Why do you use IIS?

It seems like tons of people use IIS and I want to know the reason why. It’s mostly because IIS is complicated and introduces a lot of variables outside the scope of PSU that often cause problems in PSU. I just want to make sure that we continue to focus on what’s important and it seems like IIS is very important but I want to know why that’s the case and how we can make it easier.

  • Company Standard\Mandate
  • Windows Authentication Support
  • Familiar with IIS
  • Other (please list)

0 voters

2 Likes

Follow up question. It looks like ASP.NET Core supports Windows Auth without IIS. Would you host UD as a Windows service instead of IIS if we supported that?

Yes, Auth and TLS are the two needs I have.

3 Likes

I would prefer officially supported service over IIS, just to remove the extra moving part (extra point of failure).

2 Likes

Windows Auth. I would much rather see WSFed/SAML for auth though. We use AD groups to dictate what pages are seen by specific groups. If it was all settings within PS Universal and such, I would swap to service based solution.

2 Likes

@adam
As a product PSU needs to support multi environments since everyone of us use it in a way that fits there needs.
Universal dashboard up to ver. 2.9.0 was great and easy product working on almost everything so to have a new product like PSU you would expect more power not less.
so i think working the IIS issues will be a huge improvement to the future of PSU.

3 Likes

Our dashboard is deployed as a child application under IIS root. It uses the parent customized auth service so must deployed under IIS.

I would say:

  • Current Tooling
  • Current Monitoring solutions
  • Port sharing, hostheader mapping and the like
  • Central point of management. (UD is not the only thing on the server. (snowflake I know))
1 Like

I would prefer Kestrel but I was not able to set up HTTPS with a certificate from a windows certificate store. IIS it worked with two clicks (I have an infrastructure/vmware background and not very familiar with web servers)

1 Like

Late to the show.
IIS makes https easy to maintain.
IIS allows for mulitple sites and seperation of sensitive info like AAD client secrets.
IIS Windows auth is an additional bonus.
Relying on the customer to provide bug-free complex authentication for the admin page with strict per-dashboard RBAC is not great, if possible at all?

But god damn IIS a bitch to troubleshoot. My entire site just stopped working after trying to setup OID. I would definetly understand ending support for it.

We have one instance running on IIS and it’s an absolute pain that I have to deal with because that’s what was chosen by the higher-tiered engineers solely based on their knowledge and stubborn mindset.
I hate it and it constantly requires troubleshooting time that I simply do not wish to spend on it.

Then there is another, newer, instance running as it’s own service and it’s a dream to work with - never had any issues and is going strong still. Requires very little maintenance and only ever goes down when I decide it has to for whatever reason.

I’d wish to kill that IIS instance. But it’s running every-day required and actively used functions on it - that I’m not able to spend time on to fix and replace. (Sigh…)

TL;DR
We use IIS because someone else decided it should be that way.
I hate it and don’t want it.

My primary reasons are

  1. TLS
  2. Windows auth
  3. Possible to do some preprocessing such as using rewrite module and such
  4. Easy upgrade and rollback using different application trees.
  5. Well-known platform that is penetration tested and used for several applications makes adoption easier.

/Fredrik

1 Like

i’m new to PSU, how do you deploy a DB via IIS?

Our IIS hosting docs are here: IIS - PowerShell Universal

Does Azure App Service count as IIS? It uses IIS under the hood, right?