http://www.microsoft.com/infoserv/docs/CONFIG.HTM (PC Press Internet CD, 03/1996)Once you have completed setup and tested your installation, you can use Microsoft Internet Service Manager and other tools to configure the more advanced features of the Internet Information Server services. This chapter tells you how to:
You can use Internet Service Manager to enhance the configuration and performance of your server. Internet Service Manager helps you configure and monitor all the Internet services running on any Windows NT Server-based computer in your network. There are three views available in Internet Service Manager: Reports, Servers, and Services.
Report view is the default view. Report view alphabetically lists the selected computers, with each installed service shown on a separate line. Click the column headings to alphabetically sort the entire list. Report view is probably most useful for sites with only one or two computers running Internet Information Server. The following illustration lists the functions of the buttons and icons in Internet Service Manager; you can also use the Properties and View drop-down menus for the same functions.
Connect to servers and view property sheets
1 Connects to one specific Internet server.
2 Finds all Internet servers on the network.
3 Displays property sheets to configure the selected service.
Start, stop, or pause a service
4 Starts the selected service.
5 Stops the selected service.
6 Pauses the selected service.
Select which services should be displayed
7 Displays the FTP service in the Internet Service Manager main window.
8 Displays the Gopher service in the Internet Service Manager main window.
9 Displays the WWW service in the Internet Service Manager main window.
Make any necessary adjustments to services
10 Sorts the listings when you click a column heading.
11 Displays the property sheets for a service when you double-click it.
12 Displays server and service status.
Servers view displays services running on network servers by computer name. Click the plus symbol next to a server name to see which services that server is running. Double-click a service name to see its property sheets. Servers view is most useful for sites running multiple computers when you need to know the status of the services installed on a specific computer.
Services view lists the services on every selected computer grouped by service name. Click the plus symbol next to a service name to see the servers running that service. Double-click the computer name under a service to see the property sheets for the service running on that computer. Services view is most useful for sites with widely distributed servers when you need to know which computers are running a particular service.
The Internet Service Manager property sheets can be used to configure and manage the World Wide Web (WWW) and other services. The following information focuses on the WWW service, the most commonly used service.
In Internet Service Manager, double-click a computer or a service name to display its property sheets. Click the tab at the top of each property sheet to display the properties for that category. After setting the properties for the service, click OK to return to the main Internet Service Manager window. Detailed information about each property sheet is included in later chapters on security, directories, and logging.
Note:
In special instances you may need to use Registry Editor (Regedt32.exe) to configure Internet Information Server or Windows NT Server. See Help for information on Registry entries and when you need to use them.
You use the Service property sheet to control who can use your server and specify the account used for anonymous client requests to log on to the computer. Most Internet sites allow anonymous logons. If you allow anonymous logons, then all user permissions for the user, such as permission to access information, will use the IUSR_ computername account. To use your current security system to control information access, change the anonymous logon account to existing accounts on your network.
This property sheet also sets the comment in the main Internet Service Manager window. See Chapter 5, "Securing Your Site Against Intruders," for more information.
The Directories property sheet lists directories available to users, with some possible exceptions. For more detailed information, see Chapter 6, "Planning Your Content Directories and Virtual Servers."
The Default Document and Directory Browsing settings in the Directories property sheet for the WWW service are used to set up default displays that will appear if a remote user does not specify a particular file. Directory browsing means that the user is presented with a hypertext listing of the directories and files so that the user can navigate through your directory structure.
You can place a default document in each directory so that when a remote user does not specify a specific file, the default document in that directory is displayed. A hypertext directory listing is sent to the user if directory browsing is enabled and no default document has been provided.
Internet Server provides a default home directory for each service of the primary computer: \Wwwroot, \Gophroot, and \Ftproot. The files that you place in the home directory of Internet Information Server and its subdirectories are available to remote browsers. You can change the location of the default home directory.
You can also add other directories outside the home directory that will appear to browsers as subdirectories of the home directory. That is, you can publish from other directories and have those directories appear to reside within the home directory. Such directories are called "virtual directories."
The administrator can specify the physical location of the virtual directory and the virtual name, which is the directory name used by remote browsers.
The published directories can be located on local or network drives. If the virtual directory is a network drive, provide username and password with access to that network drive.
Important
If you specify a username and password to connect to a network drive, all Internet Information Server access to that directory will use that username and password. You should use care when using Universal Naming Convention (UNC) connections to network drives to prevent possible security breaches.
You can have multiple domain names on a single Internet Information Server-based computer so that it will appear that there are additional servers, or "virtual servers." This feature makes it possible to service WWW requests for two domain names (such as http://www.company1.com/ and http://www.company2.com/) from the same computer. Enter the IP (Internet Protocol) address for the home directory, and virtual directories for each virtual server you will create.
If the path for a virtual directory is a network drive, provide a username and password with access to that network drive.
If you have assigned more than one IP address to your server, when you create a directory you must specify which IP address has access to that directory. If no IP address is specified, that directory will be visible to all virtual servers.
Important
The default directories created during setup do not specify an IP address. You may need to specify IP addresses for the default directories when you add virtual servers.
See Chapter 6, "Planning Your Content Directories and Virtual Servers," for more information.
The services can log server activity. Logging provides valuable information about how a server is used. You can send log data to files or to an Open Data Base Connectivity (ODBC)-supported database. If you have multiple servers or services on a network, you can log all their activity to a single file or database on any network computer.
If you want to log to a file, you can specify how often to create new logs and which directory put the log files in.
If you log to an ODBC data source, you must specify the ODBC Data Source Name (DSN), table, and valid user name and password to the database.
See Chapter 7, "Logging Server Activity," for more information.
You can use Internet Service Manager to prevent access by certain IP addresses to block individuals or groups from gaining access to your server. You can also set the maximum network bandwidth for outbound traffic, to control (throttle) the maximum amount of traffic on your server.
You can control access to each Microsoft Internet Information Server service by specifying the IP address of the computers to be granted or denied access.
If you choose to grant access to all users by default, you can then specify the computers to be denied access. For example, if you have a form on your WWW server and a particular user on the Internet is entering multiple forms with ficticious information, you can prevent the computer at that IP address from connecting to your site. Conversely, if you choose to deny access to all users by default, you can then specify which computers are allowed access.
You can throttle your Internet services by limiting the network bandwidth allowed for all of the Internet services on the server.
See Chapter 5, "Securing Your Site Against Intruders," for more information about Internet and Windows NT security.
In addition to Internet Service Manager you can use other tools to configure, control, and monitor the Internet Information services. This sections explains other Windows NT utilities that directly affect your Internet Information Server, and explains how you can use other Windows NT utilities to monitor or enhance your Internet Information Server site.
Use Control Panel to set Windows NT-controlled systems and options.
The Network applet in Control Panel configures your Transmission Control Protocol/Internet Protocol (TCP/IP) settings, including IP address, subnet mask, and default gateway. Double-click TCP/IP Protocol in the Installed Network Software listing to display the TCP/IP Configuration dialog box.
Click the advanced button to set Domain Name System (DNS) settings, such as hostname, domain names, and DNS servers, to resolve names.
The Services applet is used to start, stop, and pause the WWW, Gopher, and FTP services. You can also use Internet Service Manager to start, stop and pause the services.
Use the Startup button to configure how the service starts when the computer starts. If you have a specific reason, you can also use this dialog box to override the account used by the WWW service as set in the Service property sheet of Internet Service Manager. You should change this setting only if it is part of your security strategy; otherwise, use the default settings in the Log On As box.
The ODBC applet in Control Panel is used to set up ODBC connectivity. See Chapter 8, "Publishing Information and Applications," for more information about using the ODBC applet.
Use File Manager to set directory and file permissions on Windows NT File System (NTFS) drives. Use the Permissions item in the Security menu to set permissions.
User Manager for Domains, in the Administrative Tools program group, is a tool that you can use to manage security for a Windows NT Server computer. With User Manager you can:
Event Viewer, in the Administrative Tools program group, is a tool that you can use to monitor events in your system. You can use Event Viewer to view and manage System, Security, and Application event logs.Event Viewer can notify administrators of critical events by displaying pop-up messages, or by adding event information to log files. The information allows you to better understand the sequence and types of events that led up to a particular state or situation.
Internet Information Server automatically installs Windows NT Performance Monitor counters. With the HTTP service and Internet Services Performance Summary objects, you can use the Windows NT Performance Monitor for real-time measurement of your Internet service use. Similar counters for the Gopher and FTP services are also available.
The WWW service object provides counters to monitor the WWW service; these include:
The Internet Services Performance Summary provides general-use and cache-use information about the Internet Information Server; this includes:
© 1996 by Microsoft Corporation. All rights reserved..