IIS on Server Core

Microsoft®

IIS 7.0 on Server Core

Installing PHP and migrating applications

Author: Craig Della Penna& Caleb Edgar

Last Update: October 20, 2018

Document Location:

Document Version: 1

The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication.

This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.

Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.

Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, email address, logo, person, place, or event is intended or should be inferred.

© 2007 Microsoft Corporation. All rights reserved.

Microsoft, Active Directory, ActiveX, , Visual Basic, Windows, the Windows logo, Windows NT, Windows, Windows Server, and Windows Server System are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

All other trademarks are property of their respective owners.

Contents

Introduction

Overview of Server Core and IIS7.0

Overview of Server Core

Benefits of a Server Core installation

Overview of IIS7.0

Description and Install Instructions

Server Core Installation

Prerequisites for a Server Core installation

Considerations when deploying a Server Core installation

Steps for manually installing a Server Core installation

Configuring Server Core

Considerations when configuring a Server Core installation

Steps for configuring a Server Core installation

Managing a Server Core installation

Installing IIS7.0 on Server Core

Prerequisites for installing IIS 7.0 on Server Core

Considerations when installing IIS 7.0 on Server Core

Steps for Installing IIS 7.0 on Server Core

Managing IIS 7.0 on Server Core Installations

Hosting PHP on IIS7.0

Installing Fast-CGI Support

Installing PHP on IIS7.0:

Testing the PHP Configuration

Installing a PHP Application on IIS7.0

Preparation

Installing Qdig:

To install QDIG:

Conclusion

Introduction

This document is to familiarize IT Professionals with the Server Core Installation of Microsoft® WindowsServer®2008 and Microsoft Internet Information Services 7.0 (IIS7.0). The advantages of the ease of management provided by IIS7.0 and the lower infrastructure costs brought by Server Core make it easy to migrate your PHP applications to the IIS7.0 running on Windows Server Core environment.

The goals of this document are to describe and explain how to:

  • Set up the WindowsServer2008 Server Core and IIS7.0.
  • Install and configure PHP applications on WindowsServer2008 Server Core and IIS7.0.
  • Set up PHP support and migrate PHP applications on WindowsServer2008 Server Core and IIS7.0, and how to run PHP on IIS7.0.

Overview of Server Core and IIS7.0

Overview of Server Core

The Server Core installation is a new option for installing Windows Server2008. A Server Core installation provides a minimal environment for running specific server roles, which lowers the maintenance and management requirements of the server, and significantly reduces the attack surface for those server roles. A server running Server Core supports the following server roles:

  • Active Directory Domain Services (ADDS)
  • Active Directory Lightweight Directory Services (ADLDS)
  • DHCP Server
  • DNS Server
  • File Services
  • Print Services
  • Streaming Media Services
  • Web Server (IIS)
  • Windows Hyper-V Server

To do this, the Server Core installation option installs only the binary files required by the supported server roles. For example, the Windows Explorer shell is not installed as part of a Server Core installation. Instead, the user interface for a server running a Server Core installation is the command prompt.

Benefits of a Server Core installation

The Server Core installation option of WindowsServer2008 provides the following benefits:

  • Reduced maintenance. TheServer Core option installs only what is required to have a manageable server, therefore, less maintenance is required than on a full installation of WindowsServer2008.
  • Reduced attack surface. Thereare fewer installed components running on the server, which decreases the attack surface.
  • Reduced management. As fewer applications and services are installed on a server running the Server Core installation, there is less to manage.
  • Less disk space required. A Server Core installation requires only about 1 gigabyte (GB) of disk space to install and approximately 2GB for operations after the installation.

Summary

The IT administrator can customize the Server Core installation to run only the services required for that particular server. Since Server Core is modular, the specific components are more accessible, leading to a leaner, faster, better experience for the administrator.

Overview of IIS7.0

IIS7.0 is Microsoft’s most powerful Web server ever, with new capabilities that dramatically improve the way Web solutions are developed, deployed, and managed. The modular design and extensible architecture of IIS7.0 provides administrators and developers with a new level of control and a powerful capability to customize their Web servers. Deploying and managing Web applications on IIS7.0is more straightforward and efficient than ever, in addition, the powerful diagnostic and troubleshooting capabilities of IIS7.0make triage much faster, and reduce downtime.

The IIS7.0 release delivers five key enhancements:

1. / Modular architecture: IIS7.0 enables the IT Professional to determine exactly which features are installed and running on the Web server. IIS7.0 is now divided into more than 40 feature modules that can be independently installed on the server, dramatically reducing the potential attack surface, and lowering the footprint requirements of the server. Unlike previous versions, IIS 7.0 starts by installing only the essential feature modules, administrators can then add the features they want. This contrasts with the previous setup which installed everything and required the administrator to remove what they didn’t want.
2. / Comprehensive extensibility APIs:IIS7.0 enables developers to extend the Web server in an efficient way. The core Web server features of IIS7.0are built using a new set of public Web server APIs that all developers can use to extend, replace, or add functionality to the Web server. These APIs are available as native Win32® APIs as well as being available as managed .NET Framework APIs. Developers can also take advantage of the extensibility of event logging, configuration, and administration tool feature-sets available in IIS7.0, providing a better experience for customers using third-party extensions.
3. / Simplified, Distributed XML Configuration model:IIS7.0 provides developers and administrators with a unified configuration system for storing all IIS and ASP.NET settings in a single XML format,This includes a set of managed code and scripting APIs whichaccess configuration information for the entire Web platform. This new configuration system supports distributed configuration files, which can be stored along with Web site or application content.
These improvements have radical implications for how applications are configured and deployed. Now that Web site and application settings are no longer explicitly tied to a centralized configuration store on the local computer, configuration can simply be copied from the developer's workstation to a test server, and then to the production Web server. Whena Web site is in production, administrators can share configuration information across multiple front-end Web servers, avoiding replication and manual synchronization issues.
4. / Efficient Local and Remote Administration Tools:IIS7.0 offers a broad set of administration features that simplify the day-to-day tasks of managing Web sites and applications. IIS7.0 includes:
  • Anew graphical user interface (GUI) administration tool
  • IIS Manager, a new command-line utility
  • Anew managed API, a command line utility called AppCMD
  • Anew WMI provider for automating administration tasks
All of these new administration features provide unified support for managing IIS and ASP.NET settings together.
The new IIS Manager in IIS7.0 offers an improved, modular, more efficient tool for managing the Web server. IIS Manager provides support for both IIS and ASP.NET configuration settings, membership users, and role data, as well as runtime diagnostic information. The new UI also enables those who host or administer Web sites to delegate administrative control to developers or content owners, thus reducing cost of ownership and the administrative burden for the IT professional. It supports securely connecting to remote servers over HTTPS (through firewalls) and works in both dedicated and shared hosting environments.
5. / Powerful diagnostic capabilities:IIS7.0 enables developers and IT Professionals to more easily troubleshoot errant Web sites and applications. IIS7.0providesruntime diagnostic information to administrators—for example, what requests are currently executing, how long they have been running, which URLs they are invoking, what client called them, and what their status is. IIS7.0 makes it possible to troubleshoot failures without having to manually reproduce them. The Failed Request Tracing feature enables server administrators to define error conditions that they wish to monitor. These diagnostic capabilities in IIS7.0 are extensible as well, so new diagnostic events can be inserted into custom modules.
Summary
New features in IIS 7.0 provide easy to use, flexible tools for the technical professional. Using IIS 7.0 simplifies Web server management with options that include a flexible extensibility model, powerful diagnostic tools, enhanced security, true XCopy deployment for applications, and improved administration tools. Using the delegated administration features in IIS 7.0, Web hosters can let customers or datacenters manage their own content, which helps reduce the cost of administration. Improved configuration features make it easy to create one configuration file and distribute the configuration changes to multiple servers. The new module features in IIS 7.0 can be independently installed on the server to reduce the attack surface of the server, and reduce administrative overhead where it is not needed. IIS 7.0 is designed to work with existing tools and scripts.The new management and diagnostic features in IIS 7.0 free up IT staff to work on more business-critical tasks.
For more information about IIS7.0, visit the IIS Web site at:

Description and Install Instructions

Server Core Installation

Prerequisites for a Server Core installation

To complete this task, you will need the following:

  • The WindowsServer2008 installation media
  • A valid product key
  • A computer on which you can perform a clean Server Core installation

Considerations when deploying a Server Core installation

  • Only clean installations are supported.
  • You cannot upgrade from a previous version of the WindowsServer operating system to a Server Core installation.
  • You cannot upgrade from a full installation of WindowsServer2008 to a Server Core installation.
  • You cannot upgrade from a Server Core installation to a full installation of WindowsServer2008. If you need the Windows® user interface or a server role that is not supported in a Server Core installation, you will need to install a full installation of WindowsServer2008.

Steps for manually installing a Server Core installation

Follow this procedure to install a Server Core installation of WindowsServer2008.

  1. Insert the WindowsServer2008 installation media into your DVD drive.
  2. Select Install Language, Time/Currency Format and Input language.
  3. Enter the Product Key.
  4. For Product Type, select Server Core Standard.
  5. For Installation Type, select Custom.
  6. Select correct Install Disk.
  7. Setup will begin copying files and will then restart the computer.

Configuring Server Core

Because a Server Core installation does not include the Windows user interface, there is no "out-of-box experience" to help you complete the server configuration. Instead you must manually complete the configuration using the command-line tools as outlined in the following steps.

Considerations when configuring a Server Core installation

  • If you close all command prompts, you will not be able to manage the Server Core installation. To recover, you can press CTRL+ALT+DEL, click Start Task Manager, click File, click Run, and type cmd.exe. Alternatively, you can log off and log back on again.
  • Because there is no Web browser, you cannot activate a Server Core installation or access the Internet through a firewall that requires users to log on.

Steps for configuring a Server Core installation

The following procedures explain how to configure a computer running a Server Core installation. The steps include:

  • Setting the administrative password
  • Setting static IP and DNS addresses
  • Activating the server

Notes:
A DHCP address is provided by default. You should perform this procedure only if you need to set a static IP address.

There is no confirmation after installing components using pkgmgr. You can generate an 'oclist' after the install to ensurethat the components are in the 'installed' category.

To set the administrative password for the first time:

  1. When your computer starts for the first time after the installation completes, press CTRL+ALT+DEL. Type Administrator for the user name and leave the password blank.
  2. The system will inform you that the password has expired and will prompt you for a new password.
  3. Type your new password.

To set a static IP and DNS:

  1. At a command prompt, type the following:
netsh interface ipv4 show interfaces
  1. Make a note of the number shown in the Idx column of the output for your network adapter. If your computer has more than one network adapter, note the number corresponding to the network adapter for which you wish to set a static IP address.
  2. At the command prompt, type:
netsh interface ipv4 set address name="<ID>" source=static
address=<StaticIP> mask=<SubnetMask> gateway=<DefaultGateway>
Where:
ID is the number from Step 2 above
StaticIP is the static IP address that you are setting
SubnetMask is the subnet mask for the IP address
DefaultGateway is the default gateway
  1. At the command prompt, type:
netsh interface ipv4 add dnsserver name="<ID"
address=<DNSIP>index=1
Where:
ID is the number from Step 2 above
DNSIP is the IP address of your DNS server
  1. Repeat Step 4 for each DNS server that you want to set, incrementing the index= number each time.

Note: If you set the static IP address on the wrong network adapter, you can change back to the DHCP address supplied by using the following command:

netsh interface ipv4 set address name="<ID>" source=dhcp

Where:

ID is the number of the network adapter from Step 2 above

To change the server’s hostname:

  1. Determine the current name of the server with the hostname or ipconfig command.
  2. At a command prompt, type:
netdomrenamecomputer<ComputerName>/NewName:<NewComputerName>
  1. Restart the computer.

To activate the server

At the command prompt, type:
slmgr.vbs–ato=-
If activation is successful, no message will return in the command prompt.

Note: You can also activate by phone, by using a KMS server, or remotely by typing the following command at a command prompt of a computer that is running WindowsVista or WindowsServer2008:

cscript windows\system32\slmgr.vbs<ServerName<UserName<password>:-ato

Summary

This new, minimalist version of WindowsServer2008 lets the IT Professional run a more secure, small-footprint server without the overhead, and the exposure, that a GUI imposes. Next we’ll take a look at managing the Server Core installation.

Managing a Server Core installation

The following procedures provide examples of common methods for managing a server running a Server Core installation, including:

  • Managing a server running a Server Core installation locally at a command prompt
  • Managing a server running a Server Core installation remotely at a command prompt
  • Managing a server running a Server Core installation by using Windows Remote Shell

To manage a server running a Server Core installation locally at a command prompt

  1. Start a server running a Server Core installation.
  2. Log on using an administrator account.
  3. At the command prompt, use the applicable command-line tool for the task you want to complete.

To manage a server running a Server Core installation using a terminal server:

  1. On the server running a Server Core installation, type the following command at a command prompt:
cscript C:\Windows\System32\ Scregedit.wsf /ar 0
This enables the Remote Desktop for Administration mode to accept connections.
  1. On another computer, click Start, click Run, type mstsc, and then click OK.
  2. In Computer, enter the name of the server running a Server Core installation, and click Connect.
  3. Log on using an administrator account.
  4. When the command prompt appears, you can manage the computer using the Windows command-line tools.
  5. When you have finished remotely managing the computer, type logoff in the command prompt to end your Terminal Server session.

Notes:

If you are running the Terminal Services client on a previous version of Windows, you must turn off the higher security level that is set by default in WindowsServer2008. To do this, after step 1, type the following command at the command prompt: