IIS 6: The Complete Reference
|
|
Remote Administration with the HTML Interface
The Administration web site allows you to configure your web server through an HTML interface. Unlike the HTML administration in previous versions of IIS, you can use this site even when you’re not administering from the same server. Previously, you had to connect to the server through the localhost (127.0.0.1) address, which prevented you from using this site when you were not working directly on the server.
The web administration utility is an IIS component and can be loaded from the Add/Remove Windows Components Wizard. It is not loaded by default. Here’s how to load the web administration utility:
-
Start the Add/Remove Windows Components Wizard by choosing Start | Control Panel | Add Or Remove Programs, and then click Add/Remove Windows Components.
-
Click Application Server, and then click Details.
-
Click Internet Information Services (IIS), and then click Details.
-
Click World Wide Web Service, and then click Details.
-
Add a check mark next to Remote Administration (HTML), and then click OK.
-
Click OK.
-
Click Next; wait, and then click Finish to complete the wizard.
The HTML administration site runs on port 8098 using Secure Socket Layer (SSL). It is also configured to run on port 8099, but no pages are configured at that Transmission Control Protocol (TCP) port. The home directory for this site is at %systemroot%\System32\ serverappliance\web. When Remote Administration is installed, a Remote Administration icon is added to the Start menu at Administrative Tools | Web Interface. To use this interface, you need to be an administrator on the system.
Tip | You may experience issues using the HTML remote administration with Internet Explorer when the Internet Explorer Enhanced Security Configuration is being used. You can get around this either by changing the security settings for this site or by adding it to the Trusted Sites in Internet Explorer. |
Using the Remote Administration Site
The remote Server Administration page (shown in Figure 9-3), can be accessed by one of two ways:
-
Choose Start | Administrative Tools | Web Interface For Remote Administration.
-
Open Internet Explorer and browse to http://<servername>:8098, where <servername> is the name of the server.
The remote Server Administration page includes several tabs where you can configure the web server. The tabs include options you can use to configure the server as a whole. The top of the administration site page contains the server name and the general status of the site. The options in this site are those most commonly used. Since HTML works better than remote procedure calls (RPCs) over high-latency links, HTML can be a good choice for remote administration of very remote servers.
The Welcome Tab
The Welcome tab includes some wizards that allow you to configure the general options for this help site.
Take a Tour Displays a help file that is a “how-to” for this site. It offers general information about the various options in the remote administration site.
Set Administrator Password Allows you to set the password for the currently logged-in user. When you go to this site, you will see the name of the current user in an editable text box; however, if you try to change the password for any other user, you will be unsuccessful. You do need to know the password to change it.
Microsoft Communities Takes you to the Microsoft Windows Server community site. The Windows Server community site has downloads, information, newsgroups, and other resources that help you learn more about WS03.
Set Server Name Changes the name of this server. You can also change the Domain Name System (DNS) suffix of the machine. Additionally, you can join a domain or change the domain/workgroup of which this machine is a member. If you join a domain, you can also specify a user who has the ability to add a server to that domain.
Set Default Page Chooses which tab is displayed when you first access this site. Two options are available: the Welcome tab, which is the default page, and the Status tab, which is covered next.
The Status Tab
The Status tab contains the current status and any alerts for this server. When this site is first installed, it prompts you to install a new certificate. While there is nothing wrong with the default certificate, like all certificates that do not match the site, the wizard will give you a warning message when you access this site. If this site is listed in the Trusted Sites zone in Internet Explorer, you will not receive this message. If you want to resolve this error, you can either add this site to the Trusted Sites or obtain a properly signed certificate from a certificate authority (CA) that matches this site. Note that you will need to use DNS names exclusively if a certificate is installed, or you will continue to receive a warning.
The Sites Tab
The Sites tab allows you to create, modify, delete, pause, stop, and start web sites on this server. If you’ve created the site with the web interface, you can modify and delete the site here. If you haven’t created the site with the web interface, you can only pause, stop, and start the site.
Creating a Site Through the Web Interface The web interface allows you to create a site. When you use the web interface, you won’t be able to configure all the options that you could through the MMC, but the web interface does give you all the basic site creation options. You can go back through the MMC interface to configure application pools, SSL, Internet Server Application Programming Interface (ISAPI) filters, and so on, later. To create a site:
-
Click the Create button.
-
Type in the Site Identifier or the friendly name of the site.
-
The directory will be auto-populated; you may change it if you like.
-
Choose to create an administrator account for this site or use an existing account.
-
Click the Site Identities tab.
-
Choose the IP address of the site you wish to use, or choose All Unassigned.
-
Choose the TCP port this site will use.
-
If you want, add the host header name to the site.
-
Click the Application Settings tab.
-
Choose the execute permission level you want to use for this site.
-
Choose the name of the default page: you can accept the names already there, add your own, and modify the order in which the filenames are searched.
-
Choose whether to use FrontPage or FTP to administer content on this site. If you do not have the FrontPage server extensions and FTP installed, you will not be able to choose the respective options.
-
Choose whether to allow anonymous access to this site.
-
Click OK.
The Web Server Tab
The web server tab allows you to configure settings for both web and FTP servers. These settings apply globally, rather than on an individual site.
Web Master Settings Configures the default settings for new web sites. You can choose the Default root directory, the ASP script default timeout, the maximum number of connections a site will allow, and whether or not FrontPage Server extensions are enabled. The ASP script Timeout setting and the Maximum Connections setting will apply to all existing sites in addition to new sites.
Web Log Settings Changes the logging settings for web sites. The logging options are the same here as in the IIS MMC snap-in. You can configure anything that’s on the General tab in the MMC. You cannot, however, change anything that appears in the Advanced tab, such as which fields are logged. Making a change here applies to all web sites on the server.
FTP Messages Sets the welcome, exit, and maximum connections messages for all FTP sites. You can edit any or all three of the messages here. This will overwrite whatever messages you have currently set. If the FTP service is not installed, you will see a message stating so when you try to access this option.
Web Execute Permissions Sets the default execute permissions for web sites. You can also choose to apply this setting to existing sites. Your choices are to apply this to all web sites that use the current default value (which is None, out of the box) or to apply it to all web sites regardless of their current value.
FTP Master Settings Configures the default settings for FTP sites. You can choose the directory listing style, the maximum number of connections, and the connection timeout. Changing one of these values will affect all current FTP sites in addition to new ones. You can also enable the “Web Site Content” FTP site here. This FTP site allows you manage the content on your web site via FTP.
FTP Log Settings Modifies the logging for FTP. Like WWW logging, this affects all FTP sites, and you can configure all the basic options for FTP logs.
The Network Tab
The Network tab allows you to configure some server options that mostly deal with administration and name resolution. Some of the options here take you to the same screens as options in the Welcome tab.
Identification Takes you to the same screen as Set Server Name under the Welcome tab.
Interfaces Configures the network interfaces on this server. You can configure the IP address, subnet mask, default gateway, the DNS settings, and the WINS settings for each adapter.
Administration Web Site Configures the settings for this administration web site. You can configure the Internet Protocol (IP) addresses that are granted access to this site and the ports used for HTTP and HTTPS access. Since you are using the site that you are configuring, if you change the port numbers, you will need to start using that new port immediately.
Global Settings Configures the DNS suffixes, the HOSTS file, and the LMHOSTS file. Changes here apply to the machine as a whole. You can modify the DNS suffixes, but you cannot change the DNS registration settings. When you change the HOSTS and LMHOSTS files, the changes take effect immediately, but there is no method to reload the NetBIOS name cache in this interface.
Administrator Takes you to the same screen as Set Administrator Password in the Welcome tab.
Telnet Has just one option, a checkbox to enable Telnet client access to this server. When you enable this, the Telnet service is started (it is installed but not enabled by default). Through the Telnet interface, you can run character-mode applications.
The Users Tab
The Users tab allows you to manage local users and groups on this server.
Local Users Allows you to add, delete, and modify users on this machine. You can set the user’s full name, description, and home directory here. You cannot change any of the other fields that exist in the MMC, such as login script and terminal server settings. You can also reset a user’s password here.
Local Groups Allows you to add and remove local groups on this server. You can also rename the group, change the description, and modify group memberships here.
The Maintenance Tab
The Maintenance tab configures the general options that allow you to monitor and maintain the server. You can also directly connect to the server here.
Date/Time Allows you to set the current date and time on this server. You can also set the time zone and whether or not the computer observes daylight saving time.
Logs Allows you to view the Application, Security, System, and Web Administration logs. In addition to viewing events, you can save a log file locally and clear the logs. In the Properties section, you can set the maximum size and overwrite settings of the log file.
Alert E-Mail Configures the e-mail address and Simple Mail Transfer Protocol (SMTP) server address for sending alert e-mails. Three levels of alerts correspond to the appropriate event viewer alerts: you can choose to send any or all of the critical, warning, and informational categories of event viewer messages. If the SMTP service is not installed, you will get an error message stating so when you try to use this option.
Shutdown Allows you to shut down or restart this server. You can also schedule a shutdown or restart of this server. You can schedule an event up to 27 days in advance or on a specific day and time up to a week from now.
Remote Desktop Connects you to the server using the Terminal Services Remote Desktop Protocol (RDP). It uses the RDP ActiveX control that was formerly known as the Terminal Services Advanced Client. If Remote Desktop isn’t enabled (it’s not, by default), you will receive an error when attempting to connect. You cannot enable Remote Desktop through this web interface.
Language Sets the language used on this site.
The Help Tab
The Help tab contains detailed help for the web user interface. It appears just like a normal compiled help file.
|
|