Internet Information Services
For the Windows 2000 Server exam you are required to be familiar with the essentials of IIS 5.0, which is installed by default on a new Windows 2000 Server installation, and upgrades systems with IIS 4.0. The two main features of IIS remain its functionality as both a web and ftp server, which we’ll concentrate on here. Note that many other services do exist under IIS, including the ability to act as an SMTP (mail), NNTP (news), or streaming media server.
After IIS 5.0 is installed, two new user accounts are created by default, and placed in the Users container. One, called IUSR_computername, is provided for the purpose of allowing anonymous access to the IIS-based system. The other is called IWAM_computername, and is the account under which IIS runs. This is used to start scripting applications, for example.
IIS will also create a folder called Inetpub on the IIS system, and subdirectories of this folder provide the working roots for installed services. For example, wwwroot is the location of the default website, while ftproot houses the root directory for ftp connections. While these directories are used by default, others can be created and placed in different folders or partitions if this better meets your needs. It is usually best, however, to keep everything situated in a single location in order to simplify the administrative process.
IIS services are managed using the Internet Services Manager tool. You can access the master property sheet for a server by right-clicking the server and choosing properties. Settings set on the master property sheets for the WWW or FTP services will be inherited by all new sites you create. As shown below, the master properties allow you to control settings such as the amount of bandwidth dedicated to each server, registered MIME file types, and server extensions, which includes server usage optimization. The master property sheet for WWW is shown below:
Configuring a website on IIS can be done either by editing the default web site or by creating a new site altogether. A single IIS server is capable of supporting many web sites, and differentiating them in a number of ways. The first is via port number. By default, a web server responds on port 80, although this can be changed. If you only had a single IP address, you could host multiple web sites by assigning each a different port number. Second, you can use host headers. In this scenario, a web site is identified by its host header name, which matches the domain name used to access it. In the third scenario, a server is assigned multiple IP addresses, and each site simply uses a different address. To create a new WWW or FTP site, simply right-click the server name and choose to create a new site, a wizard will walk you through the basic creation process. The majority of the properties must still be configured by
accessing the properties of the site itself. The screen shot below shows the many tabs that can be configured for a web site:
An explanation of the tabs is listed below:
Web Site – basic identification information about the site including the port number, IP address, description, logging type, and connection information.
Operators – controls which users have operator privileges for the site, allowing them administrative control over many properties of the site.
Performance – allows the website to be tuned for expected hits, as well as bandwidth and CPU throttling for the site to be configured.
ISAPI filters – allows you to configure settings relating to isapi filters and their processing order.
Home Directory – specifies which directory on the server acts as the root directory for this site, sets permissions and application properties.
Documents – defines default document to be loaded when a request is sent to the server. You can specify alternative documents, as well as change the order of search.
Directory Security – controls site authentication, IP address and domain name restrictions, and the configuration of certificates.
HTTP Headers – allows you to set content expiration, custom http headers, set content ratings (like RSAC ratings), and configure additional MIME types.
Custom Errors – allows you to edit or define custom error pages – for example you could create your own, including your logo.
Server Extensions – allow you to use version control, set server performance, set client scripting and properties relating to inheritance of security settings.