You have reached the default limit is 100 database sessions. You need to increase the postmaster's limit on how many concurrent backend processes it can start by changing the max_connections value in postgresql.conf and restarting the postmaster.
Tuesday, March 18, 2008
How can I enable Microsoft Internet Information Services (IIS) 6.0 to display filenames that have no extension?
Although the ability to display file that have no extensions was available by default in IIS 5.0, Microsoft has removed that default option from IIS 6.0. To re-enable the ability to display file types that have no extensions, follow these steps:
Click Start and select Programs, Administrative Tools, Internet Information Services (IIS) Manager.
Expand the Web Sites branch, right-click the Web site for which you want to enable no-extension files, and select Properties.
When you restart the Web site, you should be able to see and open files that have no extension. (To restart the server, right-click the Web site in IIS and select Stop, then select Start.)
Click Start and select Programs, Administrative Tools, Internet Information Services (IIS) Manager.
Expand the Web Sites branch, right-click the Web site for which you want to enable no-extension files, and select Properties.
- Select the HTTP Headers tab and click MIME Types.
- Click New. You'll see the MIME Type dialog box.
- In the Extension text box, enter a period followed by an asterisk (.*).
- In the MIME Type text box, type:
- application/octet-stream
- Click OK.
- Then click OK again to display the Web site's main properties page
When you restart the Web site, you should be able to see and open files that have no extension. (To restart the server, right-click the Web site in IIS and select Stop, then select Start.)
How can I find out which worker processes are connected to the application pools on a server?
You can run the command-line script iisapp.vbs (%windir%\system32\iisapp.vbs) to list any of the following:
• Worker processes that are currently running
• Application pools assigned to the worker processes
• Applications currently running in each worker process
The server must be running a member of the Windows Server 2003 family with IIS 6.0.
• Worker processes that are currently running
• Application pools assigned to the worker processes
• Applications currently running in each worker process
The server must be running a member of the Windows Server 2003 family with IIS 6.0.
How can I harden the TCP/IP stack on my Windows 2003 server against a Denial of Service (DOS) attack?
TCP/IP Registry Values That Harden the TCP/IP Stack
The following list explains the TCP/IP-related registry values that you can configure to harden the TCP/IP stack on computers that are directly connected to the Internet. All of these values should be created under the following registry key, unless otherwise noted:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
NOTE: All values are in hexadecimal unless otherwise noted.
• Value name: SynAttackProtect
Key: Tcpip\Parameters
Value Type: REG_DWORD
Valid Range: 0,1
Default: 0
This registry value causes Transmission Control Protocol (TCP) to adjust retransmission of SYN-ACKS. When you configure this value, the connection responses time out more quickly during a SYN attack (a type of denial of service attack).
The following parameters can be used with this registry value:
• 0 (default value): Set SynAttackProtect to 0 for typical protection against SYN attacks.
• 1: Set SynAttackProtect to 1 for better protection against SYN attacks. This parameter causes TCP to adjust the retransmission of SYN-ACKS. When you set SynAttackProtect to 1, connection responses time out more quickly if the system detects that a SYN attack is in progress. Windows uses the following values to determine whether an attack is in progress:
• TcpMaxPortsExhausted
• TCPMaxHalfOpen
• TCPMaxHalfOpenRetried
• Value name: EnableDeadGWDetect
Key: Tcpip\Parameters
Value Type: REG_DWORD
Valid Range: 0, 1 (False, True)
Default: 1 (True)
The following list explains the parameters that you can use with this registry value:
• 1: When you set EnableDeadGWDetect to 1, TCP is permitted to perform dead-gateway detection. When dead-gateway detection is enabled, TCP may ask the Internet Protocol (IP) to change to a backup gateway if a number of connections are experiencing difficulty. Backup gateways are defined in the Advanced section of the TCP/IP configuration dialog box in the Network tool in Control Panel.
• 0: Microsoft recommends that you set the EnableDeadGWDetect value to 0. If you do not set this value to 0, an attack may force the server to switch gateways and cause it to switch to an unintended gateway.
• Value name: EnablePMTUDiscoveryKey: Tcpip\ParametersValue Type: REG_DWORDValid Range: 0, 1 (False, True)Default: 1 (True)
The following list explains the parameters that you can use with this registry value:
• 1: When you set EnablePMTUDiscovery to 1, TCP tries to discover either the maximum transmission unit (MTU) or the largest packet size over the path to a remote host. TCP can remove fragmentation at routers along the path that connect networks with different MTUs by discovering the path MTU and limiting TCP segments to this size. Fragmentation adversely affects TCP throughput.
• 0: Microsoft recommends that you set EnablePMTUDiscovery to 0. When you do so, an MTU of 576 bytes is used for all connections that are not hosts on the local subnet. If you do not set this value to 0, an attacker may force the MTU value to a very small value and overwork the stack.
Important Setting EnablePMTUDiscovery to 0 negatively affects TCP/IP performance and throughput. Even though Microsoft recommends this setting, it should not be used unless you are fully aware of this performance loss.
• Value name: KeepAliveTimeKey: Tcpip\ParametersValue Type: REG_DWORD-Time in millisecondsValid Range: 1-0xFFFFFFFFDefault: 7,200,000 (two hours)
This value controls how frequently TCP tries to verify that an idle connection is still intact by sending a keep-alive packet. If the remote computer is still reachable, it acknowledges the keep-alive packet. Keep-alive packets are not sent by default. You can use a program to configure this value on a connection. The recommended value setting is 300,000 (5 minutes).
• Value name: NoNameReleaseOnDemand
Key: Netbt\Parameters
Value Type: REG_DWORD
Valid Range: 0, 1 (False, True)
Default: 0 (False)
This value determines whether the computer releases its NetBIOS name when it receives a name-release request. This value was added to permit the administrator to protect the computer against malicious name-release attacks. Microsoft recommends that you set the NoNameReleaseOnDemand value to 1.
The following list explains the TCP/IP-related registry values that you can configure to harden the TCP/IP stack on computers that are directly connected to the Internet. All of these values should be created under the following registry key, unless otherwise noted:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
NOTE: All values are in hexadecimal unless otherwise noted.
• Value name: SynAttackProtect
Key: Tcpip\Parameters
Value Type: REG_DWORD
Valid Range: 0,1
Default: 0
This registry value causes Transmission Control Protocol (TCP) to adjust retransmission of SYN-ACKS. When you configure this value, the connection responses time out more quickly during a SYN attack (a type of denial of service attack).
The following parameters can be used with this registry value:
• 0 (default value): Set SynAttackProtect to 0 for typical protection against SYN attacks.
• 1: Set SynAttackProtect to 1 for better protection against SYN attacks. This parameter causes TCP to adjust the retransmission of SYN-ACKS. When you set SynAttackProtect to 1, connection responses time out more quickly if the system detects that a SYN attack is in progress. Windows uses the following values to determine whether an attack is in progress:
• TcpMaxPortsExhausted
• TCPMaxHalfOpen
• TCPMaxHalfOpenRetried
• Value name: EnableDeadGWDetect
Key: Tcpip\Parameters
Value Type: REG_DWORD
Valid Range: 0, 1 (False, True)
Default: 1 (True)
The following list explains the parameters that you can use with this registry value:
• 1: When you set EnableDeadGWDetect to 1, TCP is permitted to perform dead-gateway detection. When dead-gateway detection is enabled, TCP may ask the Internet Protocol (IP) to change to a backup gateway if a number of connections are experiencing difficulty. Backup gateways are defined in the Advanced section of the TCP/IP configuration dialog box in the Network tool in Control Panel.
• 0: Microsoft recommends that you set the EnableDeadGWDetect value to 0. If you do not set this value to 0, an attack may force the server to switch gateways and cause it to switch to an unintended gateway.
• Value name: EnablePMTUDiscoveryKey: Tcpip\ParametersValue Type: REG_DWORDValid Range: 0, 1 (False, True)Default: 1 (True)
The following list explains the parameters that you can use with this registry value:
• 1: When you set EnablePMTUDiscovery to 1, TCP tries to discover either the maximum transmission unit (MTU) or the largest packet size over the path to a remote host. TCP can remove fragmentation at routers along the path that connect networks with different MTUs by discovering the path MTU and limiting TCP segments to this size. Fragmentation adversely affects TCP throughput.
• 0: Microsoft recommends that you set EnablePMTUDiscovery to 0. When you do so, an MTU of 576 bytes is used for all connections that are not hosts on the local subnet. If you do not set this value to 0, an attacker may force the MTU value to a very small value and overwork the stack.
Important Setting EnablePMTUDiscovery to 0 negatively affects TCP/IP performance and throughput. Even though Microsoft recommends this setting, it should not be used unless you are fully aware of this performance loss.
• Value name: KeepAliveTimeKey: Tcpip\ParametersValue Type: REG_DWORD-Time in millisecondsValid Range: 1-0xFFFFFFFFDefault: 7,200,000 (two hours)
This value controls how frequently TCP tries to verify that an idle connection is still intact by sending a keep-alive packet. If the remote computer is still reachable, it acknowledges the keep-alive packet. Keep-alive packets are not sent by default. You can use a program to configure this value on a connection. The recommended value setting is 300,000 (5 minutes).
• Value name: NoNameReleaseOnDemand
Key: Netbt\Parameters
Value Type: REG_DWORD
Valid Range: 0, 1 (False, True)
Default: 0 (False)
This value determines whether the computer releases its NetBIOS name when it receives a name-release request. This value was added to permit the administrator to protect the computer against malicious name-release attacks. Microsoft recommends that you set the NoNameReleaseOnDemand value to 1.
How can I prevent malicious or malfunctioning software clients from consuming resources by using minimal data to hold connections open?
Set the minimum data throughput to a rate that you expect legitimate or correctly functioning client applications to sustain. The value of the MinFileBytesPerSec metabase property enforces the minimum data throughput rate when IIS sends or receives data. If the throughput rate of a connection falls below the number of seconds specified by the MinFileBytesPerSec value, IIS terminates the connection. The default MinFileBytesPerSec value is 240. To change the value, type the following at a command prompt, where NumberOfSeconds is the minimum data throughput rate, in seconds:
cscript adsutil.vbs SET W3SVC/MinFileBytesPerSec "NumberOfSeconds"
How can I increase the time that services have to shut down?
By default, the OS allows services 20 seconds to stop before it forcefully halts them. For services that have a large amount of information in memory (e.g., Internet Security and Acceleration—ISA—Server 2000), 20 seconds might not be enough time. To increase the time the system allows, perform the following steps:
- Start regedit.exe.
- Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control.
- Double-click WaitToKillServiceTimeout.
- Set this value to the desired wait time in milliseconds—60000 is 1 minute.
- Click OK.
- Close regedit.
- Reboot the machine.
Note that this value applies to ALL services, so setting it to a longer interval might slow your computer's shut down: if a service doesn't shut down correctly, it will have a longer time before the OS halts it.
How can I flush the DNS resolver cache in Windows?
C:\>ipconfig /flushdns
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\>
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\>
How can I manage a MySQL database from windows?
MySQL Administrator (http://dev.mysql.com/downloads/administrator/) is freely available as are many other solutions including phpMyAdmin. You can also SSH into the server and control it directly. phpMyAdmin is probably the easiest to use because it runs directly on the server and does not require the creation of a new user. However phpMyAdmin has been the victim of many hackers. MySQL Administrator has a nice intuitive GUI but for security reasons I would suggest manually adding a user with only the privileges you need to manage the server.
Why do I get a black screen when I connect to my Windows server via RDP (Remote Desktop)?
This issue is a known Windows bug that occurs when the primary drive ( C: ) runs out of available free space. When this happens, Windows often overwrites control panel color settings for the desktop and login screen, resulting in the "blacked out" login screen and/or desktop.
When the login screen is black, you can often still access the normal Windows desktop, you just have to alt/tab through the various login screens:
When you first connect via RDC, there are two blanks you can tab through, the top one being the username (which should be Administrator, or, whatever you have set as your admin name), then, when you tab again, you will be in the password field. After entering the username and password, you should be able to Tab/Enter, and gain access to the system. If the system was just recently rebooted without warning, another screen (black) will pop up, asking why the server was rebooted. You can type anything here, and tab/enter again.
If the Windows desktop is also black, please open a ticket in Orbit and let us know, and technicians can log in locally and apply the following fix.
However, should you be able to navigate the desktop, simply perform the following:
1.) Again, this is caused by Windows running out of available space. The first thing you will need to do is clear an adequate amount of space on your system. If you do not have sufficient free space, Windows will soon overwrite any color changes you apply. Once you have cleared off space, proceed to step 2.
2.) Copy everything between the asterisks (not the asterisks themselves) into a notepad file on your desktop. Name it whatever you like, perhaps colorfix.Save the changes. Then, rename the file extension to .reg.
******
Windows Registry Editor Version 5.00
[HKEY_USERS\.DEFAULT\Control Panel\Colors]
"ActiveBorder"="212 208 200"
"ActiveTitle"="10 36 106"
"AppWorkSpace"="128 128 128"
"Background"="102 111 116"
"ButtonAlternateFace"="181 181 181"
ButtonDkShadow"="64 64 64"
"ButtonFace"="212 208 200"
"ButtonHilight"="255 255 255"
"ButtonLight"="212 208 200"
"ButtonShadow"="128 128 128"
"ButtonText"="0 0 0"
"GradientActiveTitle"="166 202 240"
"GradientInactiveTitle"="192 192 192"
"GrayText"="128 128 128"
"Hilight"="10 36 106"
"HilightText"="255 255 255"
"HotTrackingColor"="0 0 128"
"InactiveBorder"="212 208 200"
"InactiveTitle"="128 128 128"
"InactiveTitleText"="212 208 200"
"InfoText"="0 0 0"
"InfoWindow"="255 255 225"
"Menu"="212 208 200"
"MenuText"="0 0 0"
"Scrollbar"="212 208 200"
"TitleText"="255 255 255"
"Window"="255 255 255"
"WindowFrame"="0 0 0"
"WindowText"="0 0 0"
******
3.) Once again, ensure you have sufficient free space. Then, double-click on the registry file you created. This will enter the color changes into the system. Then, go ahead and choose Shutdown/Restart to have the system reboot.
4.) When the system has rebooted, you should have a normal login screen and desktop.
5.) In rare cases, the login screen will remain black. Unfortunately, there is no known way to address this in these cases, but luckily, the black login screen is only an annoyance, as it can be bypassed with the above information and some careful keypresses. However, once you pass this login screen, you should still have a regular Windows desktop. If not, you will need to double check that you have a good amount of space on the primary drive, and perhaps try reentering the registry changes as above.
How can I use Application Pools in IIS 6.0 to group together web sites?
Open Internet Information Services (IIS) Manager
- Expand the computer name
- Expand Application Pools
- Create a new application pool by right-clicking Application Pools and selecting New -> Application Pool
- Give the application pool a name. For instance, "HighResourceSites"
- Select "Use default settings for new application pool" - (you can customize it later)
- Click OK
To move a web site into this new application pool:
- Expand Web Sites
- Right-click on the respective web site, select Properties
- Click the Home Directory tab
- Near the bottom, change the Application Pool selection to "HighResourceSites"
- Click OK
What ways can I remotely administer IIS in Windows 2003 Server
How to Remotely Administer IIS by Using the Internet Information Services Manager
To remotely administer IIS over an intranet, use the Internet Information Services Manager. IIS 6.0 supports down-level remote administration with this tool. This means that you can use the Internet Information Services Manager on your server running IIS 6.0 to remotely connect to and administer an IIS 5.1-based server or an IIS 5.0-based server.
To use the Internet Information Services Manager, follow these steps:
1. On the IIS 6.0-based server, click Start, point to Administrative Tools, and then click Internet Information Services Manager.
2. On the standard toolbar, click the Add a computer to the list button. Or, you can click Connect on the Action menu.
The Connect To Computer dialog box appears.
3. In the Computer Name box, type the computer name that you want, and then click OK.
The computer is displayed under Internet Information Services (IIS) in the tree pane.
NOTE: If you do not have Transmission Control Protocol/Internet Protocol (TCP/IP) and a name resolution server such as Windows Internet Naming Service (WINS) installed, you may not be able to connect to an IIS computer by using the computer name. Alternatively, you can use the IP address of the IIS computer to which you want to connect.
4. Expand ComputerName, where ComputerName is the name of the computer that you added in step 3.
5. Use the Internet Information Services Manager to remotely manage IIS.
How to Remotely Administer IIS by Using Terminal Services
If you are an administrator, you can use Microsoft Terminal Services from any remote client computer over a network connection to remotely administer your IIS-based server. You do not have to install the Internet Information Services Manager on the remote client computer.
Terminal Services supports up-level administration. This means that you can remotely administer your server that is running IIS 6.0 by using a Terminal Services client from any computer running Microsoft Windows Server 2003, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows NT 4.0, or Microsoft Windows 98.
1. On a computer on which the Terminal Services client is installed, start the Terminal Services client, and then connect to the remote IIS-based computer.
2. From the Terminal Services Client window, administer IIS as if you were logged on to the computer locally. For example, click Start, point to Administrative Tools, and then click Internet Information Services Manager to start the Internet Information Services Manager.
How to Remotely Administer IIS by Using the Remote Administration (HTML)
Tool
With the Remote Administration (HTML) tool, you can manage IIS from a Web browser. With this tool, you can perform most of the administrative tasks that you can perform with the Internet Information Services Manager.
NOTE: You can only use the Remote Administration (HTML) tool to administer servers that are running IIS 6.0. You cannot use this tool to administer IIS 5.1 or earlier.
Turn On the Remote Administration (HTML) Tool
1. Click Start, point to Control Panel, and then click Add or Remove Programs.
2. Click Add/Remove Windows Components.
3. In the Components list, double-click Web Application Server and then double-click Internet Information Services (IIS).
4. Double-click World Wide Web Service.
5. Click to select the Remote Administration (HTML) check box, and then click OK.
6. Click OK, and then click Next.
7. When you are promoted, insert your Windows Server 2003 CD-ROM into the computer's CD-ROM drive or DVD-ROM drive.
8. Click Finish.
9. Click Start, point to Administrative Tools, and then click Internet Information Services Manager.
10. Expand ServerName, where ServerName is the name of your server, and then expand Web Sites.
11. Right-click Administration, and then click Properties.
12. Under Web Site Identification, record the numbers that are displayed in the TCP Port box and SSL Port boxes. For example, 8099 and 8098.
13. Click the Directory Security tab, and then click the Edit button under IP address and domain name restrictions.
14. In the IP Address and Domain Name Restriction dialog box that appears, do one of the following:
• Click Granted Access if you want to allow all computers to administer IIS remotely.
NOTE: If you want to maintain the highest level of security, Microsoft does not recommend that you allow all computers to administer IIS remotely.
-or-
• Click Denied Access (if it is not already selected), and then click Add. The Grant Access On dialog box appears. Under Type, do one of the following:
• Click Single computer.Type the IP address of the computer that you want in the IP Address box, and then click OK.
• Click Group of computers.Type the Network ID and the Subnet Mask of the group into the corresponding boxes, and then click OK.
• Click Domain name. Type the domain name that you want in the Domain Name box, and then click OK.
15. When you are finished granting access, click OK.
16. In the Administration Web Site Properties dialog box, click OK. If an Inheritance Overrides dialog box appears, click Select All to apply the new security settings to the child nodes, and then click OK.
17. Quit the Internet Information Services Manager.Use the Remote Administration (HTML) Tool
1. Start Microsoft Internet Explorer, and then type the host name of the Web server, followed by the port number that you recorded earlier in the SSL Port box, and then click Go.
For example, if you are on an intranet, and the SSL port number is 8098, type the following URL:https://Server Name:8098where ServerName is the name of the Web server.
NOTE: You are prompted for a user name and password that exist on the Web Server.2. The Remote Administration Tool is displayed in your browser window. Click the Administer this server link. You are prompted again for credentials if you chose not to save the password in the previous dialog box. There are many links and options to click and connect. Select the appropriate one the task that you want to perform on the Web Server.
How to turn off the Shutdown Event Tracker in Windows 2003?
If you have no use for the Shutdown Event Tracker, you can safely disable it.
To do so, open the Group Policy Object Editor Console. Click on Start, then Run, and type gpedit.msc and press OK.
Navigate to Computer Configuration > Administrative Templates > System, and in the right hand pane, select the “Display Shutdown Event Tracker” setting.
Double click this setting to open the Properties page. You are now given the option to leave it in a default state of Not Configured, or you can set it to Always Enabled, Enabled for Servers/Workstations (Windows XP Pro) or Disabled.
Note:When you enable the Group Policy for Server only, the Shutdown Event Tracker appears when you shut down a computer running Windows 2003, whereas for Workstation only, the Shutdown Event Tracker appears when a computer running Windows XP Professional is shut down.
After you make the change to the Group Policy, open the Command Prompt (Either through Start > Programs or Start > Run > cmd.exe) and run
gpupdate /force
to refresh the policy and have your settings be applied straight away. Alternatively, you can just restart the machine.
When you next attempt to shutdown or restart the machine, the Shutdown Event Tracker will no longer be visible and the normal shutdown prompt will appear.
How can I setup FTP in IIS such that users are in their home directory when they login?
When anonymous users view the FTP site, they can only view the contents of the root folder. Although they will see the names of the users' subfolders, however, they cannot examine their contents.
1. Create a user account for each of your users.
Note These users need to have the local log on permission. By default, new users belong to the built-in Users group, which has local log on permission.
2. Using the Windows NT Explorer, on a partition formatted with NTFS, give the FTP site's root folder the following security access types:
• Administrators: Full Control
• Everyone: Read
• System: Read
3. Create a subfolder for each user. (These subfolders will inherit the root folder's security settings). Make the following security changes:
• Remove the Everyone group.
• Change the System account's folder's access to Full Control (instead of Read).
• Add the user who will use that folder, and give that user Full Control access.
4. Configure the home page for the user. To do this, follow these steps:
a. In Control Panel, open Administrative Tools.
b. Double-click Computer Management.
c. Expand Local Users and Groups, click Users, right-click the user name, and then click Properties.
d. Click the Profile tab.
e. Make sure that Local path is selected under Home Folder, and then type the appropriate path in the Local path box. For example, type the path as d:\Ftp\FolderName.
Note The user name and the folder name must match. For example, if the user name is JoeUser, the FolderName should also be JoeUser. If the folder name is different, the user will see the same view that is available to Anonymous users. This view is the complete parent folder structure. The user is still denied access to folders to which they are not specifically granted NTFS permissions. However, the parent folder view may be undesirable.
I am getting the following error when I FTP into my server: "home directory inaccessible". How can I fix this?
The Standard fixes here are the user doesn't have read rights to the home directory he's setup for in IIS.
1. Download the "filemon" utility from http://www.sysinternals.com
2. Run the utility
3. Configure filter of this utility on the directory c:\inetpub
4. Try to log into ftp as user test (obviously after created)
5. Do a search for "Access Denied"
6. The utility shows the reason of the problem...inetinfo.exe is trying to open c:\inetpub\servers\1001\reallylongcomp\test instead of c:\inetpub\servers\1001\reallylongcomputername\test
I have installed IIS SMTP, but it does not appear in IIS Manager?
This is a known issue with IIS 5.0 and 6.0.
After the installation of the SMTP service on Windows Server 2000/2003, the SMTP tree may not appear in the IIS Manager console.
Click the "Start" button, then "Run…" and type:
regsvr32 %systemroot%system32inetsrvsmtpsnap.dll
Alternatively, %systemroot% can be replaced with the drive Windows Server 2003 is installed on (i.e. C:\Windows\ )
After the installation of the SMTP service on Windows Server 2000/2003, the SMTP tree may not appear in the IIS Manager console.
Click the "Start" button, then "Run…" and type:
regsvr32 %systemroot%system32inetsrvsmtpsnap.dll
Alternatively, %systemroot% can be replaced with the drive Windows Server 2003 is installed on (i.e. C:\Windows\ )
How do I configure Perl/CGI to work with IIS?
The following things are assumed:
1. You are running Windows Server 2003
2. IIS 6.0
3. You installed ActiveState ActivePerl (http://www.activestate.com) to C:\Perl
4. You are using default (unmodified) ACLs/Permissions
Load IIS from the Administrative tools in the Control Panel by clicking Start -> Administrative Tools -> IIS Manager (or loading the Control Panel, entering the Administrative Tools folder, and double clicking IIS Manager).
Click the name of your computer then click "Web Service Extensions", on the left side of the main frame you will see a green arrow pointing to a link that says "Add a new Web service extension...", click that link.
In that window, where it asks for the extension name you can put anything, like "CGI script" and under the "Required Files" section put the following in (without the apostrophes) 'C:\Perl\bin\perl.exe "%s" %s' click OK to the notification, click "Set status to allowed" and press ok.
Now, load up a command prompt (Start->Run... type cmd) and type (without the quotes) "md c:\inetpub\cgi-bin"
Back in the IIS Manager right click Default Web Site highlight "New" in the pop-up menu and click "Virtual Directory..." in the new menu
Click next to the first dialog in the wizard, then as a the alias put "cgi-bin" and click next then as a path for the next dialog put in "c:\inetpub\cgi-bin". On the next dialog leave everything checked and check execute and click next
Click Finish to end the wizard.
Now right-click cgi-bin and click properties
Click Configuration in the lower right-hand area of the dialog and make sure .pl is there (if it isn't, add it the way you see it)
To make your scripts work the shebang line (#!/usr/bin/perl) should now be #!C:\Perl\bin\perl.exe . Any reference to any files should be changed from /home/user etc, to c:/home/user or c:\\home\\users - note the double back-slashes.
Also, renaming your .cgi scripts to .pl is highly recommended
Assuming this is all done correctly, you should now be able to run your Perl scripts successfully using Windows Server 2003, and IIS 6.0
How can I schedule my Windows server to reboot automatically?
This can be done with the "psshutdown" utility. It can be downloaded from http://www.sysinternals.com/
Create a new directory on your server, named "C:psshutdown". Place psshutdown.exe into that directory.
Create a file named "shutdown_now.bat" in that same directory.
The file should only have one line:
C:\psshutdown\psshutdown.exe -r -f -c -t 10
The "10" represents the number of seconds to delay before actually rebooting.
To schedule the reboot for every Sunday at 11:00pm, type the following at a command prompt:
at 23:00 /every:su "C:psshutdownshutdown_now.bat"
Create a new directory on your server, named "C:psshutdown". Place psshutdown.exe into that directory.
Create a file named "shutdown_now.bat" in that same directory.
The file should only have one line:
C:\psshutdown\psshutdown.exe -r -f -c -t 10
The "10" represents the number of seconds to delay before actually rebooting.
To schedule the reboot for every Sunday at 11:00pm, type the following at a command prompt:
at 23:00 /every:su "C:psshutdownshutdown_now.bat"
How can I tell how many client computers are connected to my Web server?
Use the Web Service and Current Connections performance object. This counter measures the current number of active connections to the WWW service.
Open Performance Monitor: (Click Start -> Settings -> Control Panel -> Administrative Tools -> Performance)
Open Performance Monitor: (Click Start -> Settings -> Control Panel -> Administrative Tools -> Performance)
- Right-click the graph, select Add Counters
- Change the Performance Object to "Web Service"
- Highlight "Current Connections"
- Click OK
How do I add default documents to a website in IIS?
In IIS, right-click the Web Sites folder and choose Properties. You can specify additional default documents under the Documents tab.
How can I use CDONTS on my Windows 2003 Server?
Collaboration Data Objects (CDO) for Microsoft® Windows NT® Server (CDONTS) has been removed from Microsoft® Windows® Server 2003. If your Web applications use CDONTS, you can modify your code to use Collaboration Data Objects for Windows 2000 (CDOSYS), which are supported by Windows Server 2003. However, if you upgrade to Windows Server 2003, CDONTS remains on your server, because Cdonts.dll is not removed during an upgrade to Windows Server 2003. CDONTS is not installed when you perform a clean installation of Windows Server 2003, but if necessary, you can copy it to the computer running Windows Server 2003 and register it.
Procedures
To copy CDONTS to a computer running Windows Server 2003
1.On the source server, copy Cdonts.dll from the systemroot\system32 folder to a floppy disk.
2.On the target server, copy Cdonts.dll from the floppy disk to the folder systemroot\system32.
3.To register CDONTS, on the target server, in the Run dialog box, type cmd, and then click OK.
4.At the command prompt, change to the systemroot\system32 directory and then type:
regsvr32 %windir%system32cdonts.dll.
If the process is successful, the following message displays:
DllRegisterServer in cdonts.dll succeeded.
5.Click OK.
How can I use ASP to send mail using CDOSYS?
The Object (CDO.Message) has several properties and methods that you must know:
.From E-mail address of the sender
.To E-mail address of the recipient
.CC E-mail address of the CC recipient
.Subject Subject of the message
.TextBody Body of the message in plain text
.HTMLBody Body of the message in HTML
.Send Calling this method the message is sent
The following example is the simplest email you can send. As you can see it couldn't be easier..
.From E-mail address of the sender
.To E-mail address of the recipient
.CC E-mail address of the CC recipient
.Subject Subject of the message
.TextBody Body of the message in plain text
.HTMLBody Body of the message in HTML
.Send Calling this method the message is sent
The following example is the simplest email you can send. As you can see it couldn't be easier..
How do I password-protect a directory in IIS on my Windows server with a specific username and password?
1. Create the user:
Administrative Tools -> Computer Management
Expand Local Users and Groups
Right-click Users, select New User...
Fill in the appropriate fields, be sure to clear the box for \"User must change password at
next logon\".
Click Create
2. Remove anonymous access from the directory that you want to restrict:
Open Internet Information Services (IIS) Manager
Expand Web Sites
Expand the respective web site
Right-click on the directory you want to restrict, select Properties
Click the Directory Security tab
Click the Edit... button
Clear the check for Enable anonymous access
Make sure only Integrated Windows authentication is selected
3. Set the NTFS permissions on the directory:
Within IIS Manager, right-click on the web site name.
Select Open
Right-click on the directory that you\'re restricting, select Properties
Click the Security tab
Click the Add... button
Type the username that you created earlier, click OK
Make sure at least Read & Execute permissions are selected for the user
Click OK until all windows are closed
How do I install Python on my Windows server?
Download and run the installer for the most recent stable release. This can be found at python.org. Read their FAQ for more information
http://www.python.org/doc/faq/windows.html
http://www.python.org/doc/faq/windows.html
How do I create a system DSN on my Windows server?
1. Click Start, point to Control Panel, double-click Administrative Tools, and then double-click Data Sources(ODBC).
2. Click the System DSN tab, and then click Add.
3. Click the database driver that corresponds with the database type to which you are connecting, and then click Finish.
4. Type the data source name. Make sure that you choose a name that you can remember. You will need to use this name later.
5. Click Select.
6. Click the correct database, and then click OK.
7. Click OK, and then click OK.
2. Click the System DSN tab, and then click Add.
3. Click the database driver that corresponds with the database type to which you are connecting, and then click Finish.
4. Type the data source name. Make sure that you choose a name that you can remember. You will need to use this name later.
5. Click Select.
6. Click the correct database, and then click OK.
7. Click OK, and then click OK.
How can I utilize the functionality of mod_rewrite on my Windows server?
Mod Rewrite is a very powerful tool that is included with Apache. Unfortunately,this functionality is not included with IIS. You can however, emulate it, with asimple addition to your server.
ISAPI_Rewrite, is basically a port of mod_rewrite, for use with IIS. You can readmore about it at the official website: http://www.isapirewrite.com/
ISAPI_Rewrite, is basically a port of mod_rewrite, for use with IIS. You can readmore about it at the official website: http://www.isapirewrite.com/
How do I connect to my MySQL server remotely?
This will entirely depend upon the client that you are using to connect with. There are onlytwo things you will need to ensure work for proper functionality. First, you will need to findout if the client you are using supports connections over TCP/IP. Second, you will have toadd a host to your mysql user, to allow connections from the host you are using.
This can be done from within a mysql command prompt like so:
mysql> GRANT ALL PRIVILEGES ON mydatabase.* TO 'myuser'@'myclientip' IDENTIFIED BY 'mypassword';
mysql> FLUSH PRIVILEGES;
How do you remove entries from the Remote Desktop Connection Computer box?
Removing Entries in the Windows Remote Desktop Connection Client.
To remove entries from the Remote Desktop Connection Computer box in the Windows Remote Desktop Connection client, start Registry Editor, and then click the following registry key:
HKEY_CURRENT_USERSoftwareMicrosoftTerminal Server ClientDefault
Entries appear as MRUnumber, and are visible in the right pane. To delete an entry, right-click it, and then click Delete.
Close the registry editor.
To remove entries from the Remote Desktop Connection Computer box in the Windows Remote Desktop Connection client, start Registry Editor, and then click the following registry key:
HKEY_CURRENT_USERSoftwareMicrosoftTerminal Server ClientDefault
Entries appear as MRUnumber, and are visible in the right pane. To delete an entry, right-click it, and then click Delete.
Close the registry editor.
I want to upgrade my IIS 5 server to IIS 6. How do I?
You can't upgrade to IIS 6 without upgrading from Windows 2000 to Windows 2003 server. It is easy to think that Microsoft enforces this rule arbitrarily and could allow you to install IIS 6 on Windows 2000 with just a few bits of code changed, but that is not so. IIS 6 is a complete overhaul and is not an "add on program" like Microsoft Office that can be installed on several platforms. It includes integration with new features, accounts, and drivers that do not exist in Windows 2000 and cannot exist without a sizeable overhaul of the operating system. The good news is that IIS 6 is a much, much better web server than it would be if it could be installed on Windows 2000. The bad news is that you have to upgrade to Windows 2003 Server to get it.
Why do I get the error "Directory Listing Denied" when attempting to view my webpage?
If you get the following error, Default Documents needs to be configured, or Directory Browsing needs to be enabled for the directory.
Directory Listing Denied
This Virtual Directory does not allow contents to be listed.
Your main (index) page should usually be named "index.htm", "index.html", or "default.htm". If one of these files exists, and you're still getting the error, check the following:
Open Internet Information Services (IIS) Manager.
Expand the respective web site.
Right-click on the directory that is giving this error (if it's the main URL, just right-click on the web site), select Properties.
Select the Documents tab, check the box for "Enable default content page"
Click the Add button, and add the index page that you're trying to browse to.
Directory Listing Denied
This Virtual Directory does not allow contents to be listed.
Your main (index) page should usually be named "index.htm", "index.html", or "default.htm". If one of these files exists, and you're still getting the error, check the following:
Open Internet Information Services (IIS) Manager.
Expand the respective web site.
Right-click on the directory that is giving this error (if it's the main URL, just right-click on the web site), select Properties.
Select the Documents tab, check the box for "Enable default content page"
Click the Add button, and add the index page that you're trying to browse to.
Terminal Server has reached maximum connections allowed
On the client computer goto start then run and type "mstsc /console" and login to the server.
This will connect you to the console session of Windows Server 2003. If there is an error when you run mstsc /console, you must upgrade your termnial server clientto version 5.1
On the server, goto start, then administrative tools, and finally terminal server manager. This will show you who is logged into the server. You can then right click ona user and select disconnect or reset.
After you disconnect the other connection, you may close your connection, and log back in.
This will connect you to the console session of Windows Server 2003. If there is an error when you run mstsc /console, you must upgrade your termnial server clientto version 5.1
On the server, goto start, then administrative tools, and finally terminal server manager. This will show you who is logged into the server. You can then right click ona user and select disconnect or reset.
After you disconnect the other connection, you may close your connection, and log back in.
Is it possible to hide the identity of my Web servers by removing or revising the banner information that is returned with a request?
Yes, you can use an ISAPI filter to hide banner information. For example, you can write a custom ISAPI filter, or you can install the UrlScan security tool. UrlScan contains the RemoveServerHeader feature, which removes or alters the identity of the server from the "Server" response header in the response to the client. IIS 6.0 does not include the RemoveServerHeader feature because it offers no real security benefit. Most server attacks are not operating system-specific. Also, it is possible to detect the identity of a server and information about the operating system by mechanisms that do not depend on the server header.
IIS 6.0 will not serve my .shtml files. How can I fix this?
You must verify two configuration options to ensure that IIS 6.0 serves .shtml files. Because a .shtml file contains server-side directives, Server Side Includes must be set to "Allowed" in the IIS Manager Web Service Extensions node. In addition, if the default document on your Web site contains the .shtml extension, the file name and extension must be added to the default content page list on the Documents tab of the Web site Properties page.
Is it possible to configure IIS to save log entries in local time?
No. The standard outlined in the W3C Extended format specification dictates that W3C Extended logging use Coordinated Universal Time (UTC).
IIS is not listening on all IP Addresses
There is a registry key which allows IIS to only listen on specific ip addresses:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\ListenOnlyList
You can remove this key, and this will set it by default to listen on all ip addresses.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\ListenOnlyList
You can remove this key, and this will set it by default to listen on all ip addresses.
My server is running out of disk space. How do I compress a directory and its contents?
1. Using Explorer or My Computer select a drive
2. Right click on a directory and choose Properties
3. Select the "Compress" check box and click "Apply"
4. You will be asked if you want to compress subdirectories, click OK
5. Click OK to exit
You can also use the command-line utility "compact.exe". For example, if you want to compress the directory C:\weblogs and all of its contents, open a command prompt and type the following:
compact /C /S:C:\weblogs
To view all options of the compact.exe utility, type:
compact /help
Is it possible to run the Backup Utilities from the command line in Plesk for Windows?
Unfortunately it is impossible with the current version of Backup Utilities. However, you can use this trick:
Unfortunately it is impossible with the current version of Backup Utilities. However, you can use this trick:
2) The configuration of scheduled backup will be saved into file
%plesk_dir%\backup\backup_schedule.psc
3) To use this configuration file run the following command from the command line:
%plesk_bin%\backup.exe --config-file %plesk_dir%\backup\backup_schedule.psc
Plesk backup will be run in background mode.
Unfortunately it is impossible with the current version of Backup Utilities. However, you can use this trick:
2) The configuration of scheduled backup will be saved into file
%plesk_dir%\backup\backup_schedule.psc
3) To use this configuration file run the following command from the command line:
%plesk_bin%\backup.exe --config-file %plesk_dir%\backup\backup_schedule.psc
Plesk backup will be run in background mode.
What is the easiest way to find out when my server was last rebooted?
Click Start -> Run
Type: command
Click OK
Type: net statistics server
The line that begins with "Statistics since..." contains the last boot time for the server.
Type: command
Click OK
Type: net statistics server
The line that begins with "Statistics since..." contains the last boot time for the server.
Where can I find the latest Windows Remote Desktop Connection software?
Follow this link, download and install the new version of the RDC software. This is the client-side application for Windows XP.
http://www.microsoft.com/downloads/details.aspx?familyid=80111f21-d48d-426e-96c2-08aa2bd23a49&displaylang=en
Instructions
1. Click the Download button in the upper right-hand corner of the page to start the download, or choose a different language from the drop-down list and click Go.
2. Do one of the following:
* To start the installation immediately, click Open or Run this program from its current location.
* To copy the download to your computer for installation at a later time, click Save or Save this program to disk.
http://www.microsoft.com/downloads/details.aspx?familyid=80111f21-d48d-426e-96c2-08aa2bd23a49&displaylang=en
Instructions
1. Click the Download button in the upper right-hand corner of the page to start the download, or choose a different language from the drop-down list and click Go.
2. Do one of the following:
* To start the installation immediately, click Open or Run this program from its current location.
* To copy the download to your computer for installation at a later time, click Save or Save this program to disk.
Why do I keep getting asked to install the Windows Update ActiveX Control?
It some cases, after installing Patch 896688, when browsing windowsupdate.microsoft.com the server is reported as not having the Windows Update ActiveX control installed.
Additionally, you are not prompted to install the ActiveX control no matter what the ActiveX settings are within IE.
Step 1: BACKUP THE REGISTRY
Step 2: Create the file OLE_fix.reg with the following contents:
Code:
REGEDIT4
[HKEY_CLASSES_ROOT\CLSID\{0000031A-0000-0000-C000-000000000046}]@="ClassMoniker"
[HKEY_CLASSES_ROOT\CLSID\{0000031A-0000-0000-C000-000000000046}\InprocServer32]@="ole32.dll"
[HKEY_CLASSES_ROOT\CLSID\{0000031A-0000-0000-C000-000000000046}\ProgID]@="clsid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\CLSID]@="{0000031A-0000-0000-C000-000000000046}"
Step 3: Merge OLE_fix.reg into the registry (double click or Right Click->Merge)
Additionally, you are not prompted to install the ActiveX control no matter what the ActiveX settings are within IE.
Step 1: BACKUP THE REGISTRY
Step 2: Create the file OLE_fix.reg with the following contents:
Code:
REGEDIT4
[HKEY_CLASSES_ROOT\CLSID\{0000031A-0000-0000-C000-000000000046}]@="ClassMoniker"
[HKEY_CLASSES_ROOT\CLSID\{0000031A-0000-0000-C000-000000000046}\InprocServer32]@="ole32.dll"
[HKEY_CLASSES_ROOT\CLSID\{0000031A-0000-0000-C000-000000000046}\ProgID]@="clsid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\CLSID]@="{0000031A-0000-0000-C000-000000000046}"
Step 3: Merge OLE_fix.reg into the registry (double click or Right Click->Merge)
Why does my computer tell me I can't open a file that I know I should be able to access?
Windows 2000 and Windows 2003 both include the Encrypted File System (EFS).If you have NTFS permissions to a file that another user has encrypted, you will receive an "access is denied" error.
To determine whether a file is encrypted, perform the following steps to enable the view attributes option in Windows Explorer:
1. Start Windows Explorer.
2. From the View menu, select Details.
3. Select the Attributes option, and click OK.
If a file has an E attribute, that file is encrypted. Only the user who encrypted the file or the recovery agent user can decrypt the file.
Subscribe to:
Posts (Atom)
