Exchange SQL And IIS- P161 docx
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (416.39 KB, 5 trang )
Get Started with IIS 7.0’s Confi guration • Chapter 15 777
■
<globalModules> This section contains the collection of global modules on the server.
All global modules are written in native code, such as C\C++.
■
<modules> This section contains the collection of modules that are written in a
supported .NET language such as C# or VB.NET. Native modules written in C\C++ can
also reside here as well.
■
<sites> This section contains the collection of site defi nitions. The ApplicationHost.
confi g fi le has two main section groups:
■
system.applicationHost This group contains all settings for activation, such as the list of
application pools, logging settings, listeners, and sites. It can be defi ned only at the global
level, and only Windows systems administrators can edit it.
■
system.webServer This group contains sections for the Web server—for example, a list of
modules and ISAPI fi lters, ASP, CGI, and others. Most of the sections in the
ApplicationHost.confi g fi le are under this section group. Settings in this section group can
also be set in individual web.confi g fi les. Two notable sections within the system.webServer
section group of the ApplicationHost.confi g fi le are <globalModules> and <modules>.
Figure 15.1 applicationHost.confi g
778 Chapter 15 • Get Started with IIS 7.0’s Confi guration
XML 101: The Basics of Confi guration in IIS 7.0
There are some fundamental things that everyone needs to understand to succeed in using
IIS 7.0. The IIS 7.0 confi guration offers a great number of ways to edit confi guration, none more
useful yet unforgiving than your favorite text editor. In this section, we will spend a little time
helping you become familiar with how the XML structure works in IIS 7.0. We will also discuss how
to confi gure each of the different types of data.
For those familiar with the .NET confi g fi les and how they are laid out, some of this will be a
review. The .confi g fi les used with IIS 7.0 are text fi les using the XML structure. Any of the .confi g
fi les can be edited using any text editor such as Notepad in Windows. XML is easy to read but case
sensitive, making it very strict and easy to make mistakes when you are making changes. You must
keep this in mind when working with .confi g fi les. While discussing the XML structure in IIS 7.0,
we’ll examine the ApplicationHost.confi g fi le.
An understanding of section groups, sections, and location tags is vital to correctly edit the
ApplicationHost.confi g fi le. First a section is a basic unit of deployment, registration, locking,
searching and containment of confi guration settings. Every section belongs to one section group,
known as the immediate parent. The section group contains related sections and is used solely for the
purpose of a structured hierarchy. No operations can be done on section groups. They cannot have
direct confi guration settings. You cannot create a section group and then begin putting confi guration
settings directly underneath them without the use of sections. Also, section groups can be nested,
whereas sections cannot.
Because most sections are locked down by default, the recommended way to unlock them is by
using tags. In IIS 7.0, you use a location tag. A location tag unlocks the section for the location that it
specifi es. In Figure 15.2 we see an example of a location tag, multiple section groups, and sections
from the ApplicationHost.confi g fi le. As we just mentioned location tags can be used to unlock
sections; in Figure 15.2 the location tag has unlocked all sections under the <system.webServer>
section group; therefore, the settings under the <security> section group, such as the “access” section
can be modifi ed.
Get Started with IIS 7.0’s Confi guration • Chapter 15 779
IIS 7.0 supports distributed confi guration, which creates a unifi ed hierarchy merged from multiple
sources. Here is how it works: Values contained in the ApplicationHost.confi g and web.confi g fi les are
merged into an effective result for each possible URL. Those familiar with the security in NTFS can
think of fi les inheriting rights from their parent directory and any directory above that establishing
effective rights. The same principle applies to distributed confi guration in IIS 7.0. Figure 15.3 is a
graphical representation of the distributed confi guration and hierarchy in IIS 7.0.
Figure 15.2 ApplicationHost.confi g Hierarchy
780 Chapter 15 • Get Started with IIS 7.0’s Confi guration
For instance, let’s say that you are the site administrator (not the Windows administrator) for
Web site 2. Your site has a link to a directory full of old Excel spreadsheets. People who use your site
simply click this link on the Web page, and then the directory with all the Excel spreadsheets comes
up. To allow this action, you must change the behavior of IIS 7.0. As the site administrator you can do
this by creating your own web.confi g fi le that enables directory browsing, as shown in Figure 15.4.
After you’ve deployed the new web.confi g fi le, users can now see the directory with all the Excel
spreadsheets.
Figure 15.3 Distributed Confi guration and Hierarchy
Get Started with IIS 7.0’s Confi guration • Chapter 15 781
How is this possible? As the site administrator you can do this because the overrideModeDefault for
the directoryBrowse setting in the ApplicationHost.confi g fi le is set to Allow (see Figure 15.5). This
setting enables this feature to be delegated to developers or lower level administrators and allows
them to change the behavior of IIS 7.0 without having to be system administrators. Reexamining
Figure 15.3 shows us again how the new hierarchy in IIS 7.0 works. Notice that changes can be
made at all levels, but changes can also be blocked at certain points, or for that matter, all levels in the
case of denying a feature in the ApplicationHost.confi g fi le.
Figure 15.4 Sample web.confi g File
