CHAPTER 10
The configuration registry stores values that define the working environment for the Windows NT operating system and any services installed on the computer running Windows NT. Usually, to change these values, you use graphical tools, such as Control Panel, Windows NT Setup, or Internet Service Manager. Windows NT also includes a utility, the Registry Editor (Regedt32.exe), which you can use to inspect and modify the configuration registry directly.
You can configure the Internet services by using Internet Service Manager. The services also use several additional configuration parameters in the registry not configured by using Internet Service Manager. Parameters are either specific to a service or are global to Internet Information Server and all services.
Wherever possible, you should use Internet Service Manager to make changes to your Internet server settings. For a registry change to take effect, you must restart the service affected by the change. For global entries you must restart all services.
See the following sections for entries in this chapter. They show the values used by Internet Information Server:
Creating Registry Entries Registry Keys Installed by Default
| AdminEmail
AdminName AllowAnonymous AllowGuestAccess AnonymousOnly AnonymousUserName ConnectionTimeOut EnablePortAttack |
ExitMessage
GreetingMessage InstallPath LogAnonymous LogFileDirectory LogFileFormat LogFilePeriod LogFileTruncateSize |
LogNonAnonymous
LogSqlDataSource LogSqlPassword LogSqlTableName LogSqlUserName LogType MaxClientsMessage MaxConnections |
Global Registry Entries Registry Path:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\InetInfo
\Parameters
| BandwidthLevel REG_DWORD |
| Range: 0 - 0xFFFFFFFF
Default: 0xFFFFFFFF |
| Specifies the maximum network bandwidth used for Internet Information Server. This helps to prevent overloading the network with Internet Information Server activity. For example, for administrators of small corporate servers, where a single server is used for multiple sites, this will help to reduce network usage for Internet Information Server servers. It is recommended that this parameter be set from Internet Service Manager. Otherwise, the server must be stopped and restarted for this value to take effect. The value 0xFFFFFFFF means “Do not restrict bandwidth.” |
| CacheSecurityDescriptor REG_DWORD |
| Range: 0 - 1
Default: 0 |
| Specifies whether security descriptors are cached for file objects. If enabled (with the value of 1), Internet Information Server retrieves security permissions when caching a file object and will not need to gain access to the file object to check access rights for new users. This feature is useful only if you have more than one user account (not using anonymous only). By default Internet Information Server does not cache security descriptors, but checks the access rights against the file object for new user accounts. |
| DisableMemoryCache REG_DWORD |
| Range: 0 -1
Default: 0 |
| Disables server caching. This key cannot be configured through the Internet Service Manager. If you change this setting, stop the server and restart it for the change to take effect. |
| ListenBackLog REG_DWORD |
| Range: 1-unlimited
Default: 15 |
| Specifies the maximum number of active connections to hold in the queue waiting for server attention. Enhanced Internet Information Server functionality generally makes it unnecessary to use or modify this entry, although extremely heavy use might benefit by increasing this value up to 50. |
| LogFileBatchSize REG_DWORD |
| Range: 0 - 0xFFFFFFFF
Default: 64*1024 (64 KB) |
| Specifies the batch size for writing a log file. The server caches the last LogFileBatchSize bytes of data in memory buffers before it dumps the current buffer to disk. Such batch processing reduces the amount of disk traffic created by log files. In some instances, you may need to reduce the time between writing the buffer to disk. To change the default setting you must add this value to the key using the new setting. |
| MaxConcurrency REG_DWORD |
| Range: 0 - 0xFFFFFFFF
Default: 0 |
| Specifies the amount of concurrency that a system should provide. We use completion ports for handling input-output (I/O). In general it is not good to have more than one thread running and conflicting on shared memory or locks. This key specifies how many threads per processor should be allowed to run simultaneously if there is a pending I/O operation. The specific value of 0 allows system to make intelligent choice of the number of threads to use. Any nonzero value specifies that the system should allow that many threads per processor to run simultaneously. |
| MaxPoolThreads REG_DWORD |
| Range: 0 - 0xFFFFFFFF
Default: 10 |
| Specifies the number of pool threads to create per processor. Each pool thread watches for the network request and processes it. Generally, it is not good to create more than 20 threads per processor. |
| MemoryCacheSize REG_DWORD |
| Range: : 0 - 0xFFFFFFFF
Default: : 3072000 (3MB) |
| Internet Information Server caches system handles, directory listings, and other values of frequently used data to improve performance of the system. This parameter specifies the amount of memory in bytes to allocate for that cache. When this value is changed, the server must be stopped and restarted for this to take effect. A value of 0 means “Do not do any caching.” The performance may be low when caching is off. Sites with heavy traffic can increase this size, provided there is sufficient RAM on the computer. |
| MinFileKbSec REG_DWORD |
| Range: 1 - 8192
Default: 1000 |
| When a Web server sends a file to the client, a timeout is established for how long the server will allow the transfer to continue before ending it. The timeout chosen is the maximum of the Connection Timeout specified in the Internet Service Manager plus the size of the file divided by the value specified as MinFileKbSecs. For example, a file size of 100 kilobytes is given a timeout of 100 seconds, or the Connection Timeout if the latter is greater. Note that the registry name is misleading, because the value is in bytes, not kilobytes as the name might imply. |
| ObjectCacheTTL REG_DWORD |
| Range: 0 - 0x7FFFFFFF, 0xFFFFFFFF (seconds)
Default: 30 seconds |
| This registry entry controls the Time To Live (TTL) setting, which defines the length of time that objects are held in cached memory. If an object in the memory cache has not been referenced for the defined period, that object will be phased out of the cache. If system memory is limited or the server’s contents are dynamic, you can use a lower TTL to prevent system memory from being used to cache a large number of volatile objects. Setting the value to 0xFFFFFFFF disables the object-cache scavenger and allows cached objects to remain in the cache until they are overwritten. Disabling the cache is useful if your server has ample system memory and your data is relatively static. |
| PoolThreadLimit REG_DWORD |
| Range: 0 - 0xFFFFFFFF
Default: 2 * # MB |
| Specifies the maximum number of pool threads that can be created in the system. Each pool thread watches for the network request and processes it. |
| ThreadTimeout REG_DWORD |
| Range: 0 - 0xFFFFFFFF
Default: 24*60*60 (24 hours) |
| Specifies the amount of time an input-output processing thread should be maintained even if there is no I/O activity on the system. In general when there is no I/O activity and no requests outstanding the server is idle and does not consume memory. But if that situation prolongs and exceeds the ThreadTimeout interval, then the thread is stopped. Units are in seconds. |
| UserTokenTTL REG_DWORD |
| Range: 0 - 0x7FFFFFFF
Default: 15 * 60 (10 Minutes) |
| When a request is made to the server, the security credentials for the request (or the configured anonymous user) are used to create a user token on the server which the server impersonates when accessing files or other system resources. The token is cached so that the Windows NT logon only takes place the first time the user accesses the system or after the user’s token has fallen out of the cache. Windows NT Challenge/Response authentication tokens are not cached. Units are in seconds. |
Service-Specific Registry Entries with Common Names Registry Path:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\ServiceName
\Parameters
where ServiceName is
| MSFTPSVC | FTP Service |
| GOPHERSVC | gopher Service |
| W3SVC | WWW Service |
| AdminName REG_SZ |
| Range: String
Default: Administrator |
| Specifies the user-friendly administrator name. The gopher service uses this name to send back responses for Gopher Plus queries. This parameter also serves as a way of identifying who administers a service. |
| AdminEmail REG_SZ |
| Range: String
Default: Admin@corp.com |
| Specifies the e-mail address for the administrator of a particular service. The gopher service uses this name to send back responses for Gopher Plus queries. |
| ServerComment REG_SZ |
| Range: String
Default: “” |
| Specifies a user-friendly comment for a service. This information is used to add a configurable comment in Internet Service Manager. |
| EnableSvcLoc REG_DWORD |
| Range: 0, 1
Default: 1 |
| The Internet Information Server services register themselves with a service locator so that the service can be discovered by Internet Service Manager. This parameter controls such registration. If set to 0, the service will forgo registration. Set to 1, it registers the service for service location. To change the default setting, you must add this value to the key using the new setting. |
| AllowAnonymous REG_DWORD |
| Range: 0, 1
Default: 1 |
| Specifies if an anonymous user should be allowed to connect and make a request to the server. By convention, most Internet services allow anonymous connections to gain access to files. |
| AnonymousUserName REG_SZ |
| Range: String
Default: Guest |
| Specifies the name of the local user account to use for anonymous users. All server actions associate a user name and password with the action. This parameter should not be changed in the registry. You must change this parameter by using Internet Service Manager so that the appropriate password can also be set. The password is stored in protected area in the registry. |
| ConnectionTimeOut REG_DWORD |
| Range: 0-0xFFFFFFFF
Default: 600 seconds |
| Specifies the time the server should maintain a connection when there is no activity. |
| DefaultLogonDomain REG_SZ |
| Range: string
Default: domainname |
| Specifies the default logon domain that validates a clear-text logon when no domain is specified in the user name field. The default value is the domain name for servers that are domain controllers or the name of the local computer (if stand-alone). |
| LogonMethod REG_DWORD |
| Range: 0, 1, 2
Default: 0 |
| Specifies the logon method for clear-text logons. A value of 0 means that users must have the right to log on locally to be given access to the server. A value of 1 means that users must have the right to log on as a batch job.A value of 2 means that users will be logged on as network, which means they must have the user right to access the local computer from a network, which you can set in the Windows NT User Manager for Domains. If you are running SQL Server through an ODBC connector with "SQL Integrated Security" enabled, you need to set this value to either 0 or 1. If this key is not in the registry, the default value is 0. |
| LogFileDirectory REG_EXPAND_SZ |
| Range: String
Default: %systemroot%\system32\logfiles |
| Specifies the directory in which log files are to be stored. Each service generates a log record for each request processed. |
| LogFileFormat REG_DWORD |
| Range: 0, 3
Default: 0 |
| Specifies the format for in which entries are recorded in a text file. The value 0 (the default) indicates Standard format. The value 3 indicates National Center for Supercomputing Applications (NCSA) Common Log File format. |
| LogFilePeriod REG_DWORD |
| Range: 0,1,2,3
Default: 1 |
| Specifies the type of log files to be produced where
0 = No period. Each log file is limited by size specified in LogFileTruncateSize.
|
| LogFileTruncateSize REG_DWORD |
| Range: 0-0xFFFFFFFF
Default: 4,000,000,000 bytes |
| Specifies the maximum size of each log file generated. Once the specified size is reached, the logging module automatically opens a new log file. A value of 0 means “Do not truncate.” |
| LogSqlDataSources REG_SZ |
| Range: String
Default: “” |
| This string specifies the name of the ODBC data source to use for sending the request logs for the service to a SQL-compatible database system. This data source should be a system DSN in the ODBC installation on the server. |
| LogSqlTableName REG_SZ |
| Range: String
Default: “” |
| Specifies the name of the ODBC table name used for sending the request logs for the service to a SQL-compatible database system. The table should be created by the administrator as per the specification provided with the services. The user should also have proper access permissions to insert data into the table. |
| LogSqlUserName REG_SZ |
| Range: String
Default: “” |
| Specifies the user name to use when accessing the ODBC data source specified for ODBC-based logging. This user must be a valid user on the server to which the LogSqlDataSource registry parameter is pointing. |
| LogSqlPassword REG_SZ |
| Range: String
Default: “” |
| Specifies the password for establishing an ODBC connection for a particular user account on the ODBC data source. The password is stored as a clear text. |
| LogType REG_DWORD |
| Range: 0, 1, 2
Default: 1 |
| Specifies the type of logging. The type specifies the destination of log files where
0 = No logging
|
| MaxConnections REG_DWORD |
| Range: 0 - 0xFFFFFFFF
Default: unlimited |
| Specifies the maximum number of simultaneous connections that the server allows at any given time. When the number of current connections exceeds this value, the service rejects the request. A friendly message can be sent to the client that was refused access. |
Registry Path:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\W3SVC
\Parameters
| AcceptByteRanges REG_DWORD |
| Range: 0, 1
Default: 1, enabled |
| The value determines whether the HTTP server will process the “Range” header for type “bytes:”. If enabled, the server will signal that it is accepting range requests by sending the “Accept-Range: bytes” header field, and will process an incoming request specifying a “Range: bytes=” header field according to the Internet draft “Byte range extension to HTTP.” |
| AccessDeniedMessage REG_SZ |
| Range: string
Default: “ ” |
| The message to send back to clients when they have been denied access to the server. Often this message will be a short HTML document, explaining how to gain access. |
| AllowGuestAccess REG_DWORD |
| Range: 0, 1
Default: 1, enabled |
| This flag specifies whether Guest logons are allowed for the WWW service. When a new user logs on, the server checks to see if the user is logged on as aWindows NT guest user. For a Guest connection, based on the value of this flag, the WWW service either rejects or accepts the new connection. Allowing Guest access has been known to cause problems in a poorly managed site.
Under the default installation of Windows NT systems, the Guest account is granted permissions for all types of access on the system. Because this default could easily compromise security, you should turn this switch off by changing the value to 0. |
| AllowSpecialCharsInShell REG_DWORD |
| Range: 0, 1
Default: 0, disabled |
| This value controls whether the Cmd.exe special characters (such as &) are allowed on the command line when running batch files (.bat and .cmd files). These special characters can pose a serious security risk. If the value of this entry is set to 1, malicious users can execute random commands on the server. Therefore, it is highly recommended to leave this setting as 0, the default. |
| CacheExtensions REG_DWORD |
| Range: 0-1
Default: 0x1 |
| Specifies whether Internet Server API (ISAPI) extensions are cached in memory. If set to 0, ISAPI extensions are not cached. See the ISAPI documentation for more information. Use this registry entry for debugging only. |
| CheckForWAISDB REG_DWORD |
| Range: 0, 1
Default: 0 |
| The WWW service uses the Wide Area Information Server (WAIS) Toolkit to support Web-based searches. Microsoft does not provide the WAIS Toolkit. This flag is used to specify if search is supported and if the service should check for WAIS Toolkit. If set to 0, the service does not support searches and does not look for WAIS Toolkit. If set to 1, then the service supports searches if Waislook.exe is installed in the system. |
| CreateProcessAsUser REG_DWORD |
| Range: 0-1
Default: 1 |
| For CGI scripts, by default the server runs the script in the context of the user making the request by using the Win32 CreateProcessAsUser API. If you set this flag to 0, CGI scripts will be started with the CreateProcess API and the scripts will run in the system context. This has serious security implications because CGI scripts will have much greater access to the system than they normally would have. |
| CreateProcessWithNewConsole REG_DWORD |
| Range: 0, 1
Default: 0, disabled |
| By default, CGI scripts are run in a detached process. If you want to run CGI scripts in a process with a new console, for example, when input/output redirection is in the script, change this setting to 1. The process will then be created using the CREATE_NEW_CONSOLE flag.
Note Creating a new console for each CGI script has serious performance implications and should not be done unless slower performance is acceptable. |
| DefaultLoadFile REG_SZ |
| Range: String
Default: Default.htm |
| Specifies the file to return to a client if no file is included in a client’s request. |
| DirBrowseControl REG_DWORD |
| Range: see the explanation paragraph
Default: 0x4000001e |
| Specifies both the display attributes of directory browsing and whether the DefaultLoadFile is used. The value used here is arrived at by adding the hexidecimal values of the attributes listed below. The first four digits of the specified value control whether directory browsing is enabled and whether the default file is enabled. For example, the default setting 0x4000001e has directory browsing disabled but the default file is loaded. To enable directory browsing, you would add the value 0x80000000 to the default setting 0x4000001e, resulting in the value 0xc000001e. To control browsing attributes, you would modify the last four digits. For example, to show only the date of files you could use the value 0xc0000002. |
| Behavior | Value |
| Load Default File | 0x40000000 |
| Directory Browsing Enabled | 0x80000000 |
| Browsing Attributes | |
| Show Date | 0x00000002 |
| Show Time | 0x00000004 |
| Show Size | 0x00000008 |
| Show Extension | 0x00000010 |
| Display Long Date | 0x00000020 |
| DefaultLogonDomain REG_SZ |
| Range: String
Default: [blank] |
| Specifies the default domain for logon. Leaving this value blank (the default) has the following effect: If the computer is a domain controller, the default domain is the domain name; if the computer is not a domain controller, the default domain is the computer name. |
| FilterDLLs REG_SZ |
| Range: String
Default: sspifilt.dll |
| Comma-separated list of ISAPI filter DLLs. |
| GlobalExpire REG_DWORD |
| Range: 0x0-unlimited (seconds)
Default: 0xffffffff |
| Specifies the time in seconds that files will be considered valid. This value is used by the server in the expires header (using Greenwich Mean Time [GMT] time) to indicate to clients how long a static file is valid. This is typically set to 0x0, to prevent the files on the server from being cached by proxies or clients. |
| LogSuccessfulRequests REG_DWORD |
| Range: 0, 1
Default: 1 |
| Determines whether or not to record successful activities in the log file. The value 1 logs successful activities, and 0 turns it off. |
| LogErrorRequests REG_DWORD |
| Range: 0, 1
Default: 1 |
| Determines whether or not to record errors in the log file. The value 1 turns error logging on, and 0 turns it off. |
| NTAuthenticationProviders REG_SZ |
| Range: String
Default: NTLM |
| Lists possible Windows NT authentication schemes returned to clients. Internet Information Server provides the default Windows NT Challenge/Response (NTLM) scheme enabled in the WWW Service property sheet. Third parties may provide alternate Windows NT authentication schemes in the future. |
| PoolIDCConnections REG_DWORD |
| Range: 0, 1
Default: 0 |
| When running a series of Internet Database Connector (.idc) files, you will improve performance if you open a connection to the SQL server and keep it open, rather than opening and closing a connection each time the database is queried. To pool connections by default, set this registry entry to 1.
Resetting this value to 1 will add the connection referenced in all .idc files to the connection pool. Alternatively, you can selectively choose which .idc files should have their connections pooled by using the ODBCConnection: field in the .idc file. For details, see Chapter 8, “Publishing Information and Applications.” The .idc file determines whether it can use a connection from the connection pool based on data source, user name, password, and the logged-on user account specified in the .idc file. If there is an exact match between these fields in the current .idc file and the .idc file specified in the URL, a connection from the connection pool will be used. |
| PoolIDCConnectionsTimeOut REG_DWORD |
| Range: [in seconds]
Default: 30 |
| Controls how long the IDC will keep an ODBC connection in the pool before closing the connection. When the IDC pools a connection, it is potentially taking a license slot for every pooled connection. The value set for this key lets the administrator determine when license slots are released and when server resources are returned to the database server. |
| ReturnURLUsingHostName REG_DWORD |
| Range: 0, 1
Default: 0 |
| With the default setting (0), the server returns its Internet Protocol (IP) address to a client when doing redirects if the host header field is not present. To return a host name or the computer name of the server, change this registry setting to 1. If a host name has been added in the Host Name box of the DNS dialog box, the server will then return that name; otherwise, it will return the server’s computer name, which appears in the Host Name box by default. To fill in a host name, open the TCP/IP property sheet in the Network application of the Windows NT Control Panel. Click the DNS tab, and type a name in the Host Name box. |
See “Associating Interpreters with Applications (Script Mapping),” later in this chapter.
| ScriptTimeout REG_DWORD |
| Range: 0x1-0x80000000
Default: 0x384 |
| Specifies the maximum time the WWW service will wait for a response from CGI scripts. |
| SecurePort REG_DWORD |
| Range: 0x0-0xfa00
Default: 0x1bb |
| Specifies the TCP port to use for SSL. |
| ServerSideIncludesEnabled REG_DWORD |
| Range: 0x0-0x1
Default: 0x1 |
| Set to 0x1, this value enables the use of Include files to permit including repetitive information in files. |
| ServerSideIncludesExtension REG_SZ |
| Range: String
Default: .stm |
| Specifies the file extension for files that the server will scan for include statements |
FTP Service Registry Entries Registry Path:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\FTPSVC
\Parameters
| AccessCheck REG_DWORD |
| Range: <any>
Default: <any> |
| Checks the access of incoming user connections. The server impersonates the logged-on user and attempts to open the registry key for read and write. If the key does not exist, read and write permissions are granted. If the key exists, read and write permissions are granted to the user based on the access permission on the registry key. This feature is specifically useful for servers that publish content on a FAT volume and therefore do not have the rich security features of NTFS. Because it is hard to manage and performance slows down, Microsoft does not recommend using this approach to provide security. |
| AllowKeepAlives REG_DWORD |
| Range: 0, 1
Default: 1 |
| In some rare instances, you may want to turn off “Connection: keep-alive” negotiation with clients. Most clients support making multiple requests to the server on a TCP session, so this feature significantly decreases the workload on the server. Turning off keep-alive negotiation will have serious performance implications and should be used only when necessary. |
| AnonymousOnly REG_DWORD |
| Range: 0, 1
Default: 0 |
| Specifies if only anonymous connections are permitted. If set to 1, only anonymous connections are permitted (especially true of FTP service). To change the default setting, you must add this value to the key using the new setting. |
| EnablePortAttack REG_DWORD |
| Range: 0, 1
Default: 0 |
| This parameter is set by default to prevent a security problem in the FTP protocol specification. The FTP service specification allows passive connections to be established based on the port address given by client. This can allow hackers to execute destructive commands in the FTP service. The problem occurs when the FTP service connects using a port other than FTP Data port (20) and port number is less than IP_PORT_RESERVED (1024). EnablePortAttack controls if such an attack should be allowed. By default, the service does not make any connections to port numbers lower than IP_PORT_RESERVED (other than 20). If you want to users to connect by using other ports as specified in the FTP RFC, this flag should be enabled. |
| ExitMessage REG_SZ |
| Range: String
Default: “” |
| The FTP service sends back an exit message when a client sends a quit command. This string specifies the exit message sent. |
| GreetingMessage REG_MULTI_SZ |
| Range: String
Default: “” |
| When a new user connects to the FTP Server, the server can send a friendly welcome message detailing contents and administrative information. This string (multiple lines) specifies the message to use for greeting the new client connections. |
| LogAnonymous REG_DWORD |
| Range: 0, 1
Default: 1 |
| Controls whether a log record should be written for anonymous connections. If set to 0, no log records are written for anonymous connections. |
| LogNonAnonymous REG_DWORD |
| Range: 0, 1
Default: 1 |
| Controls whether a log record should be written for non-anonymous connections. If set to 0, no log records are written for non-anonymous connections. Only the FTP and WWW services have non-anonymous user support. |
| MaxClientsMessage REG_SZ |
| Range: String
Default: “” |
| When the current connection exceeds the maximum connections (in the MaxConnections key) specified for the service, the service can send a friendly message to clients. This message is a single-line message. |
| AccessCheck REG_DWORD |
| Range: any
Default: any |
| Used for access checks of incoming user connections. The server impersonates the logged-on user and attempts to open the registry key for read and write. If the key does not exist, then read and write permissions are granted. If the key exists, then based on the access permission on the registry key, read and write permissions are granted to the user. This feature is useful for servers that publish content on a FAT volume and hence do not have the rich security features of NTFS. This is not a recommended approach to provide security because of poor manageability and performance. To enable this feature, you must add this value to the key using the appropriate access settings. |
| AllowGuestAccess REG_DWORD |
| Range: 0, 1
Default: 1 |
| Specifies if guest logons are permitted for FTP service. When a new user logs on, the server checks to see if the user is logged on as Windows NT user with guest permissions. For a guest connection, based on the value of this entry, the FTP service either rejects or accepts the new connection. Permitting Guest access has been known to create problems in poorly managed sites. Under default installation of Windows NT systems, Guest is granted permissions for many types of access on the system. It is recommended that administrators do not permit access by using the Guest account. To change the default setting to “No access by using the Guest account,” you must add this value to the key using the new setting. |
| AnnotateDirectories REG_DWORD |
| Range: 0, 1
Default: 0 (FALSE) |
| FTP service supports annotating a directory with custom messages. The annotation text is stored in a special file named ~ftpsvc~.ckm in the directory to be annotated. If this file exists in the target directory of a Change Directory (CWD) FTP operation, then the service responds with the contents of this file for the operation. This provides a way for administrators to add custom messages for directories under consideration. By default the service is configured to not send annotation text. If you choose to add a custom message, the annotation file should be created as well as setting this value to 1. Also, it is recommended that you make the annotation file a hidden file so that the file does not appear on a directory listing. |
| MsdosDirOutput REG_DWORD |
| Range: 0, 1
Default: 1 (TRUE) |
| Specifies the style of directory output for a LIST operation from an FTP client. If the value is set to 1, the service generates a MS-DOS-style directory listing. If the value is set to 0, the service generates an UNIX-style listing. Some clients will not display MS-DOS-style listings. For this reason you should consider setting this value to 0. UNIX style listings consume more CPU time. |
| LowercaseFiles REG_DWORD |
| Range: 0, 1
Default: 0 (FALSE) |
| The FTP service uses the native case for file names (how the file names are stored in file system). However, in order for exact comparisons with case-sensitive file systems to work, it may be necessary to ensure that proper file names are used. Administrators can add this value to ensure that the service uses lowercase for such comparisons. |
| Realm REG_SZ |
| Range: string
Default: Host Header or IP address |
| Supplies the realm value when the server requests a client to authenticate because the client was denied access to a resource when using Basic (clear text) authentication. This value appears in the browser’s user name–password prompt. |
| UploadReadAhead REG_DWORD |
| Range: 0 - 0x80000000
Default: 48K |
| When the client posts data to the server, this is the default amount the server will read before passing control to the application. The application is then responsible for reading the rest of the data. Increasing this size increases the amount of memory required on the server. |
| UsePoolThreadForCGI REG_DWORD |
| Range: 0, 1
Default: 1 |
| Internet Information Server by default uses a server pool thread to do CGI processing. This means CGI requests that take an extended period of time can consume a server pool thread. Adjusting MaxPoolThreads under ..\services\infocomm\parameters can make more pool threads available. |
Gopher Service Registry Entries Registry Path:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\GOPHERSVC
\Parameters
| CheckForWAISDB REG_DWORD |
| Range: 0, 1
Default: 0 |
| The gopher service uses the WAIS Toolkit to support gopher-based searches. Microsoft does not provide the WAIS Toolkit. This flag is used to specify if search is supported and if the service should check for WAIS Toolkit. If set to 0, the service does not support searches and does not look for WAIS Toolkit. If set to 1, then the service supports searches if Waislook.exe is installed in the system. |
Setup Registry Entries HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
INetMgr
| InstalledBy REG_SZ |
| Range: INetStp
Default: INetStp |
| The presence of this entry indicates that Internet Information Server is installed. |
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
INetMgr
\Parameters
| MajorVersion REG_DWORD |
| Range: 1
Default: 1 |
| Indicates the major version number, for example, the 1 in version 1.0. |
| MinorVersion REG_DWORD |
| Range: 1-9
Default: 0 |
| Indicates the minor version number, for example, the 0 in version 1.0. |
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
INetMgr
\Parameters
\AddOnServices
| FTP REG_SZ |
| Range: string
Default: fscfg.dll |
| Defines the configuration DLL used by the FTP service. |
| Gopher REG_SZ |
| Defines the configuration DLL used by the gopher service. |
| Range: string
Default: gscfg.dll |
| WWW REG_SZ |
| Range: string
Default: w3scfg.dll |
| Defines the configuration DLL used by the WWW service. |
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
INetStp
| AnonymousUser REG_SZ |
| Range: String
Default: IUSR_computername |
| Specifies the anonymous user account created during setup. |
| InstallPath REG_SZ |
| Range: String
Default: c:\winnt\system32\inetsrv |
| Specifies the installation location for Internet Information Server. |
| MajorVersion REG_DWORD |
| Range: 1
Default: 1 |
| Indicates the major version number, for example, the 1 in version 1.0. |
| MinorVersion REG_DWORD |
| Range: 1-9
Default: 0 |
| Indicates the minor version number, for example, the 0 in version 1.0. |
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
INetStp
Help
The presence of this entry indicates that Help is installed.
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
\INetExplore
| InstalledBy REG_SZ |
| Range: INetStp
Default: INetStp |
| The presence of this entry indicates that Internet Explorer version 1.5 is installed. |
Server MIME Mapping Note that each MIME type is a REG_SZ with the type of information as the name of the value with an empty value.
<mime type>,<filename extension>,,<gopher type>
text/html,htm,,1
image/gif,gif,,5
The default entry with the file-name extension specified as an asterisk (*) is the default MIME type used when a MIME mapping does not exist. For example, to handle a request for the file Current.vgr when the the file-name extension .vgr is not mapped to a MIME type, the server will use the MIME type specified for the asterisk extension, which is the type used for binary data. Usually, this will cause browsers to save the file to disk.
Associating Interpreters with Applications (Script Mapping) .bat or .cmd=C:\Winnt\System32\cmd.exe /c %s %s
.idc=C: \Winnt\System32\Inetsrv\Httpodbc.dll
For other file-name extensions, you must edit the information in the the Windows NT registry.
In the .bat example above, the first %s is the mapped URL (that is, C:\InetPub\Scripts\Test.bat). The second %s represents the parameters to the URL (in other words, the query string; the second %s is used only if an equals sign is not found).
Thus, you can reference URLs such as:
/scripts/test.bat?This+is+a+search
/scripts/bugs.idc?Assign=Johnl
3. Type the file-name extension used for your scripts.
4. In the String editor, type the full path to the interpreter used with that script.
5. Restart the WWW service.
Adding Virtual Directories by Using the Registry where <service> is W3SVC, GOPHERSVC, or MSFTPSVC
3. Type the alias name for your directory and click the OK button.
4. In the String editor, type the full path to the virtual directory.
Each virtual root has the following form:
<Root Name>,<Host address>=<Physical path>,<User name>,<Access mask>
Where:
Root Name This is the name of the virtual directory as it would appear in an URL. For example “/scripts” or “/specs”. A root name of just “/” is considered to be the home root that will be used if no other roots match.
Host Address The Host address is an optional field that indicates the server IP address this virtual root is associated with. By specifying a host IP address, multiple logical servers can be setup on a single machine. If a host address is specified, then only clients making requests on this IP address will see this virtual root.
Physical Path The physical path the Root Name should point to. For example “C:\Wwwroot” or “\\Server\Share”. In the latter case where a UNC share is specified, a valid username and password must be specified.
User Name Only used if Physical path is a UNC share; specifies the user context to connect and impersonate as when accessing files over this virtual root. Note that the password is kept in a protected part of the registry and must be set using the Internet Service Manager.
Access Mask This item is a single hexadecimal character bitfield that specifies what operations are allowed on this root. The mask is not used by the gopher server because only Read operations are ever performed. Note that this mask has no influence on any NTFS ACLs that might be on the files. File ACLs must grant the appropriate permissions in addition to setting the appropriate value on the virtual root. The values for the bitfield are:
0x00000001 - Read access is allowed (FTP and HTTP)
0x00000002 - Write access is allowed (FTP only)
0x00000004 - Execute access is allowed (HTTP only)
0x00000008 - SSL or PCT encryption required (HTTP only)
The servers always match the longest virtual root first, thus “/123/567/89” will match “/123/567” before it matches “/123”. The home root (“/”) always matches last. Virtual roots with host IP addresses always match before roots without host addresses.
Note Virtual directories will not appear in directory listings (also called directory browsing for the WWW service). To access a virtual directory users must know the virtual directory’s alias, and type the URL address in their browser. For the WWW service, you can also create links in HTML pages. For the gopher service, you can create explicit links in tag files so that users can access virtual directories. For the FTP service, you can list virtual directories by using directory annotations.
© 1996 by Microsoft Corporation. All rights reserved.