Course ILT Internet/intranet support Unit objectives Use the Internet Information Services snap-in to manage IIS, Web sites, virtual directories, and WebDAV publishing directories. View and manage printers through a Web browser and set resource access permissions for a Web site.
Course ILT Internet/intranet support Topic A: Internet Information Server overview Topic B: Managing Web access
Course ILT Centralized administration Internet Information Services snap-in
Course ILT Centralized administration Internet Services Manager (HTML)
Course ILT Centralized administration Delegated administration –Delegate IIS 5.0 administration permissions to other users by adding them to the Operators list on a Web site’s Operators properties tab
Course ILT Centralized administration Multisite hosting –IIS 5.0 has the ability to host multiple Web sites from a single physical server. You can distinguish between the servers in any of the following ways: Assign each Web site a different TCP/IP port number. Assign each Web site a different IP address. Assign each Web site a different host header name. Process and bandwidth throttling Dfs (distributed file system) support
Course ILT IIS installation IIS is included in the default installation of Windows 2000 Server. Add/Remove Windows Components Available IIS components –Common Files –Documentation –File Transfer Protocol (FTP) Server –FrontPage 2000 Server Extensions –Internet Information Services Snap-in –Internet Service Manager (HTML) –NNTP Service –SMTP Service –Visual InterDev RAD Remote Deployment Support –World Wide Web Server
Course ILT IIS installation During installation, a folder named Inetpub will be created on your system drive. Inetpub subfolders will be created for things such as Web content, scripts, and samples. In addition, the following two users will be created: –IUSR_servername This is the built-in account for managing anonymous access to IIS. –IWAM_servername This is the built-in account that is used by IIS for starting out-of-process applications. The IIS server’s name will appear as servername. The IUSR and IWAM users will be created as local users when installing IIS on a member server, and as Active Directory users when installing IIS on a domain controller.
Course ILT IIS configuration Internet Information Services snap-in –Local IIS server (if any) will be displayed automatically
Course ILT IIS configuration Web site properties
Course ILT IIS configuration TabDescription Web SiteThis is where you set the Web site identification, limit connections, and set your logging option. OperatorsAllows you to add operators as delegated administrators for the Web site. PerformanceYou can tune Web site performance based on expected hits per day. You can also set process throttling and bandwidth throttling options for the Web site. ISAPI FiltersThis is where you add, remove, edit, or disable ISAPI filters for the Web site. Home DirectoryThis sets the home directory and options, including basic security options for the home directory. DocumentsThis is where you identify and enable the default document. Directory SecurityThis is where you set access and authentication, filter access by IP address or domain name, and enter certification information for security communications. HTTP HeadersThis is where you set content expiration, content rating, and MIME mapping. Custom ErrorsThis is where you edit custom HTTP errors for use by this Web site.
Course ILT A-1:Configuring IIS Activity
Course ILT Internet/intranet support Topic A: Internet Information Server overview Topic B: Managing Web access
Course ILT Server access security IIS security overview 1. Request 4. Response 2. Authentication 3. Check NTFS Permissions
Course ILT Server access security Authentication options for Web resources
Course ILT Server access security Authentication methods
Course ILT Server access security Setting server access restrictions You are given the option of setting the default action to either grant or deny computers access. You can then add exceptions to the default for any of the following: A single computer, by IP address A group of computers, by IP address and subnet mask A domain, by domain name
Course ILT B-1:Setting Web server access permissions Activity
Course ILT File and folder resources Home directory
Course ILT File and folder resources You are given the following three options for setting the source of the home directory: –A directory located on this computer –A share located on another computer –A redirection to a URL If you choose one of the first two options, to set the source as a local directory or network share, you can also set the following options: –Script source access –Read –Write –Directory browsing –Log visits –Index this resource
Course ILT File and folder resources If you choose the third option for the source of the home directory, setting the source as a URL, you can set the following options to indicate where the client will be sent: –The exact URL entered above –A directory below this one –A permanent redirection for this resource
Course ILT Virtual directories Virtual Directory Wizard, which is launched through the Internet Information Services snap-in.
Course ILT Virtual directories The directory will be listed under the Web site for which it was created. If IIS cannot connect to the directory, a stop sign (red octagon) with the word “Error” will be displayed.
Course ILT Network shares With IIS installed, each folder includes a Web Sharing tab. You can right-click a folder in Windows Explorer, choose Properties, and select the Web Sharing tab. The Edit Alias screen prompts you for the virtual directory alias, access permissions, and application permissions.
Course ILT WebDAV Web-based distributed authoring and versioning A protocol, which is an extension to the HTTP 1.1 standard. WebDAV supports remote file search, access, and management through a browser. WebDAV setup –First step in setting up WebDAV publishing is to create a publishing directory. –Typically, you will want to create this as a subfolder of the \Inetpub folder: C:\Inetpub\WebDAV
Course ILT WebDAV clients Any client using a browser that supports the industry-standard WebDAV protocol can access your WebDAV directory. Windows clients can connect to a WebDAV publishing directory through Internet Explorer 5.0. For example, you would use an address similar to the following to connect over the Internet: – To connect over a corporate intranet, you could use an address similar to the following: –
Course ILT WebDAV clients Create a connection to a WebDAV publishing directory with the Add Network Places Wizard
Course ILT Virtual directory properties Right-click the virtual directory and choose Properties
Course ILT Virtual directory navigation You can navigate virtual and WebDAV publishing directories through Internet Explorer 5.0
Course ILT Virtual directory navigation WebDAV through Windows Explorer
Course ILT Resource access security The virtual directory properties tab lets you set resource access permissions and application permissions. The Directory Security properties tab lets you manage access and authentication, IP address and domain name restrictions, and certificate information. In addition, security for folders residing on an NTFS partition will be affected by NTFS security settings. That is the case because users connecting through a Web server are authenticated as local users.
Course ILT Permissions Wizard
Course ILT Permissions Wizard
Course ILT Permissions Wizard
Course ILT Troubleshooting overview Most of the problems you encounter with accessing resources through the Internet are going to fall into one of three general categories: –Inability to connect to a Web server –Inability to connect to a resource –Wrong permission assignment
Course ILT Troubleshooting overview Web server access –Web server communications –Authorization –Restricted access Resource access –Verify that the user can connect to the resource. –Verify connections with remote servers. –Try directly connecting to the share through the command line or Windows Explorer.
Course ILT Troubleshooting overview Access permissions –This is the same type of potential problem as occurs with shared network resources. –Verify that access permissions have been set appropriately for the user. WebDAV troubleshooting –Verify you can connect to the server. – Verify you can connect to the resource and have the appropriate permissions.
Course ILT Internet printers Connecting with the Add Printer Wizard –Choose Start, Settings, Printers. Double-click Add Printer. –Click Next to continue past the Welcome screen. –On the Local or Network Printer screen, select Network printer and click Next. –On the Locate Your Printer screen, select the option to connect to a printer on the Internet, and type the URL. A printer’s URL uses the following convention: –Be sure to include the period in front of the word “printer”. An IP address can be substituted for the domain name. –Click Next after you have correctly typed the URL. –At this point, you will be prompted for your name and password. –After you click OK, the printer will be located either on the local area network or across the Internet.
Course ILT Internet printers Connecting through Internet Explorer –You can also connect to an Internet printer using Internet Explorer 5.0. To display a list of available printers, type the following URL in the address bar:
Course ILT Viewing printer properties
Course ILT Connecting to a printer
Course ILT B-2:Working with Web-based resource access Activity
Course ILT Internet/intranet support Unit summary This unit covered: –How to use the Internet Information Services snap-in to centralize the management of IIS, Web sites, virtual directories, and WebDAV publishing directories –How to view and manage printers through a Web browser and set resource access permissions for a Web site