space
Contents Index Previous Chapter Next Chapter

CHAPTER 10

Configuring Registry Entries


The configuration registry stores values that define the working environment for the Windows NT operating system and any services installed on the computer running Windows NT. Usually, to change these values, you use graphical tools, such as Control Panel, Windows NT Setup, or Internet Service Manager. Windows NT also includes a utility, the Registry Editor (Regedt32.exe), which you can use to inspect and modify the configuration registry directly.

You can configure the Internet services by using Internet Service Manager. The services also use several additional configuration parameters in the registry not configured by using Internet Service Manager. Parameters are either specific to a service or are global to Internet Information Server and all services.

Wherever possible, you should use Internet Service Manager to make changes to your Internet server settings. For a registry change to take effect, you must restart the service affected by the change. For global entries you must restart all services.

See the following sections for entries in this chapter. They show the values used by Internet Information Server:


The following sections help you configure the registry for your specific needs:
Before you modify the registry, it is strongly recommended that you read Part IV of the Windows NT Resource Guide (found in the Microsoft Windows NT Resource Kit). This part of the book describes in detail how to use and change parameters in the registry.


Caution   Using the Registry Editor incorrectly can cause serious problems, including corruption that may make it necessary to reinstall Windows NT or Microsoft Internet Information Server. Using the Registry Editor to edit entries in the registry is equivalent to editing raw sectors on a hard disk. If you make mistakes, your computer’s configuration could be damaged. You should edit registry entries only for settings that you cannot adjust through the user interface, and be very careful whenever you edit the registry directly.

To Top Creating Registry Entries

This chapter documents registry keys installed by default as well as those you can create. When you install Internet Information Server, the following registry keys are installed by default. You must create any keys that do not appear in this list.

Registry Keys Installed by Default
AdminEmail
AdminName
AllowAnonymous
AllowGuestAccess
AnonymousOnly
AnonymousUserName
ConnectionTimeOut
EnablePortAttack
ExitMessage
GreetingMessage
InstallPath
LogAnonymous
LogFileDirectory
LogFileFormat
LogFilePeriod
LogFileTruncateSize
LogNonAnonymous
LogSqlDataSource
LogSqlPassword
LogSqlTableName
LogSqlUserName
LogType
MaxClientsMessage
MaxConnections


To Top Global Registry Entries

These parameters are used for global control of the Internet services.

Registry Path:

HKEY_LOCAL_MACHINE\SYSTEM
 \CurrentControlSet
  \Services
   \InetInfo
    \Parameters

BandwidthLevel REG_DWORD
Range: 0 - 0xFFFFFFFF
Default: 0xFFFFFFFF
Specifies the maximum network bandwidth used for Internet Information Server. This helps to prevent overloading the network with Internet Information Server activity. For example, for administrators of small corporate servers, where a single server is used for multiple sites, this will help to reduce network usage for Internet Information Server servers. It is recommended that this parameter be set from Internet Service Manager. Otherwise, the server must be stopped and restarted for this value to take effect. The value 0xFFFFFFFF means “Do not restrict bandwidth.”

CacheSecurityDescriptor REG_DWORD
Range: 0 - 1
Default: 0
Specifies whether security descriptors are cached for file objects. If enabled (with the value of 1), Internet Information Server retrieves security permissions when caching a file object and will not need to gain access to the file object to check access rights for new users. This feature is useful only if you have more than one user account (not using anonymous only). By default Internet Information Server does not cache security descriptors, but checks the access rights against the file object for new user accounts.

DisableMemoryCache REG_DWORD
Range: 0 -1
Default: 0
Disables server caching. This key cannot be configured through the Internet Service Manager. If you change this setting, stop the server and restart it for the change to take effect.

ListenBackLog REG_DWORD
Range: 1-unlimited
Default: 15
Specifies the maximum number of active connections to hold in the queue waiting for server attention. Enhanced Internet Information Server functionality generally makes it unnecessary to use or modify this entry, although extremely heavy use might benefit by increasing this value up to 50.

LogFileBatchSize REG_DWORD
Range: 0 - 0xFFFFFFFF
Default: 64*1024 (64 KB)
Specifies the batch size for writing a log file. The server caches the last LogFileBatchSize bytes of data in memory buffers before it dumps the current buffer to disk. Such batch processing reduces the amount of disk traffic created by log files. In some instances, you may need to reduce the time between writing the buffer to disk. To change the default setting you must add this value to the key using the new setting.

MaxConcurrency REG_DWORD
Range: 0 - 0xFFFFFFFF
Default: 0
Specifies the amount of concurrency that a system should provide. We use completion ports for handling input-output (I/O). In general it is not good to have more than one thread running and conflicting on shared memory or locks. This key specifies how many threads per processor should be allowed to run simultaneously if there is a pending I/O operation. The specific value of 0 allows system to make intelligent choice of the number of threads to use. Any nonzero value specifies that the system should allow that many threads per processor to run simultaneously.

MaxPoolThreads REG_DWORD
Range: 0 - 0xFFFFFFFF
Default: 10
Specifies the number of pool threads to create per processor. Each pool thread watches for the network request and processes it. Generally, it is not good to create more than 20 threads per processor.

MemoryCacheSize REG_DWORD
Range: : 0 - 0xFFFFFFFF
Default: : 3072000 (3MB)
Internet Information Server caches system handles, directory listings, and other values of frequently used data to improve performance of the system. This parameter specifies the amount of memory in bytes to allocate for that cache. When this value is changed, the server must be stopped and restarted for this to take effect. A value of 0 means “Do not do any caching.” The performance may be low when caching is off. Sites with heavy traffic can increase this size, provided there is sufficient RAM on the computer.

MinFileKbSec REG_DWORD
Range: 1 - 8192
Default: 1000
When a Web server sends a file to the client, a timeout is established for how long the server will allow the transfer to continue before ending it. The timeout chosen is the maximum of the Connection Timeout specified in the Internet Service Manager plus the size of the file divided by the value specified as MinFileKbSecs. For example, a file size of 100 kilobytes is given a timeout of 100 seconds, or the Connection Timeout if the latter is greater. Note that the registry name is misleading, because the value is in bytes, not kilobytes as the name might imply.

ObjectCacheTTL REG_DWORD
Range: 0 - 0x7FFFFFFF, 0xFFFFFFFF (seconds)
Default: 30 seconds
This registry entry controls the Time To Live (TTL) setting, which defines the length of time that objects are held in cached memory. If an object in the memory cache has not been referenced for the defined period, that object will be phased out of the cache. If system memory is limited or the server’s contents are dynamic, you can use a lower TTL to prevent system memory from being used to cache a large number of volatile objects. Setting the value to 0xFFFFFFFF disables the object-cache scavenger and allows cached objects to remain in the cache until they are overwritten. Disabling the cache is useful if your server has ample system memory and your data is relatively static.

PoolThreadLimit REG_DWORD
Range: 0 - 0xFFFFFFFF
Default: 2 * # MB
Specifies the maximum number of pool threads that can be created in the system. Each pool thread watches for the network request and processes it.

ThreadTimeout REG_DWORD
Range: 0 - 0xFFFFFFFF
Default: 24*60*60 (24 hours)
Specifies the amount of time an input-output processing thread should be maintained even if there is no I/O activity on the system. In general when there is no I/O activity and no requests outstanding the server is idle and does not consume memory. But if that situation prolongs and exceeds the ThreadTimeout interval, then the thread is stopped. Units are in seconds.

UserTokenTTL REG_DWORD
Range: 0 - 0x7FFFFFFF
Default: 15 * 60 (10 Minutes)
When a request is made to the server, the security credentials for the request (or the configured anonymous user) are used to create a user token on the server which the server impersonates when accessing files or other system resources. The token is cached so that the Windows NT logon only takes place the first time the user accesses the system or after the user’s token has fallen out of the cache. Windows NT Challenge/Response authentication tokens are not cached. Units are in seconds.


To Top Service-Specific Registry Entries with Common Names

The following parameters are stored in the registry by service, for service-specific behavior, but have the same name for each service.

Registry Path:

HKEY_LOCAL_MACHINE\SYSTEM
 \CurrentControlSet
  \Services
   \ServiceName
    \Parameters

where ServiceName is

MSFTPSVC FTP Service
GOPHERSVC gopher Service
W3SVC WWW Service

AdminName REG_SZ
Range: String
Default: Administrator
Specifies the user-friendly administrator name. The gopher service uses this name to send back responses for Gopher Plus queries. This parameter also serves as a way of identifying who administers a service.

AdminEmail REG_SZ
Range: String
Default: [email protected]
Specifies the e-mail address for the administrator of a particular service. The gopher service uses this name to send back responses for Gopher Plus queries.

ServerComment REG_SZ
Range: String
Default: “”
Specifies a user-friendly comment for a service. This information is used to add a configurable comment in Internet Service Manager.

EnableSvcLoc REG_DWORD
Range: 0, 1
Default: 1
The Internet Information Server services register themselves with a service locator so that the service can be discovered by Internet Service Manager. This parameter controls such registration. If set to 0, the service will forgo registration. Set to 1, it registers the service for service location. To change the default setting, you must add this value to the key using the new setting.

AllowAnonymous REG_DWORD
Range: 0, 1
Default: 1
Specifies if an anonymous user should be allowed to connect and make a request to the server. By convention, most Internet services allow anonymous connections to gain access to files.

AnonymousUserName REG_SZ
Range: String
Default: Guest
Specifies the name of the local user account to use for anonymous users. All server actions associate a user name and password with the action. This parameter should not be changed in the registry. You must change this parameter by using Internet Service Manager so that the appropriate password can also be set. The password is stored in protected area in the registry.

ConnectionTimeOut REG_DWORD
Range: 0-0xFFFFFFFF
Default: 600 seconds
Specifies the time the server should maintain a connection when there is no activity.

DefaultLogonDomain REG_SZ
Range: string
Default: domainname
Specifies the default logon domain that validates a clear-text logon when no domain is specified in the user name field. The default value is the domain name for servers that are domain controllers or the name of the local computer (if stand-alone).

LogonMethod REG_DWORD
Range: 0, 1, 2
Default: 0
Specifies the logon method for clear-text logons. A value of 0 means that users must have the right to log on locally to be given access to the server. A value of 1 means that users must have the right to log on as a batch job.A value of 2 means that users will be logged on as network, which means they must have the user right to access the local computer from a network, which you can set in the Windows NT User Manager for Domains. If you are running SQL Server through an ODBC connector with "SQL Integrated Security" enabled, you need to set this value to either 0 or 1. If this key is not in the registry, the default value is 0.

LogFileDirectory REG_EXPAND_SZ
Range: String
Default: %systemroot%\system32\logfiles
Specifies the directory in which log files are to be stored. Each service generates a log record for each request processed.

LogFileFormat REG_DWORD
Range: 0, 3
Default: 0
Specifies the format for in which entries are recorded in a text file. The value 0 (the default) indicates Standard format. The value 3 indicates National Center for Supercomputing Applications (NCSA) Common Log File format.

LogFilePeriod REG_DWORD
Range: 0,1,2,3
Default: 1
Specifies the type of log files to be produced where

0 = No period. Each log file is limited by size specified in LogFileTruncateSize.
1 = Open a new log file every day
2 = Open a new log file every week
3 = Open a new log file every month


LogFileTruncateSize REG_DWORD
Range: 0-0xFFFFFFFF
Default: 4,000,000,000 bytes
Specifies the maximum size of each log file generated. Once the specified size is reached, the logging module automatically opens a new log file. A value of 0 means “Do not truncate.”

LogSqlDataSources REG_SZ
Range: String
Default: “”
This string specifies the name of the ODBC data source to use for sending the request logs for the service to a SQL-compatible database system. This data source should be a system DSN in the ODBC installation on the server.

LogSqlTableName REG_SZ
Range: String
Default: “”
Specifies the name of the ODBC table name used for sending the request logs for the service to a SQL-compatible database system. The table should be created by the administrator as per the specification provided with the services. The user should also have proper access permissions to insert data into the table.

LogSqlUserName REG_SZ
Range: String
Default: “”
Specifies the user name to use when accessing the ODBC data source specified for ODBC-based logging. This user must be a valid user on the server to which the LogSqlDataSource registry parameter is pointing.

LogSqlPassword REG_SZ
Range: String
Default: “”
Specifies the password for establishing an ODBC connection for a particular user account on the ODBC data source. The password is stored as a clear text.

LogType REG_DWORD
Range: 0, 1, 2
Default: 1
Specifies the type of logging. The type specifies the destination of log files where

0 = No logging
1 = Log to files
2 = Log to ODBC data source


MaxConnections REG_DWORD
Range: 0 - 0xFFFFFFFF
Default: unlimited
Specifies the maximum number of simultaneous connections that the server allows at any given time. When the number of current connections exceeds this value, the service rejects the request. A friendly message can be sent to the client that was refused access.

WWW Service Registry Entries

In addition to the parameters listed in “Service-Specific Registry Entries with Common Names,” the WWW service maintains the following parameters.

Registry Path:

HKEY_LOCAL_MACHINE\SYSTEM
 \CurrentControlSet
  \Services
   \W3SVC
    \Parameters

AcceptByteRanges REG_DWORD
Range: 0, 1
Default: 1, enabled
The value determines whether the HTTP server will process the “Range” header for type “bytes:”. If enabled, the server will signal that it is accepting range requests by sending the “Accept-Range: bytes” header field, and will process an incoming request specifying a “Range: bytes=” header field according to the Internet draft “Byte range extension to HTTP.”

AccessDeniedMessage REG_SZ
Range: string
Default: “ ”
The message to send back to clients when they have been denied access to the server. Often this message will be a short HTML document, explaining how to gain access.

AllowGuestAccess REG_DWORD
Range: 0, 1
Default: 1, enabled
This flag specifies whether Guest logons are allowed for the WWW service. When a new user logs on, the server checks to see if the user is logged on as aWindows NT guest user. For a Guest connection, based on the value of this flag, the WWW service either rejects or accepts the new connection. Allowing Guest access has been known to cause problems in a poorly managed site.

Under the default installation of Windows NT systems, the Guest account is granted permissions for all types of access on the system. Because this default could easily compromise security, you should turn this switch off by changing the value to 0.


AllowSpecialCharsInShell REG_DWORD
Range: 0, 1
Default: 0, disabled
This value controls whether the Cmd.exe special characters (such as &) are allowed on the command line when running batch files (.bat and .cmd files). These special characters can pose a serious security risk. If the value of this entry is set to 1, malicious users can execute random commands on the server. Therefore, it is highly recommended to leave this setting as 0, the default.

CacheExtensions REG_DWORD
Range: 0-1
Default: 0x1
Specifies whether Internet Server API (ISAPI) extensions are cached in memory. If set to 0, ISAPI extensions are not cached. See the ISAPI documentation for more information. Use this registry entry for debugging only.

CheckForWAISDB REG_DWORD
Range: 0, 1
Default: 0
The WWW service uses the Wide Area Information Server (WAIS) Toolkit to support Web-based searches. Microsoft does not provide the WAIS Toolkit. This flag is used to specify if search is supported and if the service should check for WAIS Toolkit. If set to 0, the service does not support searches and does not look for WAIS Toolkit. If set to 1, then the service supports searches if Waislook.exe is installed in the system.

CreateProcessAsUser REG_DWORD
Range: 0-1
Default: 1
For CGI scripts, by default the server runs the script in the context of the user making the request by using the Win32 CreateProcessAsUser API. If you set this flag to 0, CGI scripts will be started with the CreateProcess API and the scripts will run in the system context. This has serious security implications because CGI scripts will have much greater access to the system than they normally would have.

CreateProcessWithNewConsole REG_DWORD
Range: 0, 1
Default: 0, disabled
By default, CGI scripts are run in a detached process. If you want to run CGI scripts in a process with a new console, for example, when input/output redirection is in the script, change this setting to 1. The process will then be created using the CREATE_NEW_CONSOLE flag.

Note Creating a new console for each CGI script has serious performance implications and should not be done unless slower performance is acceptable.


DefaultLoadFile REG_SZ
Range: String
Default: Default.htm
Specifies the file to return to a client if no file is included in a client’s request.

DirBrowseControl REG_DWORD
Range: see the explanation paragraph
Default: 0x4000001e
Specifies both the display attributes of directory browsing and whether the DefaultLoadFile is used. The value used here is arrived at by adding the hexidecimal values of the attributes listed below. The first four digits of the specified value control whether directory browsing is enabled and whether the default file is enabled. For example, the default setting 0x4000001e has directory browsing disabled but the default file is loaded. To enable directory browsing, you would add the value 0x80000000 to the default setting 0x4000001e, resulting in the value 0xc000001e. To control browsing attributes, you would modify the last four digits. For example, to show only the date of files you could use the value 0xc0000002.

Behavior Value
Load Default File 0x40000000
Directory Browsing Enabled 0x80000000
Browsing Attributes  
Show Date 0x00000002
Show Time 0x00000004
Show Size 0x00000008
Show Extension 0x00000010
Display Long Date 0x00000020

DefaultLogonDomain REG_SZ
Range: String
Default: [blank]
Specifies the default domain for logon. Leaving this value blank (the default) has the following effect: If the computer is a domain controller, the default domain is the domain name; if the computer is not a domain controller, the default domain is the computer name.

FilterDLLs REG_SZ
Range: String
Default: sspifilt.dll
Comma-separated list of ISAPI filter DLLs.

GlobalExpire REG_DWORD
Range: 0x0-unlimited (seconds)
Default: 0xffffffff
Specifies the time in seconds that files will be considered valid. This value is used by the server in the expires header (using Greenwich Mean Time [GMT] time) to indicate to clients how long a static file is valid. This is typically set to 0x0, to prevent the files on the server from being cached by proxies or clients.

LogSuccessfulRequests REG_DWORD
Range: 0, 1
Default: 1
Determines whether or not to record successful activities in the log file. The value 1 logs successful activities, and 0 turns it off.

LogErrorRequests REG_DWORD
Range: 0, 1
Default: 1
Determines whether or not to record errors in the log file. The value 1 turns error logging on, and 0 turns it off.

NTAuthenticationProviders REG_SZ
Range: String
Default: NTLM
Lists possible Windows NT authentication schemes returned to clients. Internet Information Server provides the default Windows NT Challenge/Response (NTLM) scheme enabled in the WWW Service property sheet. Third parties may provide alternate Windows NT authentication schemes in the future.

PoolIDCConnections REG_DWORD
Range: 0, 1
Default: 0
When running a series of Internet Database Connector (.idc) files, you will improve performance if you open a connection to the SQL server and keep it open, rather than opening and closing a connection each time the database is queried. To pool connections by default, set this registry entry to 1.

Resetting this value to 1 will add the connection referenced in all .idc files to the connection pool. Alternatively, you can selectively choose which .idc files should have their connections pooled by using the ODBCConnection: field in the .idc file. For details, see Chapter 8, “Publishing Information and Applications.” The .idc file determines whether it can use a connection from the connection pool based on data source, user name, password, and the logged-on user account specified in the .idc file. If there is an exact match between these fields in the current .idc file and the .idc file specified in the URL, a connection from the connection pool will be used.


PoolIDCConnectionsTimeOut REG_DWORD
Range: [in seconds]
Default: 30
Controls how long the IDC will keep an ODBC connection in the pool before closing the connection. When the IDC pools a connection, it is potentially taking a license slot for every pooled connection. The value set for this key lets the administrator determine when license slots are released and when server resources are returned to the database server.

ReturnURLUsingHostName REG_DWORD
Range: 0, 1
Default: 0
With the default setting (0), the server returns its Internet Protocol (IP) address to a client when doing redirects if the host header field is not present. To return a host name or the computer name of the server, change this registry setting to 1. If a host name has been added in the Host Name box of the DNS dialog box, the server will then return that name; otherwise, it will return the server’s computer name, which appears in the Host Name box by default. To fill in a host name, open the TCP/IP property sheet in the Network application of the Windows NT Control Panel. Click the DNS tab, and type a name in the Host Name box.

ScriptMap REG_SZ

See “Associating Interpreters with Applications (Script Mapping),” later in this chapter.

ScriptTimeout REG_DWORD
Range: 0x1-0x80000000
Default: 0x384
Specifies the maximum time the WWW service will wait for a response from CGI scripts.

SecurePort REG_DWORD
Range: 0x0-0xfa00
Default: 0x1bb
Specifies the TCP port to use for SSL.

ServerSideIncludesEnabled REG_DWORD
Range: 0x0-0x1
Default: 0x1
Set to 0x1, this value enables the use of Include files to permit including repetitive information in files.

ServerSideIncludesExtension REG_SZ
Range: String
Default: .stm
Specifies the file extension for files that the server will scan for include statements


To Top FTP Service Registry Entries

In addition to the parameters listed in “Service-Specific Registry Entries with Common Names,” the FTP service maintains the following parameters.

Registry Path:

HKEY_LOCAL_MACHINE\SYSTEM
 \CurrentControlSet
  \Services
   \FTPSVC
    \Parameters


AccessCheck REG_DWORD
Range: <any>
Default: <any>
Checks the access of incoming user connections. The server impersonates the logged-on user and attempts to open the registry key for read and write. If the key does not exist, read and write permissions are granted. If the key exists, read and write permissions are granted to the user based on the access permission on the registry key. This feature is specifically useful for servers that publish content on a FAT volume and therefore do not have the rich security features of NTFS. Because it is hard to manage and performance slows down, Microsoft does not recommend using this approach to provide security.

AllowKeepAlives REG_DWORD
Range: 0, 1
Default: 1
In some rare instances, you may want to turn off “Connection: keep-alive” negotiation with clients. Most clients support making multiple requests to the server on a TCP session, so this feature significantly decreases the workload on the server. Turning off keep-alive negotiation will have serious performance implications and should be used only when necessary.

AnonymousOnly REG_DWORD
Range: 0, 1
Default: 0
Specifies if only anonymous connections are permitted. If set to 1, only anonymous connections are permitted (especially true of FTP service). To change the default setting, you must add this value to the key using the new setting.

EnablePortAttack REG_DWORD
Range: 0, 1
Default: 0
This parameter is set by default to prevent a security problem in the FTP protocol specification. The FTP service specification allows passive connections to be established based on the port address given by client. This can allow hackers to execute destructive commands in the FTP service. The problem occurs when the FTP service connects using a port other than FTP Data port (20) and port number is less than IP_PORT_RESERVED (1024). EnablePortAttack controls if such an attack should be allowed. By default, the service does not make any connections to port numbers lower than IP_PORT_RESERVED (other than 20). If you want to users to connect by using other ports as specified in the FTP RFC, this flag should be enabled.

ExitMessage REG_SZ
Range: String
Default: “”
The FTP service sends back an exit message when a client sends a quit command. This string specifies the exit message sent.

GreetingMessage REG_MULTI_SZ
Range: String
Default: “”
When a new user connects to the FTP Server, the server can send a friendly welcome message detailing contents and administrative information. This string (multiple lines) specifies the message to use for greeting the new client connections.

LogAnonymous REG_DWORD
Range: 0, 1
Default: 1
Controls whether a log record should be written for anonymous connections. If set to 0, no log records are written for anonymous connections.

LogNonAnonymous REG_DWORD
Range: 0, 1
Default: 1
Controls whether a log record should be written for non-anonymous connections. If set to 0, no log records are written for non-anonymous connections. Only the FTP and WWW services have non-anonymous user support.

MaxClientsMessage REG_SZ
Range: String
Default: “”
When the current connection exceeds the maximum connections (in the MaxConnections key) specified for the service, the service can send a friendly message to clients. This message is a single-line message.

AccessCheck REG_DWORD
Range: any
Default: any
Used for access checks of incoming user connections. The server impersonates the logged-on user and attempts to open the registry key for read and write. If the key does not exist, then read and write permissions are granted. If the key exists, then based on the access permission on the registry key, read and write permissions are granted to the user. This feature is useful for servers that publish content on a FAT volume and hence do not have the rich security features of NTFS. This is not a recommended approach to provide security because of poor manageability and performance. To enable this feature, you must add this value to the key using the appropriate access settings.

AllowGuestAccess REG_DWORD
Range: 0, 1
Default: 1
Specifies if guest logons are permitted for FTP service. When a new user logs on, the server checks to see if the user is logged on as Windows NT user with guest permissions. For a guest connection, based on the value of this entry, the FTP service either rejects or accepts the new connection. Permitting Guest access has been known to create problems in poorly managed sites. Under default installation of Windows NT systems, Guest is granted permissions for many types of access on the system. It is recommended that administrators do not permit access by using the Guest account. To change the default setting to “No access by using the Guest account,” you must add this value to the key using the new setting.

AnnotateDirectories REG_DWORD
Range: 0, 1
Default: 0 (FALSE)
FTP service supports annotating a directory with custom messages. The annotation text is stored in a special file named ~ftpsvc~.ckm in the directory to be annotated. If this file exists in the target directory of a Change Directory (CWD) FTP operation, then the service responds with the contents of this file for the operation. This provides a way for administrators to add custom messages for directories under consideration. By default the service is configured to not send annotation text. If you choose to add a custom message, the annotation file should be created as well as setting this value to 1. Also, it is recommended that you make the annotation file a hidden file so that the file does not appear on a directory listing.

MsdosDirOutput REG_DWORD
Range: 0, 1
Default: 1 (TRUE)
Specifies the style of directory output for a LIST operation from an FTP client. If the value is set to 1, the service generates a MS-DOS-style directory listing. If the value is set to 0, the service generates an UNIX-style listing. Some clients will not display MS-DOS-style listings. For this reason you should consider setting this value to 0. UNIX style listings consume more CPU time.

LowercaseFiles REG_DWORD
Range: 0, 1
Default: 0 (FALSE)
The FTP service uses the native case for file names (how the file names are stored in file system). However, in order for exact comparisons with case-sensitive file systems to work, it may be necessary to ensure that proper file names are used. Administrators can add this value to ensure that the service uses lowercase for such comparisons.

Realm REG_SZ
Range: string
Default: Host Header or IP address
Supplies the realm value when the server requests a client to authenticate because the client was denied access to a resource when using Basic (clear text) authentication. This value appears in the browser’s user name–password prompt.

UploadReadAhead REG_DWORD
Range: 0 - 0x80000000
Default: 48K
When the client posts data to the server, this is the default amount the server will read before passing control to the application. The application is then responsible for reading the rest of the data. Increasing this size increases the amount of memory required on the server.

UsePoolThreadForCGI REG_DWORD
Range: 0, 1
Default: 1
Internet Information Server by default uses a server pool thread to do CGI processing. This means CGI requests that take an extended period of time can consume a server pool thread. Adjusting MaxPoolThreads under ..\services\infocomm\parameters can make more pool threads available.


To Top Gopher Service Registry Entries

In addition to the parameters listed in “Service-Specific Registry Entries with Common Names,” the gopher service maintains the following parameters.

Registry Path:

HKEY_LOCAL_MACHINE\SYSTEM
 \CurrentControlSet
  \Services
   \GOPHERSVC
    \Parameters

CheckForWAISDB REG_DWORD
Range: 0, 1
Default: 0
The gopher service uses the WAIS Toolkit to support gopher-based searches. Microsoft does not provide the WAIS Toolkit. This flag is used to specify if search is supported and if the service should check for WAIS Toolkit. If set to 0, the service does not support searches and does not look for WAIS Toolkit. If set to 1, then the service supports searches if Waislook.exe is installed in the system.


To Top Setup Registry Entries

Internet Information Server creates the following parameters during setup. These values are used by the Setup program after initial setup to determine the current configuration of Internet Information Server. Note that multiple registry paths are included in this section.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  INetMgr

InstalledBy REG_SZ
Range: INetStp
Default: INetStp
The presence of this entry indicates that Internet Information Server is installed.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  INetMgr
   \Parameters

MajorVersion REG_DWORD
Range: 1
Default: 1
Indicates the major version number, for example, the 1 in version 1.0.

MinorVersion REG_DWORD
Range: 1-9
Default: 0
Indicates the minor version number, for example, the 0 in version 1.0.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  INetMgr
   \Parameters
    \AddOnServices

FTP REG_SZ
Range: string
Default: fscfg.dll
Defines the configuration DLL used by the FTP service.

Gopher REG_SZ
Defines the configuration DLL used by the gopher service.
Range: string
Default: gscfg.dll

WWW REG_SZ
Range: string
Default: w3scfg.dll
Defines the configuration DLL used by the WWW service.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  INetStp

AnonymousUser REG_SZ
Range: String
Default: IUSR_computername
Specifies the anonymous user account created during setup.

InstallPath REG_SZ
Range: String
Default: c:\winnt\system32\inetsrv
Specifies the installation location for Internet Information Server.

MajorVersion REG_DWORD
Range: 1
Default: 1
Indicates the major version number, for example, the 1 in version 1.0.

MinorVersion REG_DWORD
Range: 1-9
Default: 0
Indicates the minor version number, for example, the 0 in version 1.0.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  INetStp
   Help

The presence of this entry indicates that Help is installed.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  \INetExplore

InstalledBy REG_SZ
Range: INetStp
Default: INetStp
The presence of this entry indicates that Internet Explorer version 1.5 is installed.


To Top Server MIME Mapping

If your server provides files that are in multiple formats, you must configure your server’s Multiple Internet Mail Extensions (MIME) mapping to ensure your server maps the file type correctly when returning the file to remote browsers. If MIME mapping on the server is not set up for a specific file type, browsers may not be able to retrieve the file. More than 100 MIME mappings are installed by default.

To configure additional MIME mappings


The default entry with the file-name extension specified as an asterisk (*) is the default MIME type used when a MIME mapping does not exist. For example, to handle a request for the file Current.vgr when the the file-name extension .vgr is not mapped to a MIME type, the server will use the MIME type specified for the asterisk extension, which is the type used for binary data. Usually, this will cause browsers to save the file to disk.


To Top Associating Interpreters with Applications (Script Mapping)

With file-name extension mapping, you can map file-name extensions to the proper program to run files with those extensions. The following file-name extensions are preinstalled:

.bat or .cmd=C:\Winnt\System32\cmd.exe /c %s %s

.idc=C: \Winnt\System32\Inetsrv\Httpodbc.dll

For other file-name extensions, you must edit the information in the the Windows NT registry.

In the .bat example above, the first %s is the mapped URL (that is, C:\InetPub\Scripts\Test.bat). The second %s represents the parameters to the URL (in other words, the query string; the second %s is used only if an equals sign is not found).

Thus, you can reference URLs such as:

/scripts/test.bat?This+is+a+search

/scripts/bugs.idc?Assign=Johnl

To configure additional script mappings


To Top Adding Virtual Directories by Using the Registry

You should use Internet Service Manager to manage your virtual directories. You can, however, add or modify virtual directories by using Regedt32.exe.

To add virtual directories by using the Registry Editor


Each virtual root has the following form:

<Root Name>,<Host address>=<Physical path>,<User name>,<Access mask>

Where:

Root Name This is the name of the virtual directory as it would appear in an URL. For example “/scripts” or “/specs”. A root name of just “/” is considered to be the home root that will be used if no other roots match.

Host Address The Host address is an optional field that indicates the server IP address this virtual root is associated with. By specifying a host IP address, multiple logical servers can be setup on a single machine. If a host address is specified, then only clients making requests on this IP address will see this virtual root.

Physical Path The physical path the Root Name should point to. For example “C:\Wwwroot” or “\\Server\Share”. In the latter case where a UNC share is specified, a valid username and password must be specified.

User Name Only used if Physical path is a UNC share; specifies the user context to connect and impersonate as when accessing files over this virtual root. Note that the password is kept in a protected part of the registry and must be set using the Internet Service Manager.

Access Mask This item is a single hexadecimal character bitfield that specifies what operations are allowed on this root. The mask is not used by the gopher server because only Read operations are ever performed. Note that this mask has no influence on any NTFS ACLs that might be on the files. File ACLs must grant the appropriate permissions in addition to setting the appropriate value on the virtual root. The values for the bitfield are:

0x00000001 - Read access is allowed (FTP and HTTP)

0x00000002 - Write access is allowed (FTP only)

0x00000004 - Execute access is allowed (HTTP only)

0x00000008 - SSL or PCT encryption required (HTTP only)

The servers always match the longest virtual root first, thus “/123/567/89” will match “/123/567” before it matches “/123”. The home root (“/”) always matches last. Virtual roots with host IP addresses always match before roots without host addresses.

Note   Virtual directories will not appear in directory listings (also called directory browsing for the WWW service). To access a virtual directory users must know the virtual directory’s alias, and type the URL address in their browser. For the WWW service, you can also create links in HTML pages. For the gopher service, you can create explicit links in tag files so that users can access virtual directories. For the FTP service, you can list virtual directories by using directory annotations.


Contents Index Previous Chapter To Top Next Chapter

© 1996 by Microsoft Corporation. All rights reserved.