Here is a checklist I put together while moving a bunch of Classic ASP sites from IIS 6 to 7:
(1) Do not name site folders with .com at the end.
(2) Create user account:
- [app pool user identity] is app_pool_blahblahblah, pw: xxxxxx
(3) In Server Manager, right click "Web Server (IIS)" and choose "Add Role Services". Add IIS 6 Management Compatibility.
(4) In Server Manager under features add SMTP server.
Install IIS6 Resource Kit so you can
Use Metabase Explorer.
Grant the [app pool user identity] user read access to the /Local Machine/SmtpSvc/ and /Local Machine/SmtpSvc/1/ nodes in the IIS Metabas
(5) In Application Pool, advanced settings:
- set .Net Framework version to "v2.0" <-- fixed issue with default asp doc not working!
- set "Enable 32-bit applications" to TRUE.
- set managed pipeline mode to "Classic".
- under Process Model, change Identity to "[app pool user identity]" account we created.
- be sure "load user profile" is set to FALSE.
- be sure "maximum worker processes" is "1".
(6) Mail: In IIS 6 Management Console:
http://intellitect.com/configuring-windows-smtp-server-on-windows-2008-for-relay/
- Under SMTP Virtual Server Properties:
-- "Access" Tab --> Relay: add IPs of this box, including 127.0.0.1
-- "Delivery" Tab --> Advanced: for "fully qualified domain name" put name of box
-- "Delivery" Tab --> Advanced: for "smart host" put "dedrelay.secureserver.net"
-- "Delivery" Tab --> Outbound connections: Make sure limits are set to 100.
-- "Security" Tab --> add "[app pool user identity]" and IIS_IUSRS
(7) In IIS 7.5 under web site:
- Under ASP:
-- ONLY IF PROBLEM: set enable buffering to "false"
-- under limits change max req entity and buffering limit to 1024000000
-- set script language to "vbscript"
-- set "send errors to browser" to true
- Authentication --> edit "Anonymous Authentication" and set to app pool identity.
- ONLY IF PROBLEM: under error pages: under 404 set to "/home.asp" and "execute URL"
- ONLY IF PROBLEM: edit c:\windows\system32\inetsrv\config\applicationHost.config: change to "Allow"
- under Management (at bottom) go into "Configuration Editor".
-- In the dropdown go to System.web --> http runtime and change maxRequestLength to 1024000000
-- In the dropdown go to System.webserver/security/requestFiltering --> chg allowDoubleEscaping=true
(8)
Set "Modify" Permissions for the following folders:
- windows\temp
- inetpub\temp
- inetpub\mailroot
- ONLY IF PROBLEM: windows\serviceprofiles\networkservice\AppData\Local\Temp?
AND Set Permissions in registry:
- ONLY IF PROBLEM: HKLM\SOFTWARE\Wow6432Node\Microsoft\Jet\4.0\Engines?
FOR THESE USER ACCOUNTS:
- IIS_IUSRS
- [app pool user identity]
- NETWORK SERVICE
(9) Install and Use Process Monitor to find permissions issues - filter