Installing Internet Information Server
This chapter will help you quickly and easily install Microsoft Internet Information Server for Windows NT Server.
All you need to do is connect your Windows NTbased computer to the Internet or your intranet (your local or wide area network), install Microsoft Internet Information Server software and specify your home directory. This chapter tells you how.
Important To publish on the World Wide Web (WWW) and the Internet, you must contact an Internet Service Provider (ISP) to obtain an Internet connection. Your ISP will provide your servers Internet Protocol (IP) address, subnet mask, and the default gateways IP address. (The default gateway is the computer through which your computer will route all Internet traffic.)
You can easily install Internet Information Server while you install Windows NT Server. When prompted to install Internet Information Server, make sure the check box is selected and click OK. Thats it! If you already have the necessary Internet or intranet connection, you can accept all of the default settings during setup and then add your Hypertext Markup Language (HTML) content files to the Wwwroot folder. Your files will be immediately available to users. The default setup configurations are suitable for many publishing scenarios without any further modifications.
This section defines the installation requirements and explains how to:
Microsoft Internet Information Server requires:
- Configure Windows NT before installation.
- Run the Setup program.
- Set up files to publish.
- Test your installation.
- A computer with at least the minimum configuration to support Windows NT Server; see Windows NT Configuration and Security Checklists, later in this chapter.
- Windows NT Server version 4.0.
Note You can administer a server running Internet Information Server from a remote computer running Windows NT Workstation. Install the Peer Web Services Internet Service Manager on that computer, and then connect to the server you want to administer.
- Transmission Control Protocol/Internet Protocol (TCP/IP) (included with Windows NT). Use the Network application in Control Panel to install and configure the TCP/IP protocol and related components.
- A CD-ROM drive for the installation compact disc.
- Adequate disk space for your information content. It is recommended that all drives used with Microsoft Internet Infomation Server be formatted with the Windows NT File System (NTFS).
To publish on an intranet, you will need
- A network adapter card and local area network (LAN) connection.
- The Windows Internet Name Service (WINS) server or the Domain Name System (DNS) server installed on a computer in your intranet. This step is optional, but it does allow users to use friendly names instead of IP addresses.
To publish on the Internet, you will need
You must configure the Windows NT Server networking component so that your Web server can operate on the Internet. Microsoft recommends that you also enhance the Windows NT default security settings and implement other Windows NT security measures to prevent users from tampering with your computer or network. For more information about security, see Chapter 5, Securing Your Site Against Intruders.
Use the Network application in Control Panel for all configuration tasks mentioned in this section.
- An Internet connection and Internet Protocol (IP) address from your Internet Service Provider (ISP).
- DNS registration for that IP address. This step is optional, but it does allow users to use friendly names instead of IP addresses when connecting to your server. For example, microsoft.com is the domain name registered to Microsoft. Within the microsoft.com domain, Microsoft has named its World Wide Web (WWW) server www.microsoft.com. Most ISPs can register your domain names for you.
- A network adapter card suitable for your connection to the Internet.
- Obtain an Internet Connection. To publish on the Internet, you must have a connection to the Internet from an ISP. To find an ISP, look in the telephone book under Computers-Networking or in your local newspapers business or technology section.
- Install Windows NT Server. Install Windows NT Server version 4.0 and Microsoft Internet Information Server.
- Configure the TCP/IP Protocol. Install the Windows NT TCP/IP Protocol and Connectivity Utilities. Your ISP must provide your servers IP address, subnet mask, and the default gateways IP address. (The default gateway is the ISP computer through which your computer will route all Internet traffic.)
Note If the FTP service provided with Windows NT has been installed, remove it. Also remove any other previously installed Internet services.
- Configure the Sites Domain Name (also called Host Name). On the Internet, your IP address (for example, http://10.138.59.1/homepage.htm) can always be used to contact your Web server. However, if you register a domain name in the DNS, your server can be contacted by using a friendly domain name (for example, http://www.company.com/homepage.htm). ISPs can usually register domain names for you.
- Configure Name Resolution. You need a name resolution system to map IP addresses to computer names or domain names. On the Internet, Web sites usually use the Domain Name System. Once you have registered a domain name for your site, users can type your sites domain name in a browser to contact your site. ISPs can register domain names for you.
On an intranet, you can use either DNS or the Windows Internet Name Service (WINS). Your network must have DNS or WINS servers to match IP addresses to host names, and client computers must know the IP address of the DNS or WINS server to contact.
An alternative to DNS is to use a HOSTS file. On intranets an alternative to WINS Servers is to use an LMHOSTS file. Use the Network application in Control Panel to make the appropriate Advanced TCP/IP Configuration setting for this servers name resolution. For more information on installing and configuring WINS or DNS, see the Windows NT online Help.
Several steps can be taken to enhance the security of a computer publishing information on an intranet or the Internet. For further information on these checklist topics, see Chapter 5, Securing Your Site Against Intruders.
- WWW Virtual Servers. Optionally, if you have registered multiple domain names (such as www.company1.com and www.company2.com), you can host multiple domain names on the same computer running Microsoft Internet Information Server. You use Advanced TCP/IP Configuration settings to assign multiple IP addresses to the network adapter card connected to the Internet. You should register a domain name for each IP address on your adapter.
- Review the IUSR_computername accounts rights.
- Choose difficult passwords.
- Manage strict account policies.
- Limit the membership of the Administrators group.
- Use Access Control Lists (ACLs), available with NTFS.
- Enable auditing to track file access.
- Run only the services that you need.
- Unbind unnecessary services from your Internet adapter cards.
Warning Make sure to check with your system administrator because unbinding services could have undesirable effects.
Before installing the Internet Information Server services, disable any other Internet services.
- Check permissions on network shares.
If your server has another version of File Transfer Protocol (FTP), gopher, or World Wide Web (WWW) services installed (such as the FTP service included with Windows NT or the European Microsoft Windows Academic Centre [EMWAC] services included in the Windows NT Resource Kit), disable these services before you install the Microsoft Internet Information Server services. See the documentation for each service to see how to disable it.
During the setup process, a screen will appear, asking you whether you want to disable access by the Guest account to your FTP server.
Microsoft recommends that you select Yes to protect the contents of your system. If you choose the No option and enable guest access to your server, all existing files and any new files will be available to the Guest account through FTP. You will need to disable access to each file or folder individually to prevent unauthorized access. Disabling FTP access for the Guest account will not affect the IUSR_computername account that is created during setup.
To install the services for Internet Information Server, you must be logged on to the server with administrator privileges. You also need administrator privileges to configure the services remotely through Internet Service Manager.
By default, Internet Information Server is installed from the compact disc to C:\Winnt\System32\Inetsrv. If you change the default, be sure to enter a fully qualified path name, including a drive letter. Relative paths and paths without drive letters can be misinterpreted by Setup.
When setting up a new version of Internet Information Server from your computer, click the Remove All button to delete the previous version.
If you remove Internet Information Server, you will be unable to review IIS events in the Event Log.
The Remove All button in Setup removes all Internet Information Server program files but does not remove the directory structure or any content or sample files. This setting protects your content files from unintentional deletion. If you want to remove these folders and files after completing the Remove All process, delete them by using Windows NT Explorer.
If there are data sources referring to 16-bit Open Database Connectivity (ODBC) drivers on the system, Setup will detect them and ask you if you want to convert them to 32-bit. If you choose Yes, these data sources will be converted to refer to the 32-bit ODBC drivers.
You can install Internet Information Server while installing Windows NT Server or after you have installed Windows NT Server.
To install Internet Information Server during Windows NT Server Setup
1. When prompted, make sure the Install Microsoft Internet Information Server check box is selected and click the Next button.
The Internet Information Server Setup program begins.
2. Follow the instructions on the screen. If you have questions, click the Help button in any dialog box.
If you do not install Internet Information Server while setting up Windows NT Server, you can install it separately any time afterward. To install Internet Information Server separately, you must be logged on with administrator privileges.
To install Internet Information Server after installing Windows NT Server
1. Insert the Windows NT Server compact disc into the CD-ROM drive.
2. Double-click the Install Internet Information Server icon on the Windows NT Server Desktop.
3. Follow the instructions on the screen. If you have questions, click the Help button in any dialog box.
You can also install Internet Information Server by using the Windows NT Control Panel.
1. Insert the Windows NT Server compact disc into the CD-ROM drive.
2. On the Windows NT taskbar, click Start, point to Settings, and then click Control Panel.
3. In Control Panel, double-click the Network icon.
4. On the Network property sheet, click the Services tab.
5. Click the Add button.
6. From the Network Services list, select Microsoft Internet Information Server, and then click the OK button.
7. In the Installed from box, type the letter of the drive where your compact disc is located, and click the OK button.
8. Follow the instructions on the screen. For information about any of the Setup dialog boxes, click the Help button.
Alternatively, you can install Internet Information Server directly from the Windows NT Server compact disc.
1. Insert the Windows NT Server compact disc into the CD-ROM drive.
2. In Windows NT Explorer or at the command prompt, change to the drive containing the compact disc.
3. Start Setup:
- To start Setup from Windows NT Explorer, double-click the file named Inetstp.exe in the Inetsrv folder of the compact disc.
- To start Setup from the command prompt, change to the Inetsrv folder of the compact disc and then type inetstp.
4. Follow the instructions on the screen. If you have questions, click the Help button in any dialog box.
This section walks you through the setup process and gives guidelines for setting up Internet Information Server.
1. When you start the Setup program, the Microsoft Internet Information Server Welcome dialog box appears. Click the OK button.
2. All of the options in the second dialog box are selected by default. Click the OK button to install them all. If you do not want to install a particular item, clear the box next to it and then click the OK button to install the rest.
Internet Service Manager installs the administration program for managing the services.
World Wide Web Service creates a WWW publishing server.
Gopher Service creates a gopher publishing server.
FTP Service creates an FTP publishing server.
ODBC Drivers and Administration installs Open Database Connectivity (ODBC) drivers. These are required for logging to ODBC files and for enabling ODBC access through the Internet Database Connector (IDC) from the WWW service.
Important If you want to provide access to databases though the Microsoft Internet Information Server, you need to set up the ODBC drivers and data sources by using the ODBC application in Control Panel. Please see Chapter 8, Publishing Information and Applications, for specific instructions.
3. Accept the default installation folder (C:\Winnt\System32\Inetsrv) or click the Change Directory button and enter a new folder.
Note If you have installed Internet Information Server, but want to reinstall it into another folder, you must remove the following key from the registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\INetStp. If you do not delete this key, the Change Directory button will be dimmed and you will be unable to change the default folder.
4. Choose the OK button. When prompted click Yes to create the installation folder.
Note If you already have files ready to publish, you can enter the full path to their current location, or move them into the default folders later. If your files are on a network drive, you should accept the default folder. After setup is completed, use Internet Service Manager to change your default home directory to the path for the network folder containing your files; for example, \\Servername\Sharename\WWWfiles. Be sure to carefully check the permissions on the network drive; there may be security implications. See Chapter 5, Securing Your Site Against Intruders.
5. Choose the OK button.
6. When prompted to create the service folders (Wwwroot, Gophroot, and Ftproot by default), click Yes.
7. Setup copies all remaining Internet Information Server files.
8. If the ODBC Drivers and Administration option box was selected, the Install Drivers dialog box appears.
9. When the Setup completion dialog box appears, click the OK button to complete Setup.
This final step completes Peer Web Services Setup. Now you must close the Services property sheet and restart your computer for the changes to take effect.
The preceding steps are all that is required for a simple installation. You are now ready to publish on the Internet or your intranet. There is no need to start Internet Service Manager unless you want to make advanced configuration changes. (If so, refer to Chapter 3, Configuring and Managing Internet Information Server.) Use the Services application in Control Panel to confirm successful installation of the publishing services.
If you are using Microsoft Internet Information Server on a network you can copy the contents of the Inetsrv folder on the Windows NT compact disc to a folder on your network and perform unattended installations over the network from that folder. (You can start an unattended setup from the compact disc itself; however, only the default configuration can be installed in this case.) This is useful for installing the services software on several computers in your network.
In the Inetsrv folder, there is an Unattend.txt file. Unattend.txt is a sample configuration file used by the program for unattended installation. You modify the values in the file to configure setup. In general, the value 1 represents TRUE and the value 0 represents FALSE. It is suggested that you copy Unattend.txt to the folder containing the Inetstp.exe file you will use, then modify it to meet your installation requirements.
To start unattended setup you must use the command prompt. Change to the folder containing both Inetstp.exe and Unattend.txt and type
inetstp -b unattend.txt
where Unattend.txt is the file you have modified. See Unattend.txt on the compact disc for more information about unattended setup.
Setup automatically creates an anonymous account called IUSR_computername. This account has a randomly generated password and privilege to log on locally. On domain controllers, this account is added to the domain database. This process is fully automatic. After installation is complete, you can change the user name and password for this account from the Service property sheet in Internet Service Manager, as long as the new user name and password match the same user name and password in the Windows NT User Manager.
Note If you change the anonymous user name account (IUSR_computername) in the Windows NT User Manager for Domains, Microsoft suggests you copy the IUSR_computername account and then give it a new name and password, rather than create an entirely new account. By copying the IUSR_computername account you are sure to carry over all the privileges and user rights granted to that account. Then change the anonymous user name and password in the Internet Service Manager, making sure it is the exactly same as the new user name and password created in the User Manager for Domains.
The WWW, FTP, and gopher services use the IUSR_computername user account by default when anonymous access is allowed. To set the rights for IUSR_computername, use User Manager. To set file permissions on NTFS drives for IUSR_computername, use Windows NT Explorer. To change the account used for anonymous logons for any of the Internet Services, select the Service Properties option from the Properties menu in Internet Service Manager.
Now that Microsoft Internet Information Server is installed and running, you are ready to publish on the Internet or your intranet. Publishing information with Internet Information Server is easy. If your files are in HTML format, just add them to the appropriate home directory. For example, to make files available to a Web browser using the WWW service, place the files in the Wwwroot folder.
For more extensive information on creating and publishing content files, see Chapter 8, Publishing Information and Applications. Note that you can also create and publish highly interactive systems by writing programs that use ISAPI.
Note If you provide files with the gopher or FTP services, you can share those files instantly. Users can navigate through the files much as they do in Windows NT Explorer or at the command prompt. With gopher, you can customize how your folders and files appear to browsers; you can also include links to other servers in your files. FTP can be used to accept files from or send files to Internet users.
The FTP, gopher, and WWW services cannot publish from redirected network drives (that is, from drive letters assigned to network shared folders). To use network drives, you must use the server and share name (for example, \\Computername\Sharename\Wwwfiles). If you require a user name and password to connect to a network drive, all requests from remote users to access that drive must be made with the user name and password you specified, not the anonymous IUSR_computername account or another account you may have specified.
Consider security issues carefully when using this feature. Remote users could possibly make changes to a network drive by using the permissions of the user name specified to connect to the network drive.
By default, Internet Information Server uses a file named Default.htm as the home page for the various samples, tools, and demonstrations that come with the product. If the Wwwroot folder of your Web server already contains a file named Default.htm when you install Internet Information Server, your file will not be overwritten with our file. As a result, you will not have immediate access to our sample home page and the links it provides when you run Internet Information Server.
In this case, to view our version of Default.htm and the links it provides, type the following Uniform Resource Locator (URL) in the Internet Explorer Address box.
This command loads the file Default.htm from the Wwwroot\Samples folder.
You can also rename or move your version of Default.htm to a different folder and then copy the file Default.htm from the Samples folder. This approach will make our version of Default.htm your Web servers home page.
You can test your installation by using Internet Explorer to view the files in your home directory.
To test a Web server connected to the Internet
1. Ensure that your Web server has HTML files in the Wwwroot folder.
2. Start Internet Explorer on a computer that has an active connection to the Internet. This computer can be the computer you are testing, although using a different computer is recommended.
3. Type in the URL for the home directory of your new Web server.
To test a Web server on your intranet
1. Ensure that your computer has an active network connection and that the WINS server service (or other name resolution method) is functioning.
2. Start Internet Explorer.
3. Type in the Uniform Resource Locator (URL) for the home directory of your new server.
© 1996 by Microsoft Corporation. All rights reserved.