430 likes | 578 Views
Internet/intranet support. Unit objectives Use the Internet Information Services snap-in to manage IIS, Web sites, virtual directories, and WebDAV publishing directories. View and manage printers through a Web browser and set resource access permissions for a Web site.
E N D
Internet/intranet support Unit objectives • Use the Internet Information Services snap-in to manage IIS, Web sites, virtual directories, and WebDAV publishing directories. • View and manage printers through a Web browser and set resource access permissions for a Web site.
Internet/intranet support • Topic A: Internet Information Server overview • Topic B: Managing Web access
Centralized administration • Internet Information Services snap-in
Centralized administration • Internet Services Manager (HTML)
Centralized administration • Delegated administration • Delegate IIS 5.0 administration permissions to other users by adding them to the Operators list on a Web site’s Operators properties tab
Centralized administration • Multisite hosting • IIS 5.0 has the ability to host multiple Web sites from a single physical server. You can distinguish between the servers in any of the following ways: • Assign each Web site a different TCP/IP port number. • Assign each Web site a different IP address. • Assign each Web site a different host header name. • Process and bandwidth throttling • Dfs (distributed file system) support
IIS installation • IIS is included in the default installation of Windows 2000 Server. • Add/Remove Windows Components • Available IIS components • Common Files • Documentation • File Transfer Protocol (FTP) Server • FrontPage 2000 Server Extensions • Internet Information Services Snap-in • Internet Service Manager (HTML) • NNTP Service • SMTP Service • Visual InterDev RAD Remote Deployment Support • World Wide Web Server
IIS installation • During installation, a folder named Inetpub will be created on your system drive. • Inetpub subfolders will be created for things such as Web content, scripts, and samples. • In addition, the following two users will be created: • IUSR_servername • This is the built-in account for managing anonymous access to IIS. • IWAM_servername • This is the built-in account that is used by IIS for starting out-of-process applications. • The IIS server’s name will appear as servername. • The IUSR and IWAM users will be created as local users when installing IIS on a member server, and as Active Directory users when installing IIS on a domain controller.
IIS configuration • Internet Information Services snap-in • Local IIS server (if any) will be displayed automatically
IIS configuration • Web site properties
Activity A-1: Configuring IIS
Internet/intranet support • Topic A: Internet Information Server overview • Topic B: Managing Web access
Server access security 1. Request 4. Response 2. Authentication 3. Check NTFS Permissions • IIS security overview
Server access security • Authentication options for Web resources
Server access security • Authentication methods
Server access security • Setting server access restrictions • You are given the option of setting the default action to either grant or deny computers access. You can then add exceptions to the default for any of the following: • A single computer, by IP address • A group of computers, by IP address and subnet mask • A domain, by domain name
Activity B-1: Setting Web server access permissions
File and folder resources • Home directory
File and folder resources • You are given the following three options for setting the source of the home directory: • A directory located on this computer • A share located on another computer • A redirection to a URL • If you choose one of the first two options, to set the source as a local directory or network share, you can also set the following options: • Script source access • Read • Write • Directory browsing • Log visits • Index this resource
File and folder resources • If you choose the third option for the source of the home directory, setting the source as a URL, you can set the following options to indicate where the client will be sent: • The exact URL entered above • A directory below this one • A permanent redirection for this resource
Virtual directories • Virtual Directory Wizard, which is launched through the Internet Information Services snap-in.
Virtual directories • The directory will be listed under the Web site for which it was created. If IIS cannot connect to the directory, a stop sign (red octagon) with the word “Error” will be displayed.
With IIS installed, each folder includes a Web Sharing tab. You can right-click a folder in Windows Explorer, choose Properties, and select the Web Sharing tab. The Edit Alias screen prompts you for the virtual directory alias, access permissions, and application permissions. Network shares
WebDAV • Web-based distributed authoring and versioning • A protocol, which is an extension to the HTTP 1.1 standard. WebDAV supports remote file search, access, and management through a browser. • WebDAV setup • First step in setting up WebDAV publishing is to create a publishing directory. • Typically, you will want to create this as a subfolder of the \Inetpub folder: • C:\Inetpub\WebDAV
WebDAV clients • Any client using a browser that supports the industry-standard WebDAV protocol can access your WebDAV directory. • Windows clients can connect to a WebDAV publishing directory through Internet Explorer 5.0. For example, you would use an address similar to the following to connect over the Internet: • http://webserv.outlanderspices.com/webdav • To connect over a corporate intranet, you could use an address similar to the following: • http://outlanderspicespc/webdav
WebDAV clients • Create a connection to a WebDAV publishing directory with the Add Network Places Wizard
Virtual directory properties • Right-click the virtual directory and choose Properties
Virtual directory navigation • You can navigate virtual and WebDAV publishing directories through Internet Explorer 5.0
Virtual directory navigation • WebDAV through Windows Explorer
Resource access security • The virtual directory properties tab lets you set resource access permissions and application permissions. • The Directory Security properties tab lets you manage access and authentication, IP address and domain name restrictions, and certificate information. • In addition, security for folders residing on an NTFS partition will be affected by NTFS security settings. That is the case because users connecting through a Web server are authenticated as local users.
Troubleshooting overview • Most of the problems you encounter with accessing resources through the Internet are going to fall into one of three general categories: • Inability to connect to a Web server • Inability to connect to a resource • Wrong permission assignment
Troubleshooting overview • Web server access • Web server communications • Authorization • Restricted access • Resource access • Verify that the user can connect to the resource. • Verify connections with remote servers. • Try directly connecting to the share through the command line or Windows Explorer.
Troubleshooting overview • Access permissions • This is the same type of potential problem as occurs with shared network resources. • Verify that access permissions have been set appropriately for the user. • WebDAV troubleshooting • Verify you can connect to the server. • Verify you can connect to the resource and have the appropriate permissions.
Internet printers • Connecting with the Add Printer Wizard • Choose Start, Settings, Printers. Double-click Add Printer. • Click Next to continue past the Welcome screen. • On the Local or Network Printer screen, select Network printer and click Next. • On the Locate Your Printer screen, select the option to connect to a printer on the Internet, and type the URL. A printer’s URL uses the following convention: http://domainname/printers/printername/.printer • Be sure to include the period in front of the word “printer”. An IP address can be substituted for the domain name. • Click Next after you have correctly typed the URL. • At this point, you will be prompted for your name and password. • After you click OK, the printer will be located either on the local area network or across the Internet .
Internet printers • Connecting through Internet Explorer • You can also connect to an Internet printer using Internet Explorer 5.0. To display a list of available printers, type the following URL in the address bar: • http://domainname/printers
Activity B-2: Working with Web-based resource access
Internet/intranet support Unit summary • This unit covered: • How to use the Internet Information Services snap-in to centralize the management of IIS, Web sites, virtual directories, and WebDAV publishing directories • How to view and manage printers through a Web browser and set resource access permissions for a Web site