Wednesday, December 15, 2010

Thursday, December 2, 2010

One time Server setup for WCF apps hosted in IIS 7

Copy form http://msdn.microsoft.com/en-us/library/ms751527.aspx



Most of the Windows Communication Foundation (WCF) samples are hosted in Internet Information Services (IIS) and run from a common virtual directory. This one-time setup procedure creates a folder on the disk; it also adds a virtual directory to IIS namedServiceModelSamples.
The ServiceModelSamples virtual directory is used for building and running all samples that use an IIS-hosted service. This is the only virtual directory that is required to run the samples. Building a sample will replace any previously deployed service at this virtual directory; only the most recently built sample will be deployed and available in this virtual directory.
noteNote:
You must run all commands under a local administrator account. If you are using Windows 7, Windows Vista, or Windows Server 2008 R2, you must also run the command prompt with elevated privileges. To do so, right-click the command prompt icon, and then click Run as administrator. All commands in this topic must be run in a command prompt that has the appropriate path settings. The easiest way to ensure this is by using the Visual Studio Command Prompt. To open this prompt, click Start, select All Programs, scroll down to Visual Studio 2010, select Visual Studio Tools, right-click Visual Studio Command Prompt (2010), and then click Run as administrator. If you have one of the Visual Studio Express editions installed, this command prompt is not available, and you will have to add "C:\Windows\Microsoft.Net\Framework\v4.0" to the system path.

One-time setup procedure for WCF samples

  1. Ensure that ASP.NET is set up. For more information about how to set up ASP.NET, seeInternet Information Service Hosting Instructions.
  2. Ensure that .NET Framework version 4 is installed. Search the following directory for v4.0 (or later): \Windows\Microsoft.NET\Framework
  3. If Visual Studio 2010 is not installed, and your operating system is not Windows Server 2008 SP2 or later, install Hotfix 251798.
  4. Run the following commands. For more information about why these commands must be run, see IIS Hosted Service Fails.
    Warning Caution:
    If IIS is reinstalled, the following commands will need to be run again.

    "%WINDIR%\Microsoft.Net\Framework\v4.0.30319\aspnet_regiis" -i -enable
    "%WINDIR%\Microsoft.Net\Framework\v4.0.30319\ServiceModelReg.exe" -r
    
    Warning Caution:
    Running the command aspnet_regiis –i –enable will make the Default App Pool run using .NET Framework 4, which may produce incompatibility issues for other applications on the same computer.
  5. Follow the Firewall Instructions for enabling the ports used by the samples.
  6. Check for the following default directory: <InstallDrive>:\WF_WCF_Samples. If the samples were previously installed, this is the default directory.
  7. If the samples are not installed, install them from the samples download location for Visual C# or Visual Basic.
  8. After installing the samples, go to : <InstallDrive>:\WF_WCF_Samples\WCF\Setup\
  9. Run the Setupvroot.bat batch file. The following steps are performed:
    • A virtual directory is created in IIS named ServiceModelSamples.
    • New disk directories are created named %SystemDrive%\Inetpub\wwwroot\ServiceModelSamples and %SystemDrive%\Inetpub\wwwroot\ServiceModelSamples\bin.
    If you prefer to set up these directories manually, see the Virtual Directory Setup Instructions. To revert all changes done in this step, run cleanupvroot.bat after you finish using the samples.
    noteNote:
    This procedure must be performed only once on a computer, unless cleanupvroot.bat is run.
  10. You must grant permission to modify for %SystemDrive%\inetpub\wwwroot to the account under which you are building the samples and the Network Service user. While building, some Web-hosted samples might attempt to copy the compiled binaries to the previously mentioned location, and if you have not set the appropriate permissions, the build will break. Alternatively, you can leave the permissions as they are and run the SDK command prompt or Visual Studio Command Prompt (2010) as Administrator, or build the samples in Visual Studio 2010, also run as Administrator.
    noteNote:
    If this step is not completed, all IIS-hosted samples will fail while building. Ensure that you set the permissions correctly, or run both the SDK command prompt and Visual Studio Command Prompt (2010) as Administrator.
  11. Create a C:\logs directory on the computer; some samples might be expecting it. Make sure that the appropriate account has write access granted to this folder. For Windows 7, Windows Vista, and Windows Server 2008 R2, this account is Network Service. For Windows Server 2008, the account is NT Authority\Network Service. For Windows XP and Windows Server 2003, the account is ASPNET.
  12. Run the Setupcerttool.bat file. This file is located in the <InstallPath>\WF_WCF_Samples\WCF\Setup\ folder. This script will perform the following tasks:
    • Build the FindPrivateKey tool.
    • Create a directory called %ProgramFiles%\ServiceModelSampleTools.
    • Copy the new FindPrivateKey tool to this directory.
    This tool is required by samples that use certificates and are hosted in IIS.
    noteNote:
    For security purposes, remember to remove the virtual directory definition and permissions granted in the setup steps above by running the batch file named Cleanupvroot.bat after you are finished with the samples.
  13. Samples that are self-hosted (not hosted in IIS) require permission to register HTTP addresses on the computer for listening. The permission for an HTTP namespace reservation comes from the user account used to run the sample. By default, administrator accounts have the permission to register any HTTP address. Non-administrator accounts must be granted permission for the HTTP namespaces used by the samples. For more information about how to configure namespace reservations, see Configuring HTTP and HTTPS.
  14. Some samples require Message Queuing. See Installing Message Queuing (MSMQ) for installation instructions.
    noteNote:
    Ensure that you start the MSMQ service before you run any samples that require Message Queuing.
  15. Some samples require certificates. See Internet Information Services (IIS) Server Certificate Installation Instructions.



Build Date: 2010-08-02

Adding remote publish to Server 2008 R2

Copied from http://forums.iis.net/t/1163109.aspx

I've spent the past week working though MSDeploy issues trying to get my VS 2010 Beta2 to one-click deploy to my Windows Server 2008 R2 with IIS 7.5.  I've managed to get it working but have taken quite a circuitous route through many trials and errors.  So I'll post what I think were some key hints I stumbled upon that may save others some time.
-------------
HINT #1 - In IIS Manager's "Web Platform Installer", install *all* of the "Management" features and after that run the "Web Deployment Tool" installer.

I had just "IIS Management Console" and "Management Service" installed (with WMSVC confirmed as running in Services admin panel) and I'm pretty sure that I only saw TWO, not FOUR installable features when I ran the "Web Deployment Tool" installer (http://www.iis.net/expand/WebDeploymentTool).  The options "IIS 7 Deployment Handler" and "Management Service Delegation UI" were *not* available even though WMSVC installed and running on my machine.  (Is this a bug in docs or in "Web Deployment Tool" installer??)

But after installing *all* Management features in the "Web Platform Installer",

when I re-ran the "Web Deployment Tool" installer (Control Panel | Programs | Programs and Features, then right-click "Web Deployment Tool" and select "Change") the two new features showed up (showing all features listed in picture above) and I was able to mark them as "install to hard disk" and get them installed.  Then and only then was I able to see the "Management Service Delegation" feature in IIS Manager.

At this point, I was still getting "(404) Not Found" errors from the MSDeploy client.
-------------
HINT #2 - If getting inexplicable "(404) Not Found" and you're sure WMSVC and MsDepSvc are both running (OS' Services panel), try adding explicit IPv4 "Allows" in IIS Manager's "Management Service" pane.  Don't know why this worked, but I explicitly added an "Allow..." for my local IP subnet in the "IPv4 Address Restrictions" area of "Management Service" pane in ISS Manager.

And then my client stopped reporting "(404) Not Found" errors.  Funny thing was I reverted back by removing the explicit "Allow" for local IP subnet and the client continued to work so I cannot say what was causing the "(404) Not Found" errors...a strange bug which goes away when inserting and then removing explicit "Allows"??
Once past the "(404) Not Found" error, the one-click wizard was reporting a different type of error.  I was getting "you do not have permissions" and "see your System Administrator" (that would be me) errors from my one-click client.
-------------
HINT #3 - Do verbose logging on your server side to debug permissions problems seen by MSDeploy clients.
Read this article http://technet.microsoft.com/en-us/library/ee461173%28WS.10%29.aspx and set up full (verbose, level 4) tracing across "All" (-1 in regedit didn't work for me but 0x1ff aka 511 did) trace sources.  Then try something from your VS 2010 Beta2 one-click deploy client and read the verbose XML logs on your IIS machine to figure out what additional permissions to grant (hint, visually read from end of XML file until you see a stack trace and just above it usually you'll find an English string describing root cause).  In the end, I ended up with two key grants in IIS Manager's "Management Service Delegation" pane.

The first grants delegation to "*" (all) users, and I have a special IIS Manager User I configured for installs, to do "dbFullSql" provider for specified data source.  The second grants delegated privileges to do all other relevant MSDeploy providers.  Also, don't forget that since WMSVC runs as NT account "Local Service" that you must grant "Local Service" appropriate SQL Server access (I used SQL Server Studio to do that) and file directory permissions.  A good articles on those required file system grants:  http://blogs.iis.net/krolson/archive/2009/11/04/using-iis-manager-accounts-for-web-deployment-tool-msdeploy-delegation.aspx.
-------------
Once I was able to get all Web Deployment Tool features installed, get past (404) Not Found errors, and work out delegated permissions, I was able to get one-click deploy fully working (and it is a nice feature).  I hope these hints help save you some time getting one-click working.
-Andy

Wednesday, December 1, 2010

Enable multiple Remote Desktop connections

You can easily change the default configuration for Remote Desktop on Server 2008 R2.  I believe the same procedure will work on Windows 7 but have not tested it.

Open the Group Policy Editor (gpedit.msc)

Navigate to Administrative Templates \ Windows Components \ Remote Desktop Services \ Remote Desktop Session Host \ Connections

We are interested in two setting here: Limit number of connections and Restrict Remote Desktop Services users to a single Remote Desktop Services session.

Edit the Limit number of connections setting to allow unlimited connections by setting the value to 999999.

Disable the Restrict Remote Desktop Services users to a single Remote Desktop Services session setting.

Be sure to apply you changes.

That is it.