There's also a tool on codeproject to do it. Haven't tested it but they reckon they based it on IISAdmin and made it better - http://www.codeproject.com/csharp/IIsAdminNet.asp

Or, iismultiplex, which someone recommends in a message on the IISAdminNet page - http://www.codeproject.com/csharp/IIsAdminNet.asp#xx1138522xx

Wish I had've seen these before i hand rolled my own bodgy hack solution :-)

I wish people would stop promoting Cassini as a solution. It's utterly inappropriate for development. Cassini runs as an interactive user process not as a service under a specified service account. This makes building anything with security in mind very difficult and sometimes impossible. If you do attempt to build a secure application using Cassini you run the very great risk of writing extra code that is unnecessary for your production environment.

BTW, the minimal webserver included in VS 2005 runs into the same problems. Microsoft has not solved the problem of ASPNET development on XP Pro.

I hear what you're saying, but is security really such a big deal for a web app that's going to run 100% server side? To me, that's more about validating input and making sure your host IIS/windows is hardened.

I think the "run as limited user" functionality in VS.NET 2005 is far more important and useful. As it stands in 2003, it's nearly impossible to test limited user rights (eg, limited framework permission) scenarios.

Would you be okay if you knew your bank's web application was programmed to use root or admin level access for everything? Security is very important for a server application.

> bank's web application was programmed to use root or admin level access for everything?

I guess I don't see a big disparity between testing with ASP.NET running as admin on localhost, then deploying to a server where ASP.NET runs as a less privileged account.

Note that I'm not ADVOCATING this per se, but if Cassini and the VS.NET 2005 embedded webserver implementations *require* admin as you say, I think it's a reasonable tradeoff to get rid of the IIS dependency which is an ongoing PITA.

One tip. Don't forget to enable INTEGRATED AUTHENTICATION for any websites you're debugging at the root via VS.NET 2003. This is standard, of course, but for some reason, I was getting a really cryptic error when trying to do this via localhost, so it was hard to tell what was wrong.

Why not run Cassini through runas and attach-to-process for the security-sensitive test cases?

Seems like more of a solution than IIS5.1@localhost for development.

Here's how I solved the problem.

Bought a workstation with 2 gigs of ram.

Installed VMWare Workstation.

Installed W2003 Server Enterprise in a virtual box. Put SQL Server Reporting Services in there, too. Found other uses for this, too, like having a place for VS Studio 2005 beta.

Even did this on my laptop (1.5 gig).

Yeah!!

There are several alternatives on the net for adding sites to IIS on XP, all seem preet much equal in features and all are free:
- IIS admin (mentioned above - fisrt served)
- IIsAdmin.NET (mentioned above - codeproject)
- Windows XP IIS Manager v1.7 (http://www.codeproject.com/w2k/EasyIIS.asp?df=100&forumid=163141&exp=0&select=1225836)
- XP PRO IIS Admin (http://jetstat.com/iisadmin/)

Having no preference I use the one I found first.

Correct link for XP Pro IIS Admin is:
http://jetstat.com/iisadmin/

That util also provide automatic setup of some asp scripts at your local web server and some other features.
Next version will support "hosts" file. :)

Even better: get rid of IIS and install Apache+mod_mono in Linux. That's what I use to run my blog directory and it works wonderfully!
Cheers,

Icarus

XP Pro IIS admin with hosts file support has been just released.
you can check it here:
http://jetstat.com/iisadmin/

Major updates: Windows vista support, hosts file management, using hosts names in addition to localhost and port value other then 80 support on local websites.

when I go to enter the ---adsutil set w3svc/MaxConnections 40---,
I get an "error trying to get the object: w3svc". It worked fine on one xp system, but the one I really want it to work on gives the error. Anyone seen this?

Thank you very much for the tips.

I have applied the setting recomended above.
They work but i am still not satisfied because my client can only afford to run the production app on an XP license. I am so desperate that i am thinking of configuring multiple 3 or four XP boxes as web servers and assigning different web clients to different servers.

Cassini is a horrid way of doing any serious web development work.

It's great for a quick start server or for the hobbyist, but if you are billing someone for web development or building something for yourself that makes any use of user authentication, multiple sessions or requires high levels of availability then you're going to only hurt yourself persisting with Cassini.

or you could just use apache.

none of the limitations from iis

http://httpd.apache.org

it would be nice if the unix geeks could resist with switch to apache comments. you're not helping.

I'm not a unix geek, but I use Apache on a Windows XP box, and none of the limitations of IIS 5.1. :o)

But if you want ASP, you have to grab one of the ASP on Apache ports, though I've never used them (php for the win!), I've read that some of them work fine.

After entering "adsutil set w3svc/MaxConnections 40" my iis install stops serving pages for anything other than Default Web Site. Has anyone else had this issue?

bizarre - it's started working again... I tried the dispnode.vbs script to take a look at the site I was attempting to configure and the server magically started working again. sorry for the false alarm.