How do I configure Azure Web Role to have United Kingdom (as opposed to US) as it's language/regional settings etc for all accounts? I believe I can RDP in and change it. However I want to set it to default on creation of the web role. It is making a difference to some classic ASP pages we have in a legacy app.
Interesting problem. Can't say I've attempted this before. What you want is to set a different locale at startup so that it is always enforced as VMs making up your Web Role may be rebooted from time to time.
Unless someone comes up with a better idea you could try to modify the registry from a Windows Azure Startup Task. You would need to know which user locale to modify and you would need a registry changing CmdLet like this one (though I haven't tried it): Set-RegistryKey.
Given you can figure out what registry value to modify and what user is running your IIS this could be done.
Use a Startup Task. Call a Cmd script and envoke a PowerShell script. Call the CmdLet and set the locale you want.
I realize this is not a complete solution, just a suggestion. Hopefully it is worth while.
Related
I will be placing an Azure website, in several regions. Then configuring the Azure Traffic Manager to distribute requests to each region.
The website needs to know which region it is running in. Is there an API available to determine this? Or, is my only choice, to define a REGION app setting, that is set appropriately for each Azure website?
I had the same question today, and found this thread. It seems that Web Apps now do include the promised environment variable showing the region in which they are deployed.
I simply used:
string region = Environment.GetEnvironmentVariable("REGION_NAME");
and it worked fine (note that it returns null when run outside Azure e.g. in Visual Studio).
I got a response, to my question, on the Microsoft Azure DNS and Traffic Manager forum.
The answer was:
There's no handy way currently. In the Azure Powershell, you could use Get-AzureWebsite to read the WebSpace value, which is structured as Region+"webspace".
For now it's easier to just add it to the app setting, like you suggested. We'll have the region value as an environment variable in a later release.
So, as suggested, we will just use an app setting to tell the website what region it is running in. We will switch over, to the environment variable, when it becomes available.
Working with an mvc4 application that runs in IIS 7.5, the site though exist once on disk, has over a 100 url's pointing to it. This is because the site displays content based on the country that needs to access it.
Due to this, the site can have over a 100 bindings, which is very hard to manage.
I am looking to automate the creating of the site in IIS using powershell. I would run this during each deployment to ensure each of my environments are identical (dev, qa, production).
The powershell script would delete the site and recreate it, applying bindings, configuring it etc. I am a newbie to powershell so I would appreciate any help with this.
You should be able to use the PowerShell IIS Administrative Cmdlets. I show how to automate creating and deleting web applications using them on my blog that should get you started.
I have a script I use when creating a website and AppPool in IIS 7+ (under .net4, Integrated pipeline, etc) and thought you might find it useful as its a bit simpler than some of the other answers. It will delete the site and replace it if it already exists making it good in continuous integration scenarios.
Use it as so:
CreateSite.ps1 [WebsiteName] [AppPoolName] [Port] [Path]
If you are reinstalling the site, you will need to stop it first. That is done as so:
StopSite.ps1 [WebsiteName] [AppPoolName]
you gan grab the scripts from my gist
There is an IIS provider for PowerShell which you can use to manage IIS from PowerShell.
Take a look at the available cmdlets.
Does windows Azure supports windows Services ?, ...
I develop an application that has among its components a windows service that every hour sends an email with information.
Is this supported in Windows Azure?,
Thanks!!
You might find the worker role is a better fit for running a process every hour. If you have the code for the WIndows Service it should not be hard to impleemnt it in a worker role.
You will, however, have to use a 3rd party service to send the email, as this is not supported in Azure.
Regards,
Alan
Yes, you can do this*. In order to install a Windows Service in a PaaS worker role (or web role), you will need to create a startup script that installs the service on boot (and checks to see if already installed on subsequent boots).
If you are using IaaS VMs, then the installation is straightforward - just do as you do today.
*Windows Azure Websites is a shared model, so installing services is not supported there.
To combine both Alan Smith's and dunnry's answers, both are correct -
You can install a windows services on a PaaS role using a startup script (other than web sites).
If you're using a Virtual Machine you just install the service on the VM
But Alan is completely correct that the best route forward in most cases is migrating the code to a worker role which is usually quite straight forward, would work best and would be easier to maintain.
Having said all of that - sending emails from within Azure is not necessarily a good idea as many mail servers black list the ips (turns out Azure is a great platform for spammers)
I want to make an extra addition to Alan and Yossi's answers. It's important to know the why, because simply installing the Windows Service shouldn't be a problem.
But if you do this you'll be missing out on something very important. If you run all of your code in the actual Worker Role process you'll get the monitoring for free. This means, if your process crashes for whatever reason, Windows Azure will restart the instance to make sure the process gets back online.
Now if you simply go and install a Windows Service through a startup script you won't be able to take advantage from this automated monitoring. You'll need to make sure you have some kind of recovery (this could be a setting on the Windows Service or a different process). But it's simply too much work for something you could get for free.
I would suggest using a Extra-Small VM using a windows template that is already offered. It's the same cost as the worker role and will let you provision your service without any issues. You would install your service the same as you would on any on premises server.
If you don't need to have the same sort of failover scenario that your web roles do then this s a good option.
I want to give the network service account modify permission (root project directory) on start of my Azure webrole, anyone know of a way of doing this? After modification, I would reset this value to keep things secure. Primary purpose is I need to modify the webconfig to change wcf addresses based upon staging/production environment differences, on multiple nodes.
I have tested the routine and it will properly run once permissions are given to the network service account. I wouldn't mind if it was a first-launch modification, but unfortunately directory permissions change upon deployment of a new version, as it swaps VHD's on which the sites reside...
Any help would be awesome...
Thanks!
If you objective is to update web.config to add/modify setting related to your Azure environment, you can do that using Web Administration module by adding proper code to Role Startup() routine. I believe this way you will have an easier and clean solution.
The process is defined in this blog and there may be others who may have much better ways to do it.
I'm creating a website in IIS 7.5 (with Windows 7) that needs to be able to create further websites. I've written code that uses Microsoft.Web.Administration to create the website programmatically, and this works fine when I run it as administrator.
Now I'm trying to use the same code in the context of my web application. It fails with the error
Error: Cannot read configuration file due to insufficient permissions
for the file redirection.config (which I understand is located in %WinDir%/System32/inetsrv/config).
I've tried creating a new apppool for this specific website, running under the IIS AppPool[AppPoolName] identity. I've then tried to grant that identity permission to edit the IIS config using
ManagementAuthorization.Grant(#"IIS AppPool\MyAppPool", "Default Web Site", false);
but I still get the same error.
What else should I try?
This probably isn't the wisest approach from a security viewpoint. If this site is hijacked then your attackers will be able to interfere with those files (to no good purpose) or even just delete them.
The way we approached this was to separate website creation tasks into a windows service running with the correct rights to perform these activities. In this service is a remoting end point (although these days you'd probably want to use WCF).
We then created a proxy assembly that is signed and registered in the GAC (it would also need to be marked with the APTCA attribute if you're running at less than Full Trust). This assembly passes on the relevant calls to the remoting endpoint in the windows service from the admin web app/service.
This allows us to run the admin site at least privilege and in partial trust mode. The scope of what can be done by way of site admin tasks is narrowed somewhat by whatever functionality is exposed in the windows service application.
This is a technique known as sandboxing.
I've found a way to do it, but I would very much like to hear expert opinion on whether this is a wise thing to do.
I granted Modify and Write permissions for the IIS AppPool\MyAppPool account to %WinDir%/System32/inetsrv/config and the three .config files inside it.