Security setup before creating the web app.
- Have App Pool service account created.
- If desired, have host header name (A Record) created.
- Have SPNs created for the service accounts.
- Set delegation for the service account.
Web App Provisioning
- Create web application using the app pool credentials and checking Kerberos authentication.
- Do "iisreset -noforce" at command prompt on all web front ends at a time when usage is low.
Central Admin and SSP Admin App Pool Settings
- Recycle once a day
- Limit virtual memory to 500.
- Shutdown after 10 minutes of idle.
- Disable Pinging
- Disable rapid-fail protection
- No CPU limit
Content App Pool Settings
- Recycle 1 per night
- Limit virtual memory to 800-1200MB (32 BIT)
- No idle shutoff
- No request queue
- No CPU limit
- No web garden
- Yes ping
- 300-900 startup-shutdown limit
- No rapid failure
No comments:
Post a Comment