How to Determine Differences between IIS Servers - Configuration Drift

 

I commonly hear the phrase “The web application worked in the pre-production environment and now is encountering issues in production and the server’s configuration are identical!” when I appear onsite to help assist with the resolution of the issues. Upon further investigation, an IIS module has not been installed on the production server, or the configuration is different for an application pool setting between the pre-production and production environments. This is a very common scenario I encounter in the field and here are some suggestions on how to determine differences between IIS servers in an IIS farm environment or between servers in different environments, such as pre-production and production. Keeping server configuration and content synchronized is always a challenge and I hope these suggestions help out.

ApplicationHost.config Comparison:

This method will compare the IIS level settings between servers by using a file comparison utility. This will only show IIS settings within the applicationhost.config only and will not show the IIS settings stored in the web.config files at the application level. In addition, it will not show the differences within the application at the file level. A utility with a folder level comparison feature would help show these types of differences.

Copy the applicationhost.config file (c:\windows\system32\inetsrv\configuration) from the baseline server, or the server with the correct configuration in which the comparison is made to the other servers and rename to the file to the computername_apphost.config.

Copy the applicationhost.config file from the other servers and rename appropriately.

Using the file comparison utility, compare the applicationhost.config file from the baseline server to the other applicationhost.config file obtain from the other servers. This is a very quick method to show the IIS differences and may shed some light on the issue.

Web Deploy:

For a more in-depth comparison between IIS servers, utilize the Web Deploy utility to highlight the IIS and web application differences. This utility will not display missing web application dependency files or incorrect versions of the .NET framework and these missing files will be displayed upon running the application on the server.

Get IIS Dependencies:

Web Deploy will synchronize web site content and configuration, but it will not synchronize IIS features and installed components. Each component must be installed separately on the target Web server. For example, ASP.NET or Windows authentication must be installed separately on the target Web server. The dependencies list that is returned will indicate which components must be installed. The getDependencies command is very useful to determine major differences between IIS servers. Here is the link for more information on the command.

This command will determine differences in IIS features and components between the local IIS and remote server:

msdeploy -verb:getDependencies -source:webServer –dest:webServer,compuntername=10.0.0.2 –verbose –whatif c:\_webDeploy\ServerDepends.txt

Web Deploy Package Comparison:

This method uses the Web Deploy utility to create packages (zip file with IIS settings and web application files) and conducts a comparison between the two packages and outputs the differences to a text file. This method is helpful when comparing servers in different domains without a trust between domains, or the servers being compared are in a DMZ without a domain trust to the baseline server.

Create Package on local server, or baseline server:

msdeploy -verb:sync -source:webServer -dest:package=c:\_webDeploy\BaselineServerPackage.zip

Restore Package on Server in Comparison:

msdeploy -verb:sync -source:package=c:\_webDeploy\BaselineServerPackage.zip -dest:webServer -whatif > c:\_WebDeploy\ServerDifferences.txt

Direct Synchronization between Servers:

This method will compare the two servers and output the differences to a text file and will omit the step of creating a package and is a much faster method to conduct the comparison. If the servers are not in a trusted domain, the user name and password must be added to the command to ensure authentication between servers.

Use the baseline IIS server as the source server and output the differences either to the screen or a text file.

msdeploy.exe –verb:sync –source:webServer –dest:webServer,computername=10.0.0.2 -verbose –whatif > c:\_webDeploy\ServerDiff.txt

If the servers being compared are not in a trusted domain, add the user name and password to the command:

msdeploy.exe -verb:sync -source:webServer -dest:webServer,computername=10.0.0.2,username=IIS001\administrator,password=P@ssword1 -whatif > c:\_WebDeploy\ServerDiff.txt

Web Site Level Comparison:

The aforementioned commands are a server level comparison. To conduct a more granular comparison, use the web site level provider in Web Deploy.

msdeploy.exe –verb:sync –source:appHostconfig=”TailspinToys” –dest:appHostconfig=”TailspinToys”,computername=10.0.0.2 –verbose –whatif > c:\_webDeploy\WebSiteDiff.txt

Web Application Level Comparison:

The iisapp provider enables a web application level comparison and the addition of the AppPoolExtension will provide additional details on the application pool configuration.

msdeploy.exe –verb:sync –source:iisapp=”TailspinToys/catalog” –dest:iisapp=”TailspinToys/catalog”,computername=10.0.0.2 -enableLink:AppPoolExtension –verbose –whatif > c:\_webDeploy\WebAppDiff.txt