Although using the Manage Your Server Wizard is easier than using Add or Remove Programs, your ability to control what gets installed is minimal. Upgrading from Other Versions of IISAs a previous version of Windows is upgraded to Windows Server 2003, IIS is also automatically upgraded. During Windows Server 2003 setup, all IIS-related services running on the previous Windows version are disabled during the upgrade. These services and more are enabled after the upgrade is complete. Windows Server 2003's IIS is inherently more secure than any other versions. As a result, all Web sites currently upgraded to IIS 6 are stopped after the upgrade. The primary reason for stopping all Web sites is to help prevent IIS security vulnerabilities because of previous Windows defaults. Therefore, if a previous Windows server has IIS installed but isn't supposed to be serving as a Web server, the servers will be more secure than before by default. In this scenario, Web sites aren't enabled. Another key point to upgrading from previous versions of IIS is that all applications are configured in the IIS 5 isolation mode. This configuration preserves the applications and provides compatibility. |