1. Installing the Web Server (IIS) Role
Now that you understand the installation
process, including the modules, the next step is to install the Web
Server (IIS) role. You must have Local User Administrator (LUA)
security privileges on the Windows Server 2012 system to be able to
install IIS. There are two ways to begin the installation: adding the
Web Server (IIS) role via Server Manager or installing the services via
PowerShell.
To install the Web Server (IIS) server role using Server Manager, follow these steps:
1. Start Server Manager using the taskbar icon.
2. From the Manage menu, select Add Roles and Features.
3. Click Next on the Before you Begin page after reading the notes provided.
4. Click Next to accept the default installation type of Role-Based or Feature-Based Installation.
5. Select the web server from the server pool and click Next.
6. On the Select Server Roles page, install IIS 8 by selecting Web Server (IIS) in the Roles section, as shown in Figure 1.
A new section will be added to the Installation Wizard to allow
selection of specific role services for the installation. Click Next.
Figure 1. Selecting the Web Server (IIS) role during the installation process.
7. Click Next to accept the existing features.
8. Review the introduction messages and notes on the Web Server Role (IIS) page, and then click Next.
9. Select the desired
Web Server IIS role services to install. The default settings include
Static Content, Default Document, Directory Browsing, HTTP Errors, HTTP
Logging, Request Monitor, Request Filtering, Static Content
Compression, and the IIS Management Console. Click Next.
Note
When installing some of the IIS role
services, the wizard warns you that additional role services and
features are required as dependencies. Click Add Features to install
the dependencies.
10.
On the Confirm Installation Selections page, review the roles,
services, and features that have been selected for installation, and
then click Install to commence the installation process.
11. Ensure the installation succeeded by reviewing the messages on the Installation Results page, and click Close.
Note
After the installation is complete, you can
add or remove IIS role services and features by clicking either Add
Role Services or Remove Role Services within Server Manager based on
the Web Server (IIS) role.
Installing the Web Server (IIS) Role via PowerShell
Windows features and roles such as IIS 8 can
be installed using the command line with Windows PowerShell. To install
a default installation of IIS 8, run the following script from an
elevated PowerShell window:
add-windowsfeature Web-Server,Web-WebServer,Web-Common-Http,web-Static-Content,
Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Logging,
Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,
Web-Filtering,Web-Stat-Compression, Web-Mgmt-Console
Alternatively, the following syntax install alls the IIS 8 features and functionality:
add-windowsfeature Web-Server, Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,
Web-Metabase,Web-Lgcy-Mgmt-Console,Web-Lgcy-Scripting,Web-WMI,
Web-Scripting-Tools,Web-Mgmt-Service,Web-WebServer,Web-Common-Http,
web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,
Web-Http-Redirect,Web-DAV-Publishing,Web-Health,Web-Http-Logging,
Web-Custom-Logging,Web-Log-Libraries,Web-ODBC-Logging,Web-Request-Monitor,
Web-Http-Tracing,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,
Web-Security,Web-Basic-Auth,Web-CertProvider,Web-Windows-Auth,Web-Digest-Auth,
Web-Client-Auth,Web-Cert-Auth,Web-Url-Auth,Web-Filtering,Web-IP-Security,
Web-App-Dev,Web-ASP,Web-Asp-Net,Web-Asp-Net45,Web-CGI,Web-Includes,
Web-WebSockets,Web-Net-Ext,Web-Net-Ext45,Web-ISAPI-Ext,Web-ISAPI-Filter,
Web-AppInit,Web-FTP-Server,Web-FTP-Service,Web-FTP-Ext,Web-WHC
Note
To get a list of available features and which role services in Server Manager they map to, use the Get-WindowsFeature cmdlet.
2. Upgrading from Other Versions of IIS
In many situations, a fresh installation of
IIS 8 and Windows Server 2012 will not occur because organizations
might want to preserve the existing IIS settings and content.
Therefore, organizations must upgrade their existing IIS infrastructure
to IIS 8. With the upgrade of the earlier version of Windows to Windows
Server 2012, IIS is also automatically upgraded, allowing web content
to be preserved, translated, and, finally, transitioned. However, you
should note early in the process that Windows Server 2012 only supports
a direct upgrade path from Windows Server 2008 R2, which means only an
in-place upgrade from IIS 7.5 is supported. Likewise, if legacy
versions of IIS need upgrading, such as IIS 6.0 or 7.0, you must first
upgrade the operating system to Windows Server 2008 R2 and then to
Windows Server 2012.
The upgrade process for IIS is conducted in
three major phases. In the first phase, the new operating system
detects and performs an inventory of IIS components and features
already installed on the operating system. The second phase of the
upgrade process involves upgrading the legacy operating system to
Windows Server 2012. After the Windows Server 2012 upgrade is complete,
the final phase kicks in and automatically upgrades the legacy IIS
components to IIS 8 and installs the appropriate IIS 8 features.
As is typically the case
with most revised products, Windows Server 2012 IIS is inherently
superior to its earlier versions. In particular, it lays claim to being
more secure. This is witnessed during upgrades of websites to IIS 8.
Website services are stopped after the upgrade and must be manually
restarted, thus minimizing IIS security vulnerabilities due to previous
Windows defaults and configuration. To allow for more clarity, suppose
you have a Windows server with IIS installed, but it isn’t hardened
appropriately; the server will be more secure by default after you
upgrade to IIS 8 because it will not be serving websites and FTP sites
automatically and be a target for attacks.
Another appealing reason for
upgrading from earlier versions of IIS is that IIS 8 includes improved
security features such as dynamic IP restrictions and improved SSL
support. After upgrading, it is best to review the security
requirements of the organization and the application and implement any
additional relevant features.
