CHAPTER 9

In addition to the WWW service, Microsoft Internet Information Server provides two additional services: File Transfer Protocol (FTP) and gopher. These services are “legacy” services on the Internet, meaning that they are older protocols. However, far from being outdated, these services’ simplicity is often a compelling reason to consider using them in your Web site.

This chapter explains:

The FTP and gopher services and how they work.
When to use the FTP and gopher services.
How to configure the services.

What is the FTP Service?

FTP was one of the earliest protocols used on TCP/IP networks and the Internet. FTP is used to transfer files from one computer on a network to another computer on the same network. FTP was especially useful for transferring files between different computers, such as transferring files from a UNIX® computer to a computer running MS-DOS® or Windows 3.1.

Early FTP client software was character based, and was similar to using the Windows NT command prompt to list and copy files. A character-based program was used to log on to the remote computer, browse directories, and to then transfer files.

Internet Explorer simplifies this process by automatically logging you onto the FTP server if anonymous connections are permitted. Directory listings are automatically displayed as hypertext links, permitting point-and-click simplicity in traversing directories and copying files from a server to a client. (Note that you cannot copy files from a client to a server by using Internet Explorer.)

When Should I Use the FTP Service?

The protocol used for the World Wide Web (WWW), Hypertext Transfer Protocol (HTTP), has replaced most functions of FTP. However, of the three Internet services only FTP can be used to copy files from a client computer to a server computer. If your remote users need to do this, they must use FTP.

Also, if you have existing files that you want to make available to remote users, FTP is an extremely easy service to install and maintain. After installation, point the FTP service to your files; no additional configuration is necessary.

Files made available through FTP can be in any format, such as document files, multimedia files, or application files. If your remote clients are using Internet Explorer, the clients can specify whether to copy the file or to start a helper application to immediately display or play the file.

How Does the FTP Service Work?

The FTP service requires that users log on to use the service. Once logged on, users can navigate the directories made available to the FTP service. Dedicated FTP clients allow remote users to copy files to the FTP site and issue other FTP commands, including logging off.

Configuring Session Activity

You can configure the number of simultaneous connections allowed, and the amount of time allowed for connections.

Because users are logged on until they log off or break the connection, you can use the Connected Users button in the Service property sheet to keep track of which users are currently connected.

Viewing Current Sessions

To see users currently connected to your FTP site

2. Click the Service tab.

3. Click Current Sessions.

4. If you want to disconnect a user, select the user and then click Disconnect. To disconnect all connections, click Disconnect All.

5. Click Close and then click OK.

Configuring FTP Logon

You use Internet Service Manager to configure logon requirements for the FTP service.

If the FTP service is configured for anonymous logon, clients can log on with the user name “anonymous.” Traditionally, anonymous FTP users log on using their e-mail addresses as passwords. Note that Internet Explorer and other Web browsers automatically log on anonymously to all FTP sites that permit anonymous logon.

FTP clients are also permitted to log on with a Windows NT user name and password permitted to use that computer. On Windows NT File System (NTFS) drives, you can control every user’s access permissions and file access. To use this mechanism to log on with a Web browser, type ftp://user:password@computername/ or ftp://username@computername/

In Internet Service Manager FTP Service Properties, select the Allow only anonymous connections check box to prevent users from using user names. With this check box enabled, any account other than “anonymous” cannot log on. This is useful for security because only one account, that assigned for anonymous logon, is permitted access; intruders cannot attempt to gain access with the administrator account.

Controlling Anonymous Connections

To set user name and password security

2. In the Allow Anonymous Connections box, type the user name and password that you want the FTP service to use when accessing resources on behalf of a client.

This account must be a valid account set up in the Windows NT User Manager. Permissions assigned to this account apply to all anonymous logons.

Allow only anonymous connections

This option is handy if you do not want users to log in with their own user names and passwords because FTP passwords are unencrypted. However, all users will have the same access privilege, as defined by the anonymous account. By default, this option is not enabled. Select this option if users should not connect by using their Windows NT user accounts.

Customizing Messages

To customize Welcome, Exit, and Maximum connections messages

2. Click the Messages tab.

3. In the Welcome message box, type the welcome message you want to display when users connect.

4. In the Exit message box, type the message you want to display when users disconnect.

5. In the Maximum connections message box, type the message you want to display when a user tries to connect but cannot because the maximum number of users are already connected.

6. Click Apply and then click OK.

Configuring FTP Directories

This section describes how to configure your FTP directories.

Setting the Home Directory

By default, all subdirectories are available in the home directory. You should place all your FTP files in the home directory. For information about setting and changing your home directory, see Chapter 6, “Planning Your Content Directories and Virtual Servers.”

You can also add virtual directories, just as with the WWW service; however, because of FTP’s technical limitations as an older protocol, virtual directories are not visible to users. Users can browse a virtual directory only if they know the alias of the virtual directory.

Setting Listing Style

Some browsers require that the FTP listing be styled in UNIX format. You should set the FTP listing style to UNIX format for maximum compatibility with browsers.

To determine how directory listings are displayed

Directories

2. In the Directory Listing Style box, select:

UNIX

MS-DOS to display directories in MS-DOS format.

Setting Read and Write Permission

Read permission is set for all FTP virtual root directories by default. Setting Write permission allows users to place files on your computer.

Remove Read permission and set Write permission to create a dedicated folder (directory) to which users can copy files but cannot see any files left by others. Such a directory is sometimes referred to as a "drop-box" directory.

You must set Read and Write permission by using Internet Service Manager. On NTFS drives you may also set additional permissions and restrictions using Windows NT Explorer.

Read

Read permission is set for all FTP virtual root directories by default. Remove Read permission and set Write permission to create a dedicated directory to which users can copy files, but cannot see any files left by others.

Write

Setting Write permission will allow users to place files on your computer.

Note On NTFS drives, it remains necessary to grant the users you want to use the "drop-box" directory Read access by way of Directory Permissions in Windows NT Explorer so that these users are able to change into the "drop-box" directory (using the FTP cd command, for example). Thus, these users must have both NTFS Read and Write permissions in Windows NT Explorer, but they should have only Write permissions in Internet Service Manager.

Creating Annotation Files

Each directory can contain an annotation file, which can be used to summarize the information that the directory contains. This summary appears automatically to remote browsers.

You can add directory descriptions to show FTP users the contents of a particular directory on an FTP site. This is done by creating a file called ~ftpsvc~.ckm in that folder (directory). Usually you want to make this a hidden file so that directory listings do not display it.

You can add directory descriptions to inform FTP users of the contents of directories on an FTP site.

To annotate files

2. In the Windows NT Explorer, select the file and make it a hidden file so that directory listings do not display this file.

3. From an FTP client, type Site ckm at the command prompt, or use the Registry Editor to enable annotated directories by adding the following value:

HKEY_LOCAL_MACHINE\SYSTEM

 \CurrentControlSet

  \Services

   \MSFTPSVC

    \Parameters

AnnotateDirectories REG_DWORD

Range: 0 or 1
Default = 0 (false — that is, directory annotation is off).

The preceding value defines the default behavior of directory annotation for newly connected users. Directory descriptions are used to inform FTP users of the contents of a directory on an FTP site. The directory description is saved in a file named ~ftpsvc~.ckm, which is usually a hidden file. When this value is 1, directory annotation is enabled.

This registry entry does not appear by default in the registry, so you must add an entry if you want to change its default value.

Client Errors Browsing FTP, Directory Annotation Enabled

If directory annotation is enabled on your FTP service, Web browsers may display error messages when browsing your FTP directories. You can eliminate such errors by limiting each annotation file to one line or by disabling directory annotation.

Special Directories in the Home Directory

You can add special directories to the home directories to control the default directory displayed to FTP users. These directories must be physical subdirectories; they cannot be specified by using virtual directories.

Note The preceding does not apply when gaining access to FTP by using a Web browser; Web browsers automatically change to the root directory when logging on. However, this does not preclude the user from from changing to the special directory by using the cd command.

Using User Name Directories

User name directories are directories in the home directory with names that match a user name. If a user logs on with a user name that has a matching directory in the home directory, that directory is used as the root.

You can use FTP user name directories to control the root directory presented to users. FTP user name directories are not created by default during setup.

Using the Anonymous Directory

The Anonymous directory is a directory in the home directory named “Anonymous.” If a user logs on by using the user account Anonymous, the directory name Anonymous is used as the root directory.

Note You can restrict access to a directory to a specific user by using Directory Permissions for that directory in Windows NT Explorer. Each user must also have access to the Ftproot home directory.

FTP Clients

You can use any FTP client to connect to the computer running the FTP service. Windows NT Workstation and Windows NT Server include a character-based FTP client (this client can be started only at the command prompt).

Microsoft Windows NT includes Internet Explorer, which you can use to browse FTP sites. You use a Uniform Resource Locator (URL) to connect to an FTP site; for example, ftp://ftp.microsoft.com/.

What is the Gopher Service?

Although the gopher service is similar to FTP because it allows you to easily publish existing archives of files, the gopher service overcomes some limitations of the FTP service. With the gopher service, you can create links to other computers or services, annotate your files and directories, and create custom menus.

The Microsoft Internet Information Server gopher service supports all gopher features. In addition, the gopher service supports Gopher Plus selector strings, which allows the server to return additional information to the client, such as administrator name, modification date, and MIME type.

To set up a gopher site, copy your files to the gopher home directory (\Inetpub\Gophroot). Clients can then browse the gopher directories as easily as using Windows NT Explorer. To enhance your site you can create tag files that provide links to other computers or services, to annotate your files and directories, and to create custom menus. See “Tag Files,” later in this chapter, for more information.

Configuring the Gopher Service

This section gives you an overview of configuring the gopher service. To configure your service you should configure the following:

The directory or directories from which documents will be published. See Chapter 6, “Planning Your Content Directories and Virtual Servers” for information about setting up directories.
Items that the gopher service will make available under a specified directory tree.
Tags and how they are to be stored.
Indexes to speed up searches.
Activity-log records. For information about logging see Chapter 7, “Logging Server Activity.”
Number of simultaneous connections allowed and the amount of time allowed each connection.

Controlling Security by User Name and Password

To set user name and password security

Service

2. In the Anonymous Logon box, type the user name and password that you want the gopher service to use when accessing resources on behalf of a gopher client.

computername

Setting up WAIS Index Queries

Wide Area Information Search (WAIS) index searching is not enabled by default in Internet Information Server. To enable WAIS, you must change the following entry in the Windows NT registry from 0 (disabled) to 1 (enabled):

HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet \Services \GopherSVC \CheckForWAISDB

Tag Files

Tag files can be used to supplement the standard gopher display returned to clients with additional information and to provide links to other computers.

All information about a file that is sent to a client comes from tag files. This information includes the name of a file displayed for the client. Typical tag files contain:

Display name
Host name
Port number

If you are running Gopher Plus client, you can add more information to each tag file, such as the server administrator’s name and e-mail name, the file’s date of creation, and date of last modification.

You must first create the file and then store it on the gopher server, which is the computer running the gopher service.

You create tags for your gopher site with the gdsset utility. To see the complete syntax of the gdsset command, type gdsset at the command line with no parameters.

Tag files are hidden files. Use Windows NT Explorer to set the hidden attribute for tag files.

On drives formatted using the file allocation table (FAT) file system, the tag file name is the same as the file it describes, with .gtg appended to the file name. For example, if the content file name is Catalog.txt then the tag file name would be Catalog.txt.gtg.

On drives formatted using NTFS, the tag file name is the same as the file it describes with :gtg appended to the file name. NTFS tag files are stored in an alternate data stream. For example, if the content file name is Catalog.txt then the tag file name would be Catalog.txt:gtg. Note that a colon rather than a period is used to start the extension.

Tag files stored on FAT volumes can be edited by using most ASCII-based text editors, such as Notepad. The file may need to be unhidden to edit it. Tag files stored on NTFS volumes cannot be edited by most text editors because the file is stored in an alternate data stream.

Note that if your computer is configured for FAT, you must move the tag file manually when you move the corresponding data files. To move the tag file, first make it visible, because tag files are hidden files. Then move the file, and make hidden it again. (You can use Windows NT Explorer to make files hidden or visible; to show all files, including hidden files, in the View menu, click Options, click the View tab, then select Show all files.)

Note If disk space is critical, make sure that you include the hidden tag files when you calculate how much space your files will take up.

Creating Tag Files

To create a tag file

Type the following syntax on the command line:

gdsset -c -g

-f “

description of file

” -a “

administrator’s name

” -e

e-mail

filename

where

-c Use this flag to edit or create a new file.
-gn The value for n can be any single-digit code from 0 to 9. If you omit this flag, the code for the file type will default to 9, binary.
-a “administrator’s name” The value between the quotation marks is the administrator’s name. If you omit this flag, the value defaults to the service administrator’s name in the Service dialog box of the Microsoft Internet Service Manager.
-e -e-mail The value is the administrator’s e-mail address. If you omit this flag, the value defaults to the service administrator’s e-mail name in the Service dialog box of the Microsoft Internet Service Manager.
filename The value is the name of the tag file you’re creating or editing.

This command line automatically hides the tag files you create.

To create a batch command to tag a series of files that have the same type, such as a series of text files, use the following syntax:

for %1 in (*.txt) do <echo %i&& gdsset -c -gn -f %i %I

To create a link from your local gopher site to a directory on another computer

Run the gdsset command with the following syntax.

file description”

administrator’s name

e-mail

hostname filename

where

-c Edits or creates a new file.
-gn The value for n can be any single-digit code from 0 to 9. If you omit this flag, the code for the file type will default to 9, binary. For a list of type codes, see “Interpreting Item Types.”
-f “file description”

A synopsis of the contents of the file.

-a “administrator’s name”

The value between the quotation marks is the administrator’s name. If you omit this flag, the value defaults to the service administrator’s name in the Service dialog box of the Microsoft Internet Service Manager.

-e e-mail

The value is the administrator’s e-mail address. If you omit this flag, the value defaults to the service administrator’s e-mail address in the Service dialog box of the Microsoft Internet Service Manager.

-h hostname The value specifies the name of the computer to link to.
filename

The value is the name of the file for which you want to create a tag file.

Gdsset automatically hides the tag files you create.

The following command displays information stored in a tag file:

filename

To create a batch command to tag a series of files that have the same type, such as a series of text files, use the following syntax:

for %i in (*.txt) do <echo %i && gdsset -c -g0 -f %i %i

Interpreting Item Types

The following list shows all possible gopher item type codes and what they mean. The first character is the type code.

0 A file, usually a flat text file.

1 A gopher directory.

2 A CSO phone-book server.

3 An error.

4 A Macintosh® file in Binhex format.

5 An MS-DOS binary archive.

6 A UNIX Uuencoded file.

7 An index-search server.

8 A Telnet session.

9 A binary file.

c A calendar or calendar of events.

g A graphic interchange file (GIF) graphic.

h An HTML World Wide Web hypertext page.

i An in-line text that is not an item.

I Another kind of image file.

m A BSD format mbox file.

P A PDF document.

T A TN3270 mainframe session.

: A bitmap Image (use Gopher Plus information for type of image).

0	A file, usually a flat text file.
1	A gopher directory.
2	A CSO phone-book server.
3	An error.
4	A Macintosh® file in Binhex format.
5	An MS-DOS binary archive.
6	A UNIX Uuencoded file.
7	An index-search server.
8	A Telnet session.
9	A binary file.
c	A calendar or calendar of events.
g	A graphic interchange file (GIF) graphic.
h	An HTML World Wide Web hypertext page.
i	An in-line text that is not an item.
I	Another kind of image file.
m	A BSD format mbox file.
P	A PDF document.
T	A TN3270 mainframe session.
:	A bitmap Image (use Gopher Plus information for type of image).