Using Remote Administration
To
use remote administration in IIS Manager, you need to establish a
connection to a remote machine that is running the Web Management
Service. To provide more flexibility, IIS Manager introduces three types
of connections that provide different granularity and different scopes
and capabilities for management: Connect To A Server, Connect To A Site,
and Connect To An Application. Figure 15
shows the three options in the File menu of IIS Manager. You can also
find these options on the Start page and the Connections pane context
menu.
Server connections let the server
administrator manage the entire server. The administrator will have full
control over every setting and every feature on the machine. Only
Windows users with administrative privileges are allowed to make this
type of connection. For these users, configuration locking alters only
where the configuration settings are saved, and these users are the only
ones who can make modifications in applicationHost.config and the root
Web.config.
Site connections enable both server
administrators and site administrators (delegated users that have been
granted permissions to connect to the site) to manage the entire site,
including any of its applications. Their scope is limited to the site,
and they will never be able to modify any of the server-level
configuration files such as applicationHost.config or the root
Web.config. If configuration is locked at the server level for any
configuration section, the related feature will automatically become
Read-Only, and no changes will be allowed.
Application connections enable
server administrators, site administrators, and application
administrators (delegated users that have been granted permissions to
connect to the application) to manage the entire application including
folders and virtual directories, but not applications underneath the
particular application. Their scope is limited to the application, and
they will never be allowed to change either server-level configuration
files or site-level configuration files. If configuration is locked at
the site level or at any parent folder, the feature will automatically
become Read-Only, and no changes will be allowed.
Figure 16 shows the Connect To Application dialog box.
After clicking Next, you will be prompted for credentials in the dialog box shown in Figure 17. As mentioned before, these can be Windows user or IIS Manager users credentials.
After the connection is established you
will see a new entry in the Connections pane, indicating the type of
connection as well as the user name supplied to make the connection.
Similarly, at the lower-right corner of the status bar, you will see the
server name, the port, and the user name used for the connection. On
the Home page, only the features that have been delegated (either
Read-Only or Read/Write) will be shown. Figure 18
shows how the ASP feature setting is shown as read-only for an
application connection because its configuration is locked by default.
Note
When
using a different port than the default 8172, you will need to enter it
in the server name text box when making the connection, for example, MyMachine:8173.
