This topic contains conceptual information about sites (virtual servers) and their properties, administration privileges, and administration from remote locations. The following sections are included:
Whether on an intranet or the Internet, you can create multiple Web and FTP sites on a single computer running Windows 2000 in one of three ways:
The following example illustrates an intranet scenario where the system administrator has installed Windows 2000 Server with IIS on the companys server, resulting in one default Web site, http://CompanyServer. The system administrator then created two additional Web sites, one for each of two departments: Marketing and Human Resources.
Though hosted on the same computer, CompanyServer, Marketing, and HumanResources each appears to be a unique Web site. These departmental sites have the same security options as they would if they existed on separate computers because each site has its own access and administration permission settings. In addition, the administrative tasks can be distributed to members of each department. For more information about hosting multiple sites, see Assigning Host Header Names, Addresses, and Ports to Web Sites in About Name Resolution.
When creating a very large number of sites, be sure to consider hardware limitations and upgrade your hardware as necessary. For more information, refer to the IIS Resource Guide volume of the Windows 2000 Resource Kit.
Properties are values that can be set on your Web site. For example, you can use the Internet Information Services snap-in to change the TCP port assigned to the default Web site from the default value of 80 to another port number. Properties for a site are displayed in property sheets and stored in a database called the metabase.
During the installation of IIS, default values were assigned to the various properties on the property sheets. You can use the default settings in IIS, or you can customize these settings to suit your Web publishing needs. You may be able to provide additional value, better performance, and improved security by making adjustments to the default settings.
Properties can be set on the site level, directory level, or on the file level. Settings on higher levels (such as the site level) are automatically used, or inherited, by the lower levels (such as the directory level) but can still be edited individually at the lower level as well. Once a property has been changed on an individual site, directory, or file, later changes to the master defaults will not automatically override the individual setting. Instead, you will receive a warning message asking whether you want to change the individual site, directory, or file setting to match the new defaults.
Some properties have a value that takes the form of a list. For instance, the value of the the default document can be a list of documents to be loaded when users do not specify a file in a URL. Custom error messages, TCP/IP access control, script mappings, and MIME mappings are other examples of properties stored in a list format. Although these lists have multiple entries, IIS treats the entire list as a single property. If you edit a list on a directory and then make a global change on the site level, the list at the directory level is completely replaced with the new list from the site level; the lists are not merged. Also, properties with list values display their lists only at the master level, or on a site or directory that has been changed from the default value. List values are not displayed if they are the inherited defaults.
Filters are displayed in a list format, but are not treated as a list. If you add filters at the site level, the new filters are merged with the list of filters from the master level. If two filters have the same priority setting, the filter from the master level is loaded before the filter from the site level.
If the default property values need to be modified and you are creating several Web or FTP sites, you can edit the default values so that each site you create inherits your custom values. For more information on changing the default values for all Web sites or all FTP sites, see Changing the Inherited Defaults.
The following graphic depicts the property sheets used to set all Web site properties.
In the Internet Information Services snap-in, you can click the Help button on a property sheet to learn more about individual property settings.
Web site Operators are a special group of users who have limited administrative privileges on individual Web sites. Operators can administer properties that affect only their respective sites. They do not have access to properties that affect IIS, the Windows server computer hosting IIS, or the network.
For example, an ISP who hosts sites for a number of different companies can assign delegates from each company as the Operators for each individual company's Web site. This method of distributed server administration has the following advantages:
For instructions on how to designate Windows user accounts as Web site Operators, see Assigning Web Site Operators.
Because it may not always be convenient to perform administration tasks on the computer running IIS, two remote administration options are available. If you are connecting to your server over the Internet or through a proxy server, you can use the browser-based Internet Services Manager (HTML) to change properties on your site. If you are on an intranet, you can use either the Internet Services Manager (HTML) or the Internet Information Services snap-in that is hosted in the Microsoft Management Console (MMC). Although Internet Services Manager (HTML) offers many of the same features as the snap-in, property changes that require coordination with Windows utilities, such as certificate mapping, cannot be made with Internet Services Manager (HTML).
Note In previous releases the Internet Information Services snap-in was called the Internet Service Manager.
Internet Services Manager (HTML) uses a Web site listed as Administration Web Site to access IIS properties. When IIS is installed, a port number between 2,000 and 9,999 is randomly selected and assigned to this Web site. The site responds to Web browser requests for all domain names installed on the computer, provided the port number is appended to the address. If Basic authentication is used, the administrator will be asked for a user name and password when the site is reached. Only members of the Windows Administrators group can use the site. Web site Operators can also administer Web sites remotely. For more instructions on how to use the Internet Services Manager (HTML) or the Internet Information Services snap-in, see Remote Administration.
Note Although the HTML version of Internet Services Manager has much of the same functionality of the snap-in version of Internet Services Manager, the HTML version is designed along the lines of a Web page. Right-clicking is not supported. Many of the familiar toolbar buttons or tab headings are displayed as links in the left frame. Because of these differences, instructions in the documentation may not always precisely describe the steps performed in Internet Services Manager (HTML).
The online documentation is also available when performing remote administration tasks. To reach the documentation, start a browser and type http://servername/iishelp/iis/misc/default.asp, where servername is the name of the computer running IIS.
You can use Microsoft Terminal Services over a network connection (such as LAN, PPTP, or dial-up) to remotely administer IIS. Terminal Services does not require you to install the Microsoft Management Console (MMC) or the IIS snap-in on the remote computer. For more information, see the Terminal Services documentation. By default, the Terminal Services documentation is installed at C:\Winnt\Help\TermSrv.chm and C:\Winnt\Help\TermCli.chm.
FTP restart addresses the problem of losing a network connection while downloading files. Clients that support FTP restart need only re-establish their FTP connection using the REST command and the file transfer will automatically pick up where it left off.
Note The IIS 5.0 implementation of FTP restart is not enabled when using FTP to download wildcard requests (MGET), uploading files to a server (PUT), or downloading files larger than 4 gigabytes.
Multipurpose Internet Mail Extensions (MIME) is an Internet standard that provides a way for Web browsers to view files that are in multiple formats. The registered file types that are installed by default on Windows 2000 are listed in the File Types dialog box of the Internet Information Services property sheet.
MIME mappings can be configured at the computer, Web site, virtual directory, directory, or file level. To configure MIME mappings at the computer level, use the Internet Information Services property sheet. To configure MIME mappings at the other levels, use the HTTP Headers property sheet.
Note MIME mappings configured at the computer level will not automatically override those set at the lower levels.