Archive for February, 2008

h1

Not nearly enough rope, but I’m almost ready to hang myself

Friday, February 1st, 2008

After a long stretch of successfully avoiding getting too involved with development on a Microsoft platform, I find myself taking on the day-to-day development, debugging and support of some IIS/.NET-based applications. The apps themselves are well designed, I’m content enough to deal with C# and .NET in the scheme of things.

When it comes to interacting with the server to do any configuration, maintenance, monitoring or debugging, however, I find myself cursing more often than not.

On this one particular server, I install the .NET runtime, SQL Express, TekRADIUS, and then notice that IIS is not installed, so I install it. It will serve static pages but not .NET pages. The logs didn’t tell me anything – no indication that an access attempt was made or rejected. It takes me nearly a day to figure out that it won’t talk properly to .NET until both IIS and .NET are completely uninstalled and then reinstalled in a different order. There’s no “fix it with this config tweak”, it’s just “reinstall in a different order and it should work”. Magically, it does, but I’m not confident that it’s more than a coincidence. I’d rather know why, however, I don’t care to spend another day of this project plan on it.

I have a 30 megabyte server log file to inspect. Let’s see, what tools does Win2k3 server provide for me to look at it? Umm….. notepad. But not until I add it to “send to” or associate the file extension. How do I filter it? I can use “find” at the commandline and redirect into another file, but find is practically useless with no regular expressions. “More” only pages through the output in one direction. Where’s “tail”? I have to repoen the 30M file after I try another server access and then want to see the next entry? What do people in the W2k3 world use instead of “tail -f”? And what about log rollover? Is there nothing built into W2k3 server to manage the zipping, archiving and deletion of log files? It seems not. Any tools you will need to manage this baby don’t come with it, you have to get them yourself and install them. The tools supplied fall wayyyy short of being useful. Try to use the Event Viewer to filter by regular expression into a file that you can then manipulate further. You have to write your own programs to do stuff like this or get third-party tools. You can install Powershell, which is a great improvement, but my solution is just to install UnxUtils and get right down to being productive.

I want to use SSL. I set the SSL port, restart the instance, try https://localhost – nothing. Look at logs, nothing. Turns out I have to have a cert in place before it will work, not that the server was going to give me any hints. I had assumed a self-signed cert would be there by default. I have to find and download an SDK and follow a dozen-step process to build a cert, then import it into the cert store.

The entire configuration is a collection of settings that are entered or inspected one-by-one by tediously navigating the management GUI to varying depths of dialogs. When I have my config together and I want to set up the next server, I don’t provide it with a monolithic settings file from my reference system, I have to tediously make each click and entry, then backtrack and debug when I inevitably miss something critical. I understand the typical approach is to build a reference system and clone it, then mess with the machine IDs. What a palaver.

When I finally get through a marathon session of setting up a Windows server “just so” to make my application work, it’s like I have created a finely balanced stack of Jenga blocks from which I back away slowly on tiptoe, praying it doesn’t tumble. I’ve got very little confidence that fixing anything will be an excercise in logic and deduction more than having to know some obscure incantation or uninstalling components wholesale and reinstalling and reconfiguring them.

I’m afraid I find it really difficult to understand how any Windows server can be considered a serious business tool when it’s shipped without even the most rudimentary tools to effectively inspect, monitor and maintain its operation.