- Update container images with Copa - Mon, Nov 27 2023
- Deploying stateful applications with Kubernetes StatefulSets - Wed, Nov 1 2023
- Install and enable IIS Manager for Remote Administration - Thu, Oct 26 2023
Web Management Service
The Web Management Service is a feature of IIS that allows users to securely manage multiple IIS servers from a Windows client computer (e.g., Windows 10 or Windows 11). Before you can manage an IIS server remotely, you need to enable the Web Management Service (WMSVC) on it with Server Manager or PowerShell. To do so, connect the remote server and follow these steps.
Enable IIS remote management
Using Server Manager
- Launch Server Manager, and click the Add roles and features link.
This will launch the Add Roles and Features Wizard.
- Click Next and make sure the Role-based or feature-based installation option is selected on the Select installation type page. Then click Next.
- Select the destination server, and click Next.
- On the Select server roles page, expand Web Server (IIS), then Management Tools, and check the Management Service box.
- Click Next twice, and then click the Install button.
The Web Management Service will now be installed.
- Now, launch the Internet Information Services (IIS) manager.
- In the IIS Manager, expand the server name. You will notice various IIS management options under the Management section, as shown in the screenshot below.
- To enable the Web Management Service, double-click the Management Service icon.
- Now, check the Enable remote connections box. Here, you can also adjust other settings:
- Identity Credentials—Define whether only Windows credentials can be used for remote management. If you choose Windows credentials or IIS Manager credentials, you can use the IIS Manager Users option to create additional users solely for the remote management task.
- Connections—Configure the IP address and port number on which the Web Management Service will listen for the new connections.
- SSL certificate—Specify the SSL certificate for encrypting the remote management session. By default, a self-signed certificate is used, but you can use the Server Certificates option to add additional SSL certificates.
- IP Address Restrictions—By default, the Web Management Service allows remote management requests from anywhere. This option lets you allow or deny requests from particular IP address ranges. You can also deny requests from unspecified IP addresses.
- After enabling the remote connections and making the necessary changes, click Apply in the Actions pane, and then click Start to start the Web Management Service (WMSVC) on the web server.
- Now, open the Services console, locate the Web Management Service, open its properties, and change the startup type to Automatic to ensure the service starts automatically after the server reboot.
Your IIS server is now ready for remote management.
To configure the Web Management Service with PowerShell, open a remoting session to the target web server, and follow these steps.
- To enable the Web Management Service, run the following command:
- To enable remote connections with Windows credentials only, run the following commands:
Set-ItemProperty HKLM:SOFTWARE\Microsoft\WebManagement\Server -Name EnableRemoteManagement -Value 1 -Type DWORD -Force Set-ItemProperty HKLM:SOFTWARE\Microsoft\WebManagement\Server -Name RequiresWindowsCredentials -Value 1 -Type DWORD -Force
The second command enables the use of Windows credentials only. To use IIS Manager credentials along with Windows credentials, you can skip the second command.
- To change the startup mode of the Web Management Service (WMSVC) to Automatic and start it, run the following command:
Set-Service WMSVC -StartupType Automatic -PassThru | Start-Service -Verbose -PassThru
You can see that the service is now running.
- To add a firewall rule, run this command:
New-NetFirewallRule -DisplayName 'IIS Remote Management' -Profile @('Domain', 'Private') -Direction Inbound -Action Allow -Service 'WMSVC'
That's it. Your IIS server is now ready for remote management.
Install the IIS management console
The next step is to install two components on the client computer (running Windows 10 or 11) from where you want to manage your IIS servers remotely: the IIS Management Console and the IIS Manager for Remote Administration.
The IIS management console can be installed on Windows 10/11 using either the GUI or PowerShell.
Using the GUI
To install the IIS management console through the GUI, open Settings > Apps > Optional features, and then click More Windows features at the bottom.
Now scroll down and expand Internet Information Services > Web Management Tools, check the IIS Management Console box, and click OK.
Alternatively, you can run the following command to install the IIS management console with PowerShell:
Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServerManagementTools -All -NoRestart
the IIS Manager for Remote Administration
After installing the management console, you need to download the IIS Manager for Remote Administration for your Windows version and language. Without this, you will not see any option in the IIS Manager to connect to a remote server.
Now, run the MSI file to install the IIS Manager for Remote Administration.
Connect the remote IIS server
Now, you can add your remote web server to the IIS Manager console to manage it remotely. To do so, follow these steps:
- Launch the Internet Information Services console through the start menu or type inetmgr in the Run dialog box.
- In the Internet Information Services (IIS) Manager, click File > Connect to a Server.
- Type the name of the remote IIS server to which you want to connect, and click Next.
- Type the credentials for the remote IIS server, and click Next.
If the remote IIS server uses a self-signed certificate, you will see an alert, as shown below.
You can click View Certificate to view the certificate details, and then click Connect to establish a connection.
- You will see a success message when the connection is successful, as shown in the screenshot below.
If you get a connection timeout error, make sure you have added a firewall exception to the remote server.
- When you click Finish, you might see a popup to enable new features. Here, you can select the checkbox next to each feature and click OK to install the assemblies required for the new features. These assemblies help you manage the additional features (such as URL rewrite and PHP manager) supported remotely by your IIS server.If you see a security warning, click the Run button.
- You will now see a connection to your IIS server (WebServer, in our case) in the left pane. Click the connection name to securely manage your IIS server and sites remotely.
Follow the same steps and add other web servers to start managing them centrally from one computer.
Subscribe to 4sysops newsletter!
You just learned how to perform remote IIS management using a Windows 10 or Windows 11 machine. The initial configuration can be time-consuming, but trust me, it will save a lot of time and effort, particularly if you need to manage many IIS servers regularly. When combined with feature delegation, remote IIS management can allow regular users to manage sites and applications remotely without having to add them to the built-in Administrators group.