Rodney Buike - Founder and original lazy admin.

Daniel Nerenberg - Lazy admin 2.0


These postings are provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use.

Load Balancing Cloud Services

The last post I wrote covered auto scaling of Azure VMs which was a solution to one problem but didn’t provide high availability if there was an issue in a particular region or if you were looking to improve performance for a globally diverse user base.  Enter Azure Traffic Manager…

Microsoft Azure Traffic Manager allows you to control the distribution of user traffic to your specified endpoints, which can include Azure cloud services, websites, and other endpoints. Traffic Manager works by applying an intelligent policy engine to Domain Name System (DNS) queries for the domain names of your Internet resources. Your Azure cloud services or websites can be running in different datacenters across the world.

With ATM you can deploy cloud services in a variety of regions and then load balance them across those regions based on a couple of options:

AutoScale Azure Virtual Machines

Well this was interesting.  Autoscaling Azure Websites is pretty easy, simply upgrade to the Standard Tier and configure your auto scale rules.  But what if that website is actually SharePoint and instead of Azure Websites you are using Azure VMs?  That takes a little more effort and a few options, namely Availability Sets and Load Balanced Endpoints.

For the sake of this post I just used the standard Public Virtual IP (VIP) which will work as long as I don’t shut down all the VMs running in the Cloud Service, plus I am just using the domain name.  If you are going to do this in production you should use a Reserved Virtual IP for your cloud service as this will stay the same or use a CNAME to point to your domain name.  To create a reserved VIP for your cloud service you’ll need PowerShell and the

Continue reading AutoScale Azure Virtual Machines

Windows Certsrv SSL Certificates and Apache

There are quite a few organizations that have their infrastrucutre running on Windows yet the web presence runs on Apache.  This site once ran on Apache as well but I used my Windows CA to create an SSL certificate for the server.  Someone asked me how to do this and here is how!

On the Linux server open up a terminal and run the following commands.  The first one creates the private key

openssl genrsa -des3 -out mywebserver.key

Next we must validate the key and we can do this with

openssl rsa -noout -in mywebserver.key

Once this is complete we need to create the CSR.  The CSR is what we will generate the private key we will hand to the Windows CA.

openssl req -new -key mywebserver.key -out mywebserver.csr

Again we have to validate this key

openssl -noout -text -in mywebserver.csr

Lastly we can “print” the certificate requset to import

Continue reading Windows Certsrv SSL Certificates and Apache

IIS 6.0 MIME Type Handling

MIME (Multipurpose Internet Mail Extensions) types are used to instruct a Web browser or mail application how to handle a file received from a server. For example, when your Web browser requested an item on this server, it also requested the MIME type of the object.

Some MIME types, JPEG’s for example, can be displayed inside the browser. Others, such as Word or Excel documents or EXE files, require an external helper application to be displayed or downloaded. You may have tried to make some files downloadable from your web server only to get an error when trying to view or download the file.

HTTP Error 404 – File or directory not found.

You know the file is there and the link is correct, but what you missed was defining the MIME type on the server. There are two ways you can remedy this, you can add a

Continue reading IIS 6.0 MIME Type Handling

Create IIS Application Pools with VBS

Windows Server 2003 provides us several ways to manipulate IIS, the first being GUI based. This, while useful, becomes cumbersome if you are administering more than a few sites. The second option is to do things programmatically, either utilizing the build in scripts, or writing your own. TLA reader Gerald Bunch has written an excellent how to on creating IIS Application Pools with VBS.

To do this, one must get their hands dirty. No fears, however, notepad and VB script have caused many a headache, but never a fatality. First, the script


csript.exe CreateAppPools.vbs

If we take a look at IIS Manager after the script is run we should see the new Application Pool.

For more information see:

IIS Command Line Administration

Download CreateAppPool.vbs Script

IIS 6.0 and SSL Host Headers

Using IIS, you can host multiple Web sites on a single server. There are a number of ways to distiguish between them but host headers allow you to host them on a single IP Address and Port. With IIS 6.0 you can also use host headers on SSL web pages as well.

IIS allows you to assign multiple Web sites the same IP Address/Port and distinguish them from each other with host headers. When an IIS server receives a request for a Web page, it looks for the HTTP header which contains the actual domain name requested. IIS can then use this information to “route” the request to the proper Web site. In order to configure SSL with host headers, you will need to obtain a wildcard server certificate. In order to do this you first must create the certificate request. Follow the normal procedure, however when you are asked

Continue reading IIS 6.0 and SSL Host Headers

Moving the SMTP Mailroot Directories

A “best practice” for Exchange 2000 and 2003 server performance is to move the SMTP queues to a seperate partition. The queue is located in the Mailroot directory and the default location is Program FilesExchsvrMailrootvsi # (# is the SMTP Virtual Server number).

To move the Queues we first need to create a new Queue folder and a new Badmail folder, moving the Badmail directory is not necessary but still recommended. It is also recommended to place these directories on a redundant array. Next open up the Exchange System Manager and drill dow to the SMTP Virtual Server, right click and select Stop. Next right click and select Properties, then click the Messages tab. Under the Queue Directory heading, enter in the new path to the SMTP Virtual Server queue directory.

You can do the same for the Badmail directory.

Continue reading Moving the SMTP Mailroot Directories

HTTP Response Codes

If you have ever looked through your web server logs, or come across a 404 error on a website you are familiar with HTTP response codes. These codes tell you that a request has been processed, if it was successful, or if an error occured.

These response codes can tell you a lot, and are very useful when it comes to troubleshooting, but what exactly do they all mean? The following is a list of HTTP Response codes and their meaning. There is a PDF that you can download at the end of this article as well.

For more information see:

HTTP Response Code download

Article ID: 318380 – IIS Status Codes

Popular HTTP Response Codes In Detail

IIS 6 Logging

Logging traffic to your websites can offer a slew of information that maybe useful to IT staff, management and marketing. By determinig which pages are most popular, where visitors are coming from, and what browser they are using is helpful information you can use to improve your website.

IIS 6 supports four different logging formats:

  • W3C Extended – This format offers the most choices when it comes to what information you would like logged however there is such a thing as too much information.

  • Microsoft IIS – This simple CSV file logs the basic information in ASCII format. There is no customization available.

  • NCSA Common – Similar to the Microsoft IIS format, it is also a basic ASCII formatted file, however it is more compatible with non-MS server logs.

  • ODBC – This format logs to a database, rather than a flat file as the previous

    Continue reading IIS 6 Logging

Isolating IIS FTP Users

Internet Information Services (IIS) includes an FTP component which can be used to transfer files. If you have multiple FTP users and wish to isolate them from each other you can use FTP Isolation to accomplish this goal. This can be used if you are hosting multiple web sites and only want the FTP user to have access to their WWW root directory.

There are two modes that the IIS FTP Service can run in, normal mode and isolation mode. The first step, after installing the FTP service, is to delete the Default FTP Site.

Next we will create a new FTP Site. Right-click on the FTP Sites node in the IIS Manager MMC and select New –> FTP Site.

The FTP Site Creation Wizard will start up, click Next to proceed. Enter a description for the site and click Next.

Continue reading Isolating IIS FTP Users