Академический Документы
Профессиональный Документы
Культура Документы
Note: Generally, this project is not being discussed under NDA with
any accounts or third parties. Should you require permission to
discuss this with a particular organization outside the company,
please contact the author.
Revision: 0.21
Date: March 21, 1995
Author(s): Kerry Schwartz (KerryS)
Document: isadmin.doc
Microsoft Confidential 1
1.0 INTERNET SERVER...............................................................................................
2.0 ADMINISTRATION OVERVIEW................................................................................
3.0 INITIAL PRISM WINDOW.....................................................................................
3.1 Window Fields and Layout.........................................................................................
3.2 Context Menu.............................................................................................................
3.3 Properties Menu.........................................................................................................
3.4 View Menu.................................................................................................................
3.5 Tools Menu.................................................................................................................
3.6 Help Menu..................................................................................................................
4.0 GOPHER SERVICE PROPERTIES..............................................................................
4.1 ‘Service’ Tab...............................................................................................................
4. 2 ‘Sessions’ Tab............................................................................................................
4.3 ‘Directories’ Tab.........................................................................................................
..........................................................................................................................................
4.4 ‘Logging’ Tab..............................................................................................................
4.5 ‘Common’ Tab............................................................................................................
4.6 Site Security Tab.........................................................................................................
5.0 WORLD-WIDE-WEB SERVICE PROPERTIES............................................................
5.1 ‘Service’ Tab...............................................................................................................
5. 2 ‘Sessions’ Tab............................................................................................................
5.3 ‘Directories’ Tab.........................................................................................................
..........................................................................................................................................
5.4 ‘Logging’ Tab..............................................................................................................
5.5 ‘Common’ Tab............................................................................................................
5.6 Site Security Tab.........................................................................................................
6.0 FTP SERVICE PROPERTIES....................................................................................
6.1 ‘Service’ Tab...............................................................................................................
6. 2 ‘Sessions’ Tab............................................................................................................
6.3 ‘Directories’ Tab.........................................................................................................
6.4 ‘Logging’ Tab..............................................................................................................
6.5 ‘Common’ Tab............................................................................................................
6.6 Site Security Tab.........................................................................................................
2
1.0 Internet Server
Internet Server is a Back Office product for Windows NT versions 3.51 and later.
The product includes a set of services that help make Windows NT Server an
excellent Internet publishing server, as well as a secure access server. Integration
with Windows NT system components, such as security, and other Back Office
products, such as SQL Server, is included. Internet Server also includes client-side
components, such as the Internet Extensions for Win32 APIs, and the
Web/Gopher/FTP browser, which uses the Win32 APIs, and is therefore usable when
accessing the Internet directly, or via the Internet Applications Gateway Service
(Catapult).
Version 1 of the Internet Server product (Gibraltar) will include the following
components:
Services:
- World-Wide-Web (HTTP) Service
- Gopher Service
- File Transfer Protocol (FTP) Service
- Domain Name Service (DNS)
- Internet Applications Gateway Service (Catapult)
Other Components:
- Internet Extension APIs for Win32
- FTP/Gopher/WWW browser with Internet API support
- Integrated service admin tool (PRISM)
Installation of the Internet Server software will be done via a stand-alone setup
program that allows the user to select which components to install, and with as little
UI as necessary, completes the installation process. The PRISM administration tool
will be installed if at least one of the Internet Server services is installed, or if the
administrator explicitly requests that it be installed. An Internet Server Program
Group will be created, with an icon for PRISM, the administration tool.
At the completion of service installation, the setup program will ask if the installer
would like to configure the services. If the answer is yes, the setup program will
launch the PRISM admin tool. The admin tool will display services on the newly-
installed machine only. all configuration properties can be viewed/modified on the
property pages.
The setup program will also offer the option of creating a client/admin installation
share for network installs. The installation share will include the PRISM admin
tool, the Internet API dll, the client browser, documentation files, and the setup
program. See the Internet Server Installation spec for more information.
Microsoft Confidential 3
2.0 Administration Overview
The Internet Server administration tool (PRISM) is installed by the Internet Server
setup program, and an icon is created for it in the Internet Server Program Group.
All Internet Server machines on an organization’s network can be administered
from any machine on which PRISM is installed. The remote administration is done
via the transport-independent RPC protocol. PRISM will run on 32-bit platforms
only, including Windows NT Server, Windows NT Workstation, and Windows ‘95.
The services will run on Windows NT Server only, version 3.51 or higher.
In order to administer any Internet service on a machine, the user logged in and
running PRISM must be defined in the user database as an administrator of the
target machine (the machine to be administered). A separate list of administrators is
currently not maintained for the Internet services, as it is a rare case that someone
would need Internet server admin privileges, but doesn’t need, or have, system
admin privileges.
All local configuration information for each Internet Server machine is stored in
that machine’s system registry. The server-side code that directly reads and writes
these registry entries for administration is built into the Internet services, and
therefore installed on every machine that has at least one Internet service installed.
This code is invoked via RPC calls by the PRISM administration tool.
An ‘RPC discover’ mechanism is used by PRISM to learn the names of Internet
Server machines running on the network, and to get the type of currently running
Internet services on those machines. This is done dynamically by the admin tool, as
needed - Internet Server machine names & services do not have to be manually
registered for PRISM. RPC APIs are used to get/set configuration information on a
specific Internet Server machine. PRISM therefore, consists of three functional
components:
· An ‘RPC discover’ mechanism to ‘learn’ about Internet Server
machines and services.
· A set of RPC APIs to get/set configuration information, and modify
state of Internet services anywhere on the network.
· A user interface that includes a set of property pages, displayed locally,
for viewing and modifying configuration information and state of
any Internet Server machine on the network. The RPC
mechanisms above are used to get/set the configuration
information and state.
PRISM’s initial window displays a list of all Internet Server machines and Internet
services on the network. State information can be viewed and modified (a service
can be started, stopped, or paused). Configuration information can be displayed and
modified. Keeping in mind that each Internet Server computer can have one or
more Internet services installed, configuration information falls into three
categories:
4
1. Information that applies to the Internet Server computer, and is
specified one time for each computer, regardless of how many
services are installed on the computer (example: IP level site
security).
2. Information that exists for every service, but needs to be specified
independently for each service. The values of these fields may be
different for the various services installed on a single computer
(example: administrator name).
3. Information that exists for a subset of all of the services. These items
make sense for only some (often only one) of the services (example:
the FTP welcome message).
A set of tabbed property sheets exist for each Internet Server service. The single set
of property sheets contains all three categories of configuration parameters for the
service. Usability tests have indicated that having a separate set of property sheets
for information that applies to all services (category 1 above) (ie: a set of ‘computer’
level property sheets) leads to confusion in that users have trouble deciding which
set of property pages to access to accomplish a specific task.
All ‘computer’ level attributes (category 1 above) are on the last two tabs for each
service, with a note on the tab indicating that modifications to attibutes will affect
other Internet Server services running on the same computer.
If a service is running or paused when configuration changes are made, the changes
are effective immediately. If the service is stopped when the changes are made,
they’ll be effective the next time the service is started.
Microsoft Confidential 5
issue: need icons for toolbar buttons
6
issue: we are researching the look of the context menu. for now, ignore the
‘Properties’ and ‘Exit’ words above.
Microsoft Confidential 7
Start Service Starts the service
Stop Service Terminates the service.
It stays in the list and can be restarted later
Pause/Continue Service Pauses or continues the service
Exit Terminate PRISM
8
Status Bar Display/don’t display status bar
Sort by Computer Display services sorted by computer name
Sort by Service Display services sorted by service name
Sort by State Display services sorted by state
Sort by Comment Display services sorted by comment
When a new type of service is chosen for display (e.g.: View only WWW servers),
all services of other types will be hidden. Another ‘RPC discover’ will not be done.
The Refresh menu item will initiate another ‘RPC discover’.
Microsoft Confidential 9
Search for Help on... Opens the search dialog box for help.
About PRISM... Release level and other information about PRISM
10
4. 2 ‘Sessions’ Tab
The Sessions tab contains session, or connection-oriented properties. The first three
are the same for each of the services:
- TCP Port Number (for Gopher, the default is 70)
- Connection Timeout (for Gopher, the default is 60 seconds)
- Maximum Connections (for Gopher, the default is 50)
The bottom part of the Sessions tab contains service specific properties, and for
Gopher, this includes the username and password that the Gopher service will use
(impersonate) when accessing resources on behalf of a Gopher client.
Microsoft Confidential 11
4.3 ‘Directories’ Tab
The Directories tab is where the administrator defines home directories, and other
directories that the Gopher service has access to. A home directory is the directory
in which to look for content when a client sends in a URL with no path information
such as:
URL = <gopher://gopher.microsoft.com/>
Each directory has an alias associated with it, for use in client requests (URLs). The
alias can be specified by the administrator, or created automatically by PRISM. For
Gopher, the administrator may choose not to specify the aliases since friendly names
are stored in the Gopher tag files, and clients typically select directories from menus
via friendly names, rather than using the aliases.
When a URL is received by the Gopher server with path information, the leftmost
directory name is searched among the defined aliases. If it is not found, an error is
returned to the client. If it is found, the directory associated with the alias replaces
the alias name to create an actual path to the directory. For example, if the
following directory/alias association exists:
Directory = c:\gopher\product\info Alias = catalog
and the following URL is received from a client:
URL = <gopher://gopher.microsoft.com/catalog/shoes>
12
the server will reply with gopher menu information found in the following
directory:
c:\gopher\product\info\shoes
A directory/alias pair can have an IP address associated with it. If an address has
been entered, the directory/alias pair is only valid when the destination IP address
(Internet Server machine’s address) in the client’s request matches the IP address
entered for the directory/alias. This allows a service to publish separate directories
of information (for separate companies, for example), and only allow access to the
directories associated with the IP address (company) in the client’s request.
A server administrator can assign multiple IP addresses to a machine, and register
multiple domains in the DNS for that machine (each domain resolves to a different
IP address). By then having multiple home directories, based on IP address, the
clients have the appearance that a shared machine is owned and operated solely by
each company (a URL without a path will access a different home page, depending
on the domain name used). Research has shown this feature to be important to
Internet Service Providers, and Internet consulting firms that rent out space on their
Internet server machines. A directory/alias pair without an IP address associated, is
valid for any client request for which a directory/alias pair is not found that has an
IP address matching the destination IP address in the request. Only one home
directory can exist at any time with a given IP address, and only one home directory
can exist with no IP address.
Directories in the Directories tab list box are displayed in a sorted order. First, all of
the home directories are listed, in alphabetical order by directory name, followed by
all non-home directories, alphabetically by directory name.
When the ‘Add’ button is pressed on the Directories tab, the Directory Properties
dialog box comes up, with blank edit fields. In creating a new directory/alias pair,
the Directory edit field on this dialog must specify a valid directory. This can be
entered manually, or by pressing the Browse button and selecting a directory. The
Browse window shows directories only, not files.
The administrator optionally enters an alias in the Alias field. If the alias field is left
blank, the admin tool will generate a unique alias, based on the directory name. The
alias generation occurs when the administrator clicks on the ‘OK’ button on the
Directory Properties.
If the directory is a UNC name, the username and password fields must be entered.
For local directories, the admin tool will verify that the directory exists, and if not,
offer to create it in a message box. For UNC names, the admin tool will attempt to
log on to the computer and access the directory, and if this fails, a message box will
be displayed, informing of the failure.
If this alias is to be valid for only one specific server-machine IP address, the
administrator will enter an IP address in the IP Address field.
If the new directory is to be a ‘home’ directory, the Home Directory check box will
be checked.
Microsoft Confidential 13
When done, the administrator presses the ‘OK’ button on the Directory Properties
dialog box, an alias name is generated if necessary, and the new directory/alias is
added to the listbox of directories on the ‘Directories’ tab.
When a directory/alias row is highlighted on the Directories tab, and the ‘Edit
Properties’ button is pressed, the Directory Properties dialog comes up, with
information from that entry filled in for editing. The password will be displayed as
asterisks. When a directory/alias row is highlighted on the Directories tab, and the
Remove button is pressed, that entry is removed from the listbox.
14
4.4 ‘Logging’ Tab
The logging tab allows the administrator to turn logging on and off, to select where
to store the log, and how often the log file gets closed, renamed, and a new log file
gets created. If the Enable Logging check box is not checked, everything else on this
page is disabled. If the Enable Logging check box is checked, the two radio buttons
become enabled (Log to File and Log to SQL/ODBC). In this case, the data in the
group box corresponding to the ‘pressed’ radio button is enabled. The data in the
other group box is disabled. The logging properties for file and ODBC logging work
as follows:
O Log to File
Transactions are written to a log file in the directory specified. The Browse
button allows choosing a directory only, not a file. The file name will be
determined by the software, as specified below. Each service will log to a
different file.
If the ‘Automatically open new log’ check box is checked, the four radio
buttons and edit field below are enabled. In this case, the service will
automatically close the log file, and create a new one with a different name
(in the same directory) when the appropriate time or log file size is
reached.
Log file names will be as follows:
GOPH.LOG, if ‘Automatically open new log’ is not checked.
GOPHnnn.LOG, where nnn is a sequentially increasing number,
if ‘When file size reaches’ is pressed.
GOmmddyy.LOG, where mmddyy is the month, day, year when
the log file is created, if one of ‘Daily’, ‘Weekly’, or ‘Monthly’, is
pressed.
Microsoft Confidential 15
For Daily, Weekly, or Monthly, the log file will be closed the first time a log
record is generated after midnight on the last day of the current log file.
The new log file name will include the date of the first day included in the
log file.
For ‘When file size reaches’, every time the log file is closed and a new
one is created, the sequential number in the filename will be incremented.
O Log to SQL/ODBC
Transactions are written to a database via ODBC. SQL is the most likely
database management system used, and the ODBC drivers for SQL will
ship with the Internet Server product. The ODBC drivers used must
support the global DSNs added to ODBC version 2.5. This support is
needed because the Internet services run in the system context (no current
user).
The fields supplied for ODBC logging include the ODBC Data Source
Name, the Table name, and the Username/Password. The database and
DSN must already exist. The table will be created if not found.
issue: should we offer a third location for logging: the event viewer....
issue: should we offer a choice of log file record formats?
16
4.5 ‘Common’ Tab
This tab contains properties the values of which, are shared by all Internet services.
Changing values on this tab affects other Internet services running on the same
computer. These are category 1 properties described in section 2.0 above (‘common’
or ‘global’ properties).
The memory cache is used by the services for caching file opens, and other things
that standard NT caching would not handle in an efficient way. The default value
for the memory cache size will be 20 percent of physical memory. Setting this value
to zero will disable memory caching.
The ‘Limit Network Use’ group box, allows setting a maximum network bandwidth
to be used by this computer for all Internet Services. This prevents this computer
from consuming too much of the bandwidth, and preventing other Internet Server
machines from having available bandwidth, or slowing down other Internet access.
Other Internet access may include email, news, or client access.
Microsoft Confidential 17
prevents access to all services, and therefore, all content published by the Internet
services. This security list is stored as a category 1 property, as described in section
2.0 above (‘global’ properties).
Each non-blank row in the list box contains computer(s) that are granted access to
the Internet Services, or computer(s) that are denied access. Each row can contain
either just an IP address, in which case it refers to a single computer, or an IP
address/subnet mask pair, in which case it refers to all of the computers on the
subnet. Using IP address/subnet mask pairs, while a bit confusing to someone not
familiar with IP addressing, offers maximum flexibility while maintaining high
performance. This can handle the somewhat rare cases when the ‘1’ bits in the mask
are not contiguous.
All computers/subnets that are not included on any row in the list box, are either
granted access, or denied access, depending on the ‘Client computers not listed
above’ radio buttons below the list box. After installation, the list box will be empty,
and the radio buttons will indicate to grant access to computers not listed (ie:
initially, every computer on the network has access to this computer’s services).
When the ‘Add’ button is pressed on this tab, the Site Security Properties dialog box
comes up with two pairs of radio buttons, and two IP address edit fields. The radio
buttons allow choosing ‘Single Computer’ or ‘Group of Computers’ (ie: subnet), and
‘Grant’ or ‘Deny’ access. If ‘Single Computer’ is chosen, the Subnet Mask edit field
is disabled, and only the IP address is entered. If ‘Group of Computers’ is pressed,
both the IP address and Subnet Mask fields are enabled and required.
If a row in the list box on the Site Security tab is highlighted, and the Edit button is
pressed, the Site Security Properties dialog box comes up with the data from the
highlighted row, for editing. If a row in the list box is highlighted, and the Remove
button is pressed, the row is deleted from the list box.
18
Microsoft Confidential 19
5.0 World-Wide-Web Service Properties
The WWW service property sheets include the following tabs:
- Service (General service properties)
- Sessions (Connection-oriented properties)
- Directories (Directory access, virtual roots, and home directories)
- Logging (Service logging information)
- Common (Properties shared by all services - this page is the same for all
services)
- Site Security (IP access control - this page is the same for all services)
20
5. 2 ‘Sessions’ Tab
The Sessions tab contains session, or connection-oriented properties. The first three
are the same for each of the services:
- TCP Port Number (for WWW, the default is 80)
- Connection Timeout (for WWW, the default is 60 seconds)
- Maximum Connections (for WWW, the default is 50)
The bottom part of the Sessions tab contains service specific properties, and for
WWW, this includes the username and password that the WWW service will use
(impersonate) when accessing resources on behalf of an ‘anonymous’ Web client,
and the method to use for password authentication. The options for password
authentication are NT’s challenge/response, clear text, and Uuencoded passwords.
Microsoft Confidential 21
5.3 ‘Directories’ Tab
The Directories tab is where the administrator defines home directories, and other
directories that the WWW service has access to. A home directory is the directory in
which to look for content when a client sends in a URL with no path information
such as:
URL = <http://www.microsoft.com/>
Each directory has an alias associated with it, for use in client requests (URLs). The
alias can be specified by the administrator, or created automatically by PRISM. For
WWW, the administrator will probably enter the alias, since this is the directory
name that clients will enter in a URL, and should therefore be a meaningful name.
When a URL is received by the WWW server with path information, the leftmost
directory name is searched among the defined aliases. If it is not found, an error is
returned to the client. If it is found, the directory associated with the alias replaces
the alias name to create an actual path to the directory. For example, if the
following directory/alias association exists:
Directory = c:\www\product\info Alias = catalog
and the following URL is received from a client:
URL = <http://www.microsoft.com/catalog/shoes>
22
the server will reply with gopher menu information found in the following
directory:
c:\www\product\info\shoes
A directory/alias pair can have an IP address associated with it. If an address has
been entered, the directory/alias pair is only valid when the destination IP address
(Internet Server machine’s address) in the client’s request matches the IP address
entered for the directory/alias. This allows a service to publish separate directories
of information (for separate companies, for example), and only allow access to the
directories associated with the IP address (company) in the client’s request.
A server administrator can assign multiple IP addresses to a machine, and register
multiple domains in the DNS for that machine (each domain resolves to a different
IP address). By then having multiple home directories, based on IP address, the
clients have the appearance that a shared machine is owned and operated solely by
each company (a URL without a path will access a different home page, depending
on the domain name used). Research has shown this feature to be important to
Internet Service Providers, and Internet consulting firms that rent out space on their
Internet server machines. A directory/alias pair without an IP address associated, is
valid for any client request for which a directory/alias pair is not found that has an
IP address matching the destination IP address in the request. Only one home
directory can exist at any time with a given IP address, and only one home directory
can exist with no IP address.
Directories in the Directories tab list box are displayed in a sorted order. First, all of
the home directories are listed, in alphabetical order by directory name, followed by
all non-home directories, alphabetically by directory name.
When the ‘Add’ button is pressed on the Directories tab, the Directory Properties
dialog box comes up, with blank edit fields. In creating a new directory/alias pair,
the Directory edit field on this dialog must specify a valid directory. This can be
entered manually, or by pressing the Browse button and selecting a directory. The
Browse window shows directories only, not files.
The administrator optionally enters an alias in the Alias field. If the alias field is left
blank, the admin tool will generate a unique alias, based on the directory name. The
alias generation occurs when the administrator clicks on the ‘OK’ button on the
Directory Properties.
If the directory is a UNC name, the username and password fields must be entered.
For local directories, the admin tool will verify that the directory exists, and if not,
offer to create it in a message box. For UNC names, the admin tool will attempt to
log on to the computer and access the directory, and if this fails, a message box will
be displayed, informing of the failure.
If this alias is to be valid for only one specific server-machine IP address, the
administrator will enter an IP address in the IP Address field.
If the new directory is to be a ‘home’ directory, the Home Directory check box will
be checked.
Microsoft Confidential 23
When done, the administrator presses the ‘OK’ button on the Directory Properties
dialog box, an alias name is generated if necessary, and the new directory/alias is
added to the listbox of directories on the ‘Directories’ tab.
When a directory/alias row is highlighted on the Directories tab, and the ‘Edit
Properties’ button is pressed, the Directory Properties dialog comes up, with
information from that entry filled in for editing. The password will be displayed as
asterisks. When a directory/alias row is highlighted on the Directories tab, and the
Remove button is pressed, that entry is removed from the listbox.
24
5.4 ‘Logging’ Tab
The logging tab allows the administrator to turn logging on and off, to select where
to store the log, and how often the log file gets closed, renamed, and a new log file
gets created. If the Enable Logging check box is not checked, everything else on this
page is disabled. If the Enable Logging check box is checked, the two radio buttons
become enabled (Log to File and Log to SQL/ODBC). In this case, the data in the
group box corresponding to the ‘pressed’ radio button is enabled. The data in the
other group box is disabled. The logging properties for file and ODBC logging work
as follows:
O Log to File
Transactions are written to a log file in the directory specified. The Browse
button allows choosing a directory only, not a file. The file name will be
determined by the software, as specified below. Each service will log to a
different file.
If the ‘Automatically open new log’ check box is checked, the four radio
buttons and edit field below are enabled. In this case, the service will
automatically close the log file, and create a new one with a different name
(in the same directory) when the appropriate time or log file size is
reached.
Log file names will be as follows:
WWWS.LOG, if ‘Automatically open new log’ is not checked.
WWWSnnn.LOG, where nnn is a sequentially increasing number,
if ‘When file size reaches’ is pressed.
WWmmddyy.LOG, where mmddyy is the month, day, year when
the log file is created, if one of ‘Daily’, ‘Weekly’, or ‘Monthly’, is
pressed.
Microsoft Confidential 25
For Daily, Weekly, or Monthly, the log file will be closed the first time a log
record is generated after midnight on the last day of the current log file.
The new log file name will include the date of the first day included in the
log file.
For ‘When file size reaches’, every time the log file is closed and a new
one is created, the sequential number in the filename will be incremented.
O Log to SQL/ODBC
Transactions are written to a database via ODBC. SQL is the most likely
database management system used, and the ODBC drivers for SQL will
ship with the Internet Server product. The ODBC drivers used must
support the global DSNs added to ODBC version 2.5. This support is
needed because the Internet services run in the system context (no current
user).
The fields supplied for ODBC logging include the ODBC Data Source
Name, the Table name, and the Username/Password. The database and
DSN must already exist. The table will be created if not found.
issue: should we offer a third location for logging: the event viewer....
issue: should we offer a choice of log file record formats?
26
5.5 ‘Common’ Tab
This tab contains properties the values of which, are shared by all Internet services.
Changing values on this tab affects other Internet services running on the same
computer. These are category 1 properties described in section 2.0 above (‘common’
or ‘global’ properties).
The memory cache is used by the services for caching file opens, and other things
that standard NT caching would not handle in an efficient way. The default value
for the memory cache size will be 20 percent of physical memory. Setting this value
to zero will disable memory caching.
The ‘Limit Network Use’ group box, allows setting a maximum network bandwidth
to be used by this computer for all Internet Services. This prevents this computer
from consuming too much of the bandwidth, and preventing other Internet Server
machines from having available bandwidth, or slowing down other Internet access.
Other Internet access may include email, news, or client access.
Microsoft Confidential 27
prevents access to all services, and therefore, all content published by the Internet
services. This security list is stored as a category 1 property, as described in section
2.0 above (‘common’ or ‘global’ properties).
Each non-blank row in the list box contains computer(s) that are granted access to
the Internet Services, or computer(s) that are denied access. Each row can contain
either just an IP address, in which case it refers to a single computer, or an IP
address/subnet mask pair, in which case it refers to all of the computers on the
subnet. Using IP address/subnet mask pairs, while a bit confusing to someone not
familiar with IP addressing, offers maximum flexibility while maintaining high
performance. This can handle the somewhat rare cases when the ‘1’ bits in the mask
are not contiguous.
All computers/subnets that are not included on any row in the list box, are either
granted access, or denied access, depending on the ‘Client computers not listed
above’ radio buttons below the list box. After installation, the list box will be empty,
and the radio buttons will indicate to grant access to computers not listed (ie:
initially, every computer on the network has access to this computer’s services).
When the ‘Add’ button is pressed on this tab, the Site Security Properties dialog box
comes up with two pairs of radio buttons, and two IP address edit fields. The radio
buttons allow choosing ‘Single Computer’ or ‘Group of Computers’ (ie: subnet), and
‘Grant’ or ‘Deny’ access. If ‘Single Computer’ is chosen, the Subnet Mask edit field
is disabled, and only the IP address is entered. If ‘Group of Computers’ is pressed,
both the IP address and Subnet Mask fields are enabled and required.
If a row in the list box on the Site Security tab is highlighted, and the Edit button is
pressed, the Site Security Properties dialog box comes up with the data from the
highlighted row, for editing. If a row in the list box is highlighted, and the Remove
button is pressed, the row is deleted from the list box.
28
Microsoft Confidential 29
6.0 FTP Service Properties
The FTP service property sheets include the following tabs:
- Service (General service properties)
- Sessions (Connection-oriented properties)
- Directories (Directory access, virtual roots, and home directories)
- Logging (Service logging information)
- Common (Properties shared by all services - this page is the same for all
services)
- Site Security (IP access control - this page is the same for all services)
issue: where should we put the dynamic list of who’s connected (equivalent to the
ftp icon in control panel)? maybe put a button on the ‘Sessions’ tab to bring up the
dialog box with the list of connected users......
30
6. 2 ‘Sessions’ Tab
The Sessions tab contains session, or connection-oriented properties. The first three
are the same for each of the services:
- TCP Port Number (for FTP, the default is 20)
- Connection Timeout (for FTP, the default is 600 seconds)
- Maximum Connections (for FTP, the default is 50)
The bottom part of the Sessions tab contains service specific properties, and for FTP,
this includes anonymous logon information, and directory listing style information.
The anonymous logon information includes:
- a check box to allow/not allow anonymous logons
- the username/password to use for anonymous logons. this
username/password must be a valid NT account, and must not be disabled.
The permissions assigned to this account will apply for all anonymous
logons.
- a check box to disable non-anonymous logons (ie: to allow only
anonymous logons)
Microsoft Confidential 31
The ‘Directory Listing Style’ radio buttons indicate whether directory listings
returned as a result of the ‘ls’ command will be in MS-DOS format, or UNIX
format.
32
- If the ‘users’ alias does not exist, the starting directory will be the ‘home’
directory (the same starting directory as for anonymous connections).
Each directory has an alias associated with it, for use in client requests (URLs). The
alias can be specified by the administrator, or created automatically by PRISM. For
FTP, the alias names will most likely be entered by the administrator, since these are
the names that clients will be entering in URLs and in CD commands.
When a connection is made to the FTP server, the starting subdirectory is
determined (see above). Once connected, CD commands can be used to move
around within the directory structure. When entering a CD command with a path,
the leftmost directory name is searched among the defined aliases. If it is not found,
an error is returned to the client. If it is found, the directory associated with the alias
replaces the alias name to create an actual path to the directory. For example, if the
following directory/alias association exists:
Directory = c:\ftp\product\info Alias = catalog
and the following CD command is received from a client:
CD /catalog/shoes
the server will set the current directory to the following (and report an error if it
doesnt exist):
c:\ftp\product\info\shoes
A directory/alias pair can have an IP address associated with it. If an address has
been entered, the directory/alias pair is only valid when the destination IP address
(Internet Server machine’s address) in the client’s request matches the IP address
entered for the directory/alias. This allows a service to publish separate directories
of information (for separate companies, for example), and only allow access to the
directories associated with the IP address (company) in the client’s request.
A server administrator can assign multiple IP addresses to a machine, and register
multiple domains in the DNS for that machine (each domain resolves to a different
IP address). By then having multiple home directories, based on IP address, the
clients have the appearance that a shared machine is owned and operated solely by
each company (a connection will access a different directory, depending on the
domain name used). Research has shown this feature to be important to Internet
Service Providers, and Internet consulting firms that rent out space on their Internet
server machines. This need is primarily for WWW servers, but for consistency, we
will offer it for WWW, Gopher, and FTP.
A directory/alias pair without an IP address associated, is valid for any client request
for which a directory/alias pair is not found that has an IP address matching the
destination IP address in the request. Only one home directory can exist at any time
with a given IP address, and only one home directory can exist with no IP address.
Directories in the Directories tab list box are displayed in a sorted order. First, all of
the home directories are listed, in alphabetical order by directory name, followed by
all non-home directories, alphabetically by directory name.
When the ‘Add’ button is pressed on the Directories tab, the Directory Properties
dialog box comes up, with blank edit fields. In creating a new directory/alias pair,
Microsoft Confidential 33
the Directory edit field on this dialog must specify a valid directory. This can be
entered manually, or by pressing the Browse button and selecting a directory. The
Browse window shows directories only, not files.
The administrator optionally enters an alias in the Alias field. If the alias field is left
blank, the admin tool will generate a unique alias, based on the directory name. The
alias generation occurs when the administrator clicks on the ‘OK’ button on the
Directory Properties.
If the directory is a UNC name, the username and password fields must be entered.
For local directories, the admin tool will verify that the directory exists, and if not,
offer to create it in a message box. For UNC names, the admin tool will attempt to
log on to the computer and access the directory, and if this fails, a message box will
be displayed, informing of the failure.
If this alias is to be valid for only one specific server-machine IP address, the
administrator will enter an IP address in the IP Address field.
If the new directory is to be a ‘home’ directory, the Home Directory check box will
be checked.
When done, the administrator presses the ‘OK’ button on the Directory Properties
dialog box, an alias name is generated if necessary, and the new directory/alias is
added to the listbox of directories on the ‘Directories’ tab.
When a directory/alias row is highlighted on the Directories tab, and the ‘Edit
Properties’ button is pressed, the Directory Properties dialog comes up, with
information from that entry filled in for editing. The password will be displayed as
asterisks. When a directory/alias row is highlighted on the Directories tab, and the
Remove button is pressed, that entry is removed from the listbox.
34
6.4 ‘Logging’ Tab
The logging tab allows the administrator to turn logging on and off, to select where
to store the log, and how often the log file gets closed, renamed, and a new log file
gets created. If the Enable Logging check box is not checked, everything else on this
Microsoft Confidential 35
page is disabled. If the Enable Logging check box is checked, the two radio buttons
become enabled (Log to File and Log to SQL/ODBC). In this case, the data in the
group box corresponding to the ‘pressed’ radio button is enabled. The data in the
other group box is disabled. The logging properties for file and ODBC logging work
as follows:
O Log to File
Transactions are written to a log file in the directory specified. The Browse
button allows choosing a directory only, not a file. The file name will be
determined by the software, as specified below. Each service will log to a
different file.
If the ‘Automatically open new log’ check box is checked, the four radio
buttons and edit field below are enabled. In this case, the service will
automatically close the log file, and create a new one with a different name
(in the same directory) when the appropriate time or log file size is
reached.
Log file names will be as follows:
FTPS.LOG, if ‘Automatically open new log’ is not checked.
FTPSnnn.LOG, where nnn is a sequentially increasing number, if
‘When file size reaches’ is pressed.
FTmmddyy.LOG, where mmddyy is the month, day, year when
the log file is created, if one of ‘Daily’, ‘Weekly’, or ‘Monthly’, is
pressed.
For Daily, Weekly, or Monthly, the log file will be closed the first time a log
record is generated after midnight on the last day of the current log file.
The new log file name will include the date of the first day included in the
log file.
For ‘When file size reaches’, every time the log file is closed and a new
one is created, the sequential number in the filename will be incremented.
O Log to SQL/ODBC
Transactions are written to a database via ODBC. SQL is the most likely
database management system used, and the ODBC drivers for SQL will
ship with the Internet Server product. The ODBC drivers used must
support the global DSNs added to ODBC version 2.5. This support is
needed because the Internet services run in the system context (no current
user).
The fields supplied for ODBC logging include the ODBC Data Source
Name, the Table name, and the Username/Password. The database and
DSN must already exist. The table will be created if not found.
issue: should we offer a third location for logging: the event viewer....
36
issue: should we offer a choice of log file record formats?
Microsoft Confidential 37
6.6 Site Security Tab
Site security allows specifying IP address/subnet mask pairs that should be granted
access or denied access by any of the Internet services on the computer. This is a
global computer property to allow the administrator to control who has access to the
machine (any and all Internet Services) from one place. Denying access here
prevents access to all services, and therefore, all content published by the Internet
services. This security list is stored as a category 1 property, as described in section
2.0 above (‘common’ or ‘global’ properties).
Each non-blank row in the list box contains computer(s) that are granted access to
the Internet Services, or computer(s) that are denied access. Each row can contain
either just an IP address, in which case it refers to a single computer, or an IP
address/subnet mask pair, in which case it refers to all of the computers on the
subnet. Using IP address/subnet mask pairs, while a bit confusing to someone not
familiar with IP addressing, offers maximum flexibility while maintaining high
performance. This can handle the somewhat rare cases when the ‘1’ bits in the mask
are not contiguous.
All computers/subnets that are not included on any row in the list box, are either
granted access, or denied access, depending on the ‘Client computers not listed
above’ radio buttons below the list box. After installation, the list box will be empty,
and the radio buttons will indicate to grant access to computers not listed (ie:
initially, every computer on the network has access to this computer’s services).
38
When the ‘Add’ button is pressed on this tab, the Site Security Properties dialog box
comes up with two pairs of radio buttons, and two IP address edit fields. The radio
buttons allow choosing ‘Single Computer’ or ‘Group of Computers’ (ie: subnet), and
‘Grant’ or ‘Deny’ access. If ‘Single Computer’ is chosen, the Subnet Mask edit field
is disabled, and only the IP address is entered. If ‘Group of Computers’ is pressed,
both the IP address and Subnet Mask fields are enabled and required.
If a row in the list box on the Site Security tab is highlighted, and the Edit button is
pressed, the Site Security Properties dialog box comes up with the data from the
highlighted row, for editing. If a row in the list box is highlighted, and the Remove
button is pressed, the row is deleted from the list box.
Microsoft Confidential 39
40