Purpose:
The purpose of this article is to become you familiar with the NNTP service of Microsoft Internet Information Server IIS 5.
Procedure:
IIS 5 can also be configured as a NNTP server (Newsgroup) to publish news to the local domains as well as to the internet.
In this section we will completely study the default NNTP virtual server, its properties, configuration, and security settings. We will also discuss about creating a new NNTP virtual server based on the TCP port and IP address combinations.
To access the default NNTP server node properties, right click on it and then select the properties option as shown below.
NNTP Virtual server General Tab has the following configuration settings.
Name text box is used to define a distinguishable name for this NNTP virtual server. You can change this name according to your own naming scheme.
IP address box is used to bind the particular IP address or all the IP addresses (All Unsigned option) of your Windows 2000 server to this NNTP server.
By default NNTP virtual server is configured to accept NNTP requests on TCP port 119 and SSL port 563 on all the IP addresses of your windows 2000 server. To change this setting or to define the additional TCP port number and IP address combination click on the Advanced button and configure (Add, edit, or remove) your desired TCP port and IP address combinations.
Connection option is used to configure the maximum numbers of connections and time-out value in minutes for the NNTP virtual server.
Enable logging is used to track the NNTP virtual server activity. You can choose one of the four logging formats that Microsoft NNTP Service uses.
Note: Complete detail about these four log file formats and their configuration has been discussed in the previous topics. Please consult those topics for complete explanation.
Path header option is used to type the string that is used for the Path line in each news posting.
NNTP Virtual server Access tab is used to configure client access to the NNTP virtual server and to establish transmission security. For example, you can configure Microsoft NNTP Service to allow anonymous access or to prompt users for a user name and password.
Access Control Section is used to define the authentication level for your NNTP server. Authentication level means configuration of anonymous or basic configuration etc. Click the Authentication button to define the user authentication levels.
Allow anonymous option is used to allow any client access to the contents of this directory. No user name or password is required when this configuration is used. Click Anonymous to open the Anonymous Account window, where you can select a Windows 2000 account that will be used when someone logs on anonymously.
Basic authentication option is used to enable Basic (clear-text) password authentication. NNTP defines an authorization protocol, called AUTHINFO, that is based on clear-text passwords. Microsoft NNTP Service supports this clear-text password authorization protocol as Basic password authentication. It also extends the protocol to support delivery of confidential data between Microsoft NNTP Service and an NNTP client.
Windows security package option is used to enable the standard Security Package security mechanism that is provided with Microsoft Windows 2000 Server. This security feature makes it possible for businesses to provide secure logon services for their customers. Virtual servers that already use Windows Security Package in an internal system can benefit by using a single, common security mechanism.
Windows Security Package authentication uses a cryptographic technique for authenticating users and does not require the user to transmit actual passwords across the network.
Note: Using Windows Security Package authentication requires a news client that supports this authentication method. Microsoft Outlook Express supports Windows Security Package authentication.
Enable SSL client authentication (requires server certificate) option is used to enables secure client authentication using SSL encryption and certificates.
Note: An SSL certificate is required for the computer running Microsoft NNTP Service.
Require SSL client authentication option when selected requires that clients provide SSL encrypted user names and passwords.
Enable client certificate mappings to Windows user accounts option is used when client software has an SSL client certificate installed and use the Microsoft Windows account that is mapped to that certificate to authenticate users.
Choose Client Mappings to enter certificates and the Windows account names.
Secure Communication section is used to define the secure communication between clients and the servers with the help of digital certificates. To enable secure communication, you should have a valid and trusted digital certificate.
To assign an existing digital certificate or to request a new digital certificate, click the Certificate button and follow the Web Server Certificate Wizard.
Note: Complete detail about this wizard has been already discussed.
Connection Control section is used to restrict or allow access to the NNTP server based on client, IP address, group of IP addresses or domain names.
To define the connection control, click the Connection button.
Click the Add button to define your access or restriction for clients based on their IP addresses or domain names.
NNTP virtual server Settings tab has the following options.
Allow client posting option allows news clients to post articles to this NNTP virtual server.
Limit post size option defines the maximum size for an article that a news client can post to this NNTP virtual server. When the checkbox is selected, the default limit is 1000 kilobytes (KB). Clear the checkbox to have no limit.
Limit connection size option defines the maximum size for all articles that a news client can post to this NNTP virtual server during a single connection. When the checkbox is selected, the default limit is 20 megabytes (MB). Clear the checkbox to have no limit.
Allow feed posting option allows newsfeeds to post articles to this NNTP virtual server.
Limit post size option defines the maximum size for an article that a newsfeed can post to this NNTP virtual server. When the checkbox is selected, the default limit is 1500 KB. Clear the checkbox to have no limit.
Limit connection size option define the maximum size for all articles that a newsfeed can post to this NNTP virtual server during a single connection. When the checkbox is selected the default limit is 40 MB. Clear the checkbox to have no limit.
Allow servers to pull news articles from this server option allows other news servers to pull news articles from this NNTP virtual server.
Allow control messages when selected controls messages to be processed automatically and then logged in the transaction log. Clear this box if you want to log but not process control messages.
SMTP server for moderated groups specifies the SMTP mail server where all postings to moderated groups are forwarded. This value must be either a valid computer name registered with DNS (with a valid IP address), or a directory path. A directory path is used only for moderated messages that are sent to a designated directory location.
Default moderator domain option specifies the default domain for all moderated postings. The domain must be a qualified domain name.
Note: Articles posted to moderated newsgroups that do not have a specified moderator are sent to:
news_group_name@default_moderator_domain
where news_group_name is the name of the newsgroup to which the article is sent, and default_moderator_domain is the value you specify for this option.
Administrator Email Account option specifies an e-mail address for the receipt of non-delivery reports (NDRs) for moderated newsgroup articles that cannot be delivered to the designated moderator.
Security tab is used to define the additional operators for this NNTP Virtual server.
To add additional operators, click the Add button and select the desired operators from the Users list.
To remove a particular operator, highlight the operator and then click the Remove button.
Newsgroup Node
Newsgroup node is used to create additional newsgroup for this Virtual NNTP server or to manage the existing newsgroup.
Creating new Newsgroup
To create a new newsgroup, Right-click Newsgroups under this Virtual NNTP virtual server. Select New, and then click Newsgroup.
Follow the New Newsgroups Wizard.
In the New Newsgroup Wizard, Provide a Name for your newsgroup.
In the next Wizard window, define the description and Pretty name for your newsgroup.
With this description, you can define a newsgroup function that is not evident from the newsgroup title. This description is optional.
Pretty name display name for your newsgroup, enter a name for the newsgroup that is returned by the NNTP command LIST PRETTYNAMES.
Note: Pretty names are displayed by some clients. This option accepts Unicode characters, which means that you can specify a newsgroup name using the character set of another language.
Click Finish button to create this new newsgroup under your default NNTP server.
Newsgroup Properties
To access the properties window of this newly created newsgroup, right click the desired newsgroup and click the properties option as shown below.
The properties window will look like this.
In properties window
Description is used to define a brief description for this newsgroup.
Pretty name is used to define a name for the newsgroup that is returned by the NNTP command LIST PRETTYNAMES
Read only checkbox is used to make this newsgroup read only for simple users and only the designated moderator can post articles to this newsgroup.
Moderated checkbox is used to specify that articles are sent to a particular e-mail address before they are posted.
If Moderated checkbox is selected, In the Moderator text box, type the e-mail address of the moderator for this newsgroup.
Set Default Set Default is used to set the default as your newsgroup moderator. Note: The default e-mail address is the name of the newsgroup, with a domain that you specified in Default moderator domain on the NNTP Settings tab. When you click Set Default, however, only the name of the newsgroup will display in Moderator.
Expiration Policies
Expiration policy is used to define a deletion time period for the articles published under your NNTP virtual server.
To create a new expiration policy, right click the Expiration Policies node, click New and then click the Expiration policy option and follow the wizard.
In the new expiration policy wizard, type the Expiration Policy description for this new policy and click Next as shown below.
In the next phase, define this expiration policy globally for all the newsgroups of this NNTP virtual server or to the selected newsgroups.
Click Next to continue.
Define the deletion time for the old article in hours (default is 168 hours that is equal to one week).
Click Finish to create this new expiration policy for this NNTP virtual server.
The new expiration policy for all the newsgroups hosted on this NNTP virtual server has been implemented successfully.
Virtual Directories
Virtual Directories are used to store newsgroup articles. For example, you can create a virtual directory for storing all newsgroups related to Notices on one disk drive and a virtual directory for storing all business related newsgroups on another.
Virtual directories have two components:
- Virtual directory path
- Virtual directory alias
The alias makes it possible for you to change the physical location of the newsgroups without having to change the location that clients use to access the newsgroups. The alias appears in the news service URL, and can remain the same no matter where the files are actually stored.
Creating a new Virtual Directory
To create a new virtual directory, right click the Virtual directories node of your Virtual NNTP server, click New, click Virtual directory option and follow the wizard.
Type a name for your subtree that will be stored on this virtual server as shown below.
Click Next to continue.
Define the location of your virtual directory i.e. whether its content should be stored on the local file system or on a remote share as shown below.
Click Next to continue.
Define the parameters for File system (directory path) as shown below.
Click Finish to create this virtual directory.
Virtual Directory Properties
To access the properties of this newly created virtual directory, Right click on it and select the Properties option to open its properties window as shown below.
The virtual directory properties window will look like this.
Directory Contents allows you to view the location of the home directory.
The home directory can be located on either a local disk drive or a disk drive on a computer on your LAN that is running Microsoft Windows 2000 Server.
To change the path for this virtual directory, click the Contents button.
You can change the location of your virtual directory from the above configuration window.
Secure communications option is used to require clients to use SSL for connections to Microsoft NNTP Service. This ensures that outgoing data is encrypted. To set the encryption level for this virtual directory, click Secure button to open the Security window as shown below.
In this window, you can enable the secure channel and can also define the encryption level (128-bit) for secure communication.
Allow posting option is used to allow news clients to post articles to newsgroups in this directory.
Restrict newsgroup visibility option is used to restrict viewing newsgroup lists in this directory to users who have access permission for the newsgroups.
Note: This option adds processing overhead, which will consume memory and slow NNTP service,
Log access option is used to generate a log of news-client access to this directory in the Microsoft Internet Information Services access log.
Note: To enable logging, you must also select the Enable logging check box on the General tab.
Index news content option is used to index newsgroups in this directory with Microsoft Indexing Services, which allows users to search for specific text.
Current Sessions
Current Sessions node is used to view or to terminate the users who are currently connected to this NNTP virtual server.
No comments:
Post a Comment