Administering an ISP Installation

Previous Topic Next Topic

Creating a Company Web Site

The following series of procedures show you how to set up a full-domain site, which will have an address in this format: http://domain.com. You will learn how to configure the site so that anonymous users will be able to read the content, and so the owner will be able to transfer content to the site through File Transfer Protocol (FTP) or FrontPage Server Extensions. If there will be more than one owner authoring the site, create user accounts for the additional authors and add them to the user group corresponding to the Web site’s domain.

To begin setting up your site

  1. Register a domain name with InterNIC (http://www.networksolutions.com/internic/internic.html) or with the appropriate authority for registration in your area.
    Top-Level Domain Registry
    .com, .edu, .net, .org http://www.networksolutions.com/internic/internic.html
    .us http://www.isi.edu/in-notes/usdnr/
    .gov (U.S. government) http://www.registration.fed.gov/
    .mil (U.S. military) http://www.nic.mil/
    .ca (Canada) http://www.cdnnet.ca/
    .mx (Mexico) http://www.nic.mx/
    Europe http://www.ripe.net/
    Asia/Pacific http://www.apnic.net/

    After you have registered a domain name, you can assign an IP address to the domain. If clients will be able to access your site only through HTTP, but not through FTP you can assign a host-header name in IIS 5.0 in order to associate multiple domain names with the same IP address. For details, see the “Naming Web Sites” topic in the IIS 5.0 online product documentation.

  2. In the DNS Management tool, add the Domain Name System (DNS) entry for the new domain.

    For information about how to use this tool, see the Microsoft® Windows® 2000 Server online product documentation.

  3. Add the IP address to the host system’s Transmission Control Protocol/Internet Protocol (TCP/IP) configuration.

    Note   You may need to restart your computer in order to activate the IP address.

  4. Create a home directory for the domain Web site. One option is to create it as a subdirectory of the C:\Inetpub directory.

Next, you need to create and configure an anonymous user account. This is accomplished through the Microsoft® Windows® 2000 Computer Management tool.

To create an anonymous user account

  1. Right-click My Computer on the Windows desktop, and select Manage.
  2. In the Computer Management tool, double-click System Tools, and then Local Users and Groups.
  3. Create a Windows user account for a primary administrator of a Web site, and grant Log on locally permissions.
  4. Create a new anonymous user account for the new Internet domain. An example would be: IUSR_sitename, where sitename is the name of the domain.

    This step allows you to set unique discretionary access control lists (DACLs) for the home directory of the Web site domain. For detailed information about NTFS DACLs, see the “About Access Control” topic in the IIS 5.0 online product documentation.

  5. Assign the following settings to the new anonymous user account:
  6. Make the anonymous user a member of the Guests group.
  7. Create a new Windows global group for the domain, and add the new anonymous user to that group as well.

    In order to more easily identify which domain the group belongs to, create the group name so that it is similar to the domain name.

For detailed instructions about the Computer Management tool, see the Windows 2000 Server online documentation.

Next, set the file system and IIS 5.0 permissions.

To set permissions

  1. On the home directory for the Web site, set a DACL for the global group that you have just created.

    The DACL should grant members of this group Full Control over the home directory and its contents. The following figure shows the Windows 2000 Server dialog box in which you set Full Control permission for a user or group.

    Dialog Box for Full Control Permission

  2. Create a virtual server for the domain, granting Read permission.
  3. If the virtual server will contain script programs (.asp files) that clients will be able to run, in the IIS snap-in, on the Home Directory property sheet for the server, select Scripts only in the Execute Permissions box.
  4. In order to store your executable programs (.exe files) in one location, create a \Bin subdirectory, establish it as a virtual directory, and grant Execute permission.
  5. Set a DACL in order to grant Read permission to IUSR_sitename for the home directory and its contents.
  6. Set the anonymous user for the virtual server so that it uses the anonymous user account for the domain (which you created earlier as IUSR_sitename).
  7. Set the default pages for the site in this order: Default.htm, Index.htm, Default.asp.

If you’ve installed FrontPage Server Extensions, you will need to create a home page (file), set up the Web site administrator, and configure the virtual server in order to publish information on the site.

To set up publishing

  1. Create a file named Default.htm and add it to the home directory.

    You can indicate in this file that the site is under construction.

  2. If you want to upload files to the site through FTP, create an FTP virtual directory for the virtual server.

    Note   You can only do this if you have a dedicated IP address for the Internet domain. For information about uploading through FTP, see Uploading Content through FTP.

  3. If necessary, create an additional user account and designate the user as a Web-site administrator.

    Do this only if you want to allow the additional user to control the IIS 5.0 configuration settings for the domain.

  4. Set up the virtual server and the anonymous user as the owner/author of the site.

    For more information, see Configuring FrontPage Server Extensions.

If you want to allow a user to dial in from a remote computer, you can grant Dial-in permission.

To grant Dial-in permission

  1. In the Computer Management tool, double-click System Tools, Local Users and Groups, and then Users.
  2. Right-click the user to whom you want to grant Dial-in permission, and click Properties.
  3. Click the Dial-in tab and, on the Dial-in property sheet, grant the user Dial-in permission.

See also: Troubleshooting


© 1997-1999 Microsoft Corporation. All rights reserved.