Working With Configuration Files in IIS 7

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

In IIS 7, the configuration system enables you to customize Web server administration by delegating configuration sections from server-level configuration files to Web.config files in your sites, applications, and virtual or physical directories.

Delegating Configuration in IIS 7.0

In IIS 7, the locking and unlocking of sections in configuration is known as feature delegation, and these actions enable you to define at what level IIS will read and write configuration. By default, all sections in configuration are locked and can be configured only in server-level configuration files except for the following sections (also referred to as features):

  • Default document

  • Directory browsing

  • HTTP protocol

  • HTTP redirect

You can unlock additional configuration sections to let non-administrators view and change configuration for the unlocked sections in Web.config files for specific sites, applications, directories, or even URLs. For example, you might unlock the connectionStrings section to let non-administrators configure settings to connect their applications to databases. Alternatively, if you want only administrators to view and change configuration, you can lock all configuration sections and store settings only in server-level configuration files.

Configuration Levels

In IIS 7, you can configure settings at the following levels:

  • Web server

  • Site

  • Application

  • Virtual or physical directory

  • URL (also known as file-level configuration)

Note

To configure settings at a child level, a configuration section must be unlocked (also known as delegated) at the parent level or levels. For example, to configure a feature at the application level, the related configuration section or sections must be delegated at both the server and the site levels.

Configuration Files

Configuration exists in a physical directory in either server-level configuration files or in Web.config files. Every configuration file maps to a specific site, application, or virtual directory.

Server-level configuration is stored in the following configuration files:

  • Machine.config. This file is located in %windir%\Microsoft.NET\Framework\framework_version\CONFIG.

  • Root Web.config for the .NET Framework. This file is located in %windir%\Microsoft.NET\Framework\framework_version\CONFIG.

  • ApplicationHost.config. This file is located in %windir%\system32\inetsrv\config.

Site, application, and virtual and physical directory configuration can be stored in one of the following locations:

  • A server-level configuration file. When configuration for a site, application, directory, or URL is stored in a server-level configuration file, you must use a location tag to specify the site, application, directory, or URL to which the configuration applies.

  • A parent-level Web.config file. When configuration for an application, directory, or URL is stored in a parent-level configuration file, you must use a location tag to specify the child at which the configuration applies.

  • The Web.config file for the site, the application, or the directory. When you configure settings for an application, directory, or URL, the configuration is stored in the same directory as the site, application, or directory. You do not need to use location tags.

Storing configuration settings in a parent configuration file is helpful when:

  • You want to store configuration settings in a configuration file that is accessible by only certain users or groups. For example, the ApplicationHost.config file is available only to the Administrator account and to the members of the Administrators group on a specific computer, as well as to domain administrators when a computer is part of a domain.

  • You want to configure a feature at the URL-level (also known as file-level).

Inheritance

Sites, applications, virtual directories, physical directories, and files inherit configuration settings from the server-level configuration files and from any parent configuration files. For example, an application inherits configuration settings from the server-level configuration files and from the site's root application Web.config file. The following table illustrates the configuration files in which you can store an object's configuration.

Note

Configuration sections must be delegated if configuration files other than server-level configuration files are used.

Configuration Object Server-Level Configuration Files Parent-Level Configuration Files Other Configuration Files Comments

Web server

Machine.config

Root Web.config

ApplicationHost.config

Not applicable

Not applicable

No location tags are needed. Server-level configuration can only exist in server-level configuration files.

Site

Machine.config

Root Web.config

ApplicationHost.config

Not applicable

Site's root application Web.config

Use location tags to store site configuration in server-level configuration files.

Application

Machine.config

Root Web.config

ApplicationHost.config

Site's root application Web.config

Application's Web.config

Use location tags to store application configuration in server-level configuration files or a parent configuration file.

Virtual or Physical Directory

Machine.config

Root Web.config

ApplicationHost.config

Parent site's root application Web.config

Parent application's Web.config

Directory's Web.config file

Use location tags to store directory configuration in server-level configuration files, or in a parent configuration file.

URL (or file)

Machine.config

Root Web.config

ApplicationHost.config

Parent site's root application Web.config

Parent application's Web.config

Parent directory's Web.config

Not applicable

Use location tags to store URL-specific configuration in server-level and parent-level configuration files.

See Also

Concepts

Configuration Store (IIS 7)