In my June 3 commentary, I wrote about the "Windows Server 2003 Deployment Kit: Deploying Internet Information Services (IIS) 6.0," commonly referred to as the IIS 6.0 Deployment Guide. Microsoft publishes this free book, which is available only in electronic form as a Microsoft Word document. You can download the book in parts or in its entirety at http://microsoft.com/downloads/details.aspx?familyid=f31a5fd5-03db-46d2-9f34-596edd039eb9&displaylang=en#filelist .

On May 30, Microsoft released another free Web download, the "Microsoft Internet Information Services (IIS) 6.0 Resource Kit," which includes 5.4MB worth of tools to help the IIS administrator run, secure, and manage IIS 6.0. You can download the free kit at http://www.microsoft.com/downloads/details.aspx?familyid=56fc92ee-a71a-4c73-b628-ade629c89499&displaylang=en .

The following tools are available in this package:

- CustomAuth--Creates custom HTML logon pages to collect user credentials; supports either manual or timeout-based logoffs; offers a Web-based client authentication alternative to typical authentication methods, including Basic and Windows NT LAN Manager (NTLM)

- IISCertDeploy.vbs--A Windows Script Host (WSH) script that deploys and backs up Secure Sockets Layer (SSL) certificates on servers running IIS 6.0

- IIS Host Helper Service--Registers a Web site's host header or headers with name resolution services (DNS, NetBIOS, or WINS); you can use this tool in an intranet environment to avoid the complex process of manually modifying name records

- IISState 3.0--Troubleshoots slow performance on IIS 6.0; diagnoses applications that have stopped responding when running on IIS; helps you identify the causes of Dr. Watson and other application-related failures

- Log Parser Version 2.1--Processes information in the IIS logs; filters entries, converts log files to other formats, and mines data; supports many different input formats, including all IIS log file formats; supports multiple output formats, including text files and database tables

- MetabaseExplorer 1.6--A GUI that views and edits local and remote IIS metabases; you can use it to edit security settings for keys, to export and import keys and subkeys, to copy keys and subkeys, and to compare records

- Permissions Verifier--Verifies that IIS is configured with the minimum permissions required; checks ACLs for users and groups, so you can ensure that permissions aren't causing Web server problems

- RemapUrl--A security tool that changes URLs requested by clients on the fly completely transparently to the client in a local IIS scenario; supports conventional URL redirects and sending custom error messages

- SelfSSL--Generates and installs self-signed SSL certificates; you use this tool only to create a secure private channel between your server and a limited group, such as a developer group in a test environment

- TinyGet 5.2--A command-line HTTP client that supports multiple threads and looping for testing or troubleshooting HTTP client-to-server communications

- Web Capacity Analysis Tool (WCAT) 5.2--Uses custom-designed content and workload simulations to test different server and network configurations; you can test servers with single or multiple processors and servers that are connected to multiple networks; WCAT is the latest version of Homer, which Microsoft created to stress-test Web applications

- WFetch 1.3--An HTTP client with a GUI that tests or troubleshoots HTTP servers; doesn't render the HTTP response as most HTTP clients do but instead displays the request and response so that you can easily understand the communication

These 12 tools are a must for any IIS 6.0 administrator. Microsoft doesn't charge a licensing fee, so the decision to use them should be a no-brainer.