Previous Page Index Next Page Microsoft Home Page

Return to Start Page



Preparing the Platform

iThis section provides procedures for preparing the platform on which ILS will run. You must prepare the platform before you run Setup to ensure that your platform client and server components are working. The section includes an overview of the preparation process and procedures for preparing the platform.

As with any server product, ILS has its complexities. These complexities can best be learned through experience using the product. The following diagram shows an appropriate first platform configuration. Each ILS component, such as the ILS server, runs on its own computer. i

Undisplayed Graphic


Important iBefore installing ILS, it is strongly recommended that you read Chapter 1, "Introducing Internet Locator Server," and Chapter 2, "ILS Fundamentals," including the platform and software architecture sections. If you do not read Chapter 2, you may miss some concepts that are critical to installation.


Preparing the platform for ILS involves the following general process:

  1. Design the initial system.
  2. Gather the necessary hardware and software.
  3. Establish a test network environment.
  4. Install and configure the basic platform on that test network, including companion software products.
  5. Test and troubleshoot the platform to ensure that it is in good working order.

The remainder of this chapter explains each phase of this process in detail.

Before You Begin

iiiThis section describes the hardware and software you must install before setting up ILS. The following are platform requirements for the multiple-server configuration.

iiii

Minimum Hardware and Software Requirements

ILS requires the same minimum configuration as Microsoft Windows NT Server version 4.0 and Microsoft Internet Information Server, as described in the following table.

Category

Requirement

Server hardware

32-bit x86-compatible microprocessor (such as Intel 80486/25 or higher), Intel Pentium, or supported RISC-based microprocessor, such as the Digital Alpha.

Software

Windows NT Server version 4.0 with Service Pack 1 and Internet Information Server version 3.0.

Memory

Minimum 16 megabytes (MB) of RAM for x86 systems (32 MB recommended).

Minimum 32 MB of RAM for RISC-based systems.

Quantitative tests have been conducted on the search portion of ILS. In addition, most development was completed in an environment using the following configurations:

iii

Client Requirements for Testing Setup

For administration and testing purposes, your site should include a client computer with the following software:

iiii

Example of a Large-Scale Server Setup

This section describes a sample large-scale hardware and software configuration for a one-hundred-thousand-member ILS RAM database.

ILS Server

ii

Connectivity Requirements

Before you set up the ILS software, plan the network configuration of all the ILS servers. As with any other Internet service, issues of performance, scalability, reliability, and security affect the connectivity between these computers across the Internet, wide area network (WAN), or local area network (LAN). Some important considerations include:

iiiiiiii

Setting Up and Configuring the Platform

Before you begin setting up ILS, check to make sure that platform software is properly installed and configured.

iiiiiii

Setting Up Windows NT and IIS

iEach server and the administrative client must have the Windows NT Server version 4.0 operating system optimized as a server. Install Windows NT on each computer as instructed in the Microsoft Windows NT documentation.

In Windows NT Server Setup, give each computer a name that reflects the primary function of that server. For example, you might name your ILS server "ILS01."


Note   Write down the names you give to your servers; you will need to specify these names when you set up ILS.


The LDAP and ILS services communicate with the Internet through IIS version 3.0 with Active Server Pages script processing. This version of IIS is included with Windows NT 4.0 with Service Pack 1 and must be installed on the ILS server with the World Wide Web service.

iiiiiii

Setting Up Accounts, Rights, and Permissions

ILS uses the Windows NT security model as the standard and foundation for setting up accounts, rights, and privileges. This section explains how to set up the Windows NT user accounts.

iiiiiii

Setting Windows NT Administration Privileges

iThe individuals installing ILS and performing certain ILS administrative tasks must have Windows NT Server Administrator privileges on each ILS server. The architecture of ILS requires that administrative privileges and remote logon accounts be consistent across all computers.

ILS uses NTLM security for communication between the client and an ILS server. These accounts are created during the setup process described in "Setting Up and Configuring ILS" later in this chapter.

iiii

Membership System Authentication

Designed for large-scale commercial Internet service providers, the Microsoft Membership System (MBS) provides authentication, access control, and billing.

For information about setting up the Membership System, see the Microsoft Membership System documentation.

iiiiii

Configuring IIS Accounts for Use with ILS

The Internet Information Server Setup program creates a user account in the computer’s Windows NT domain and sets Anonymous Logon in each of the IIS services to that user account. Internet users access ILS through this anonymous account. Client access to your Windows NT domain is determined by the rights assigned to the anonymous account.

The default account has local guest rights and the following:


Note   The password is used only within the Windows NT security system. Anonymous users do not log on by using a username and password.


iiii

Extended Security

iILS supports LDAP Secure Sockets Layer (SSL) through port 636. Any SSL configured client can open an SSL connection to the ILS server through this port. After you have installed ILS, you can use Microsoft Internet Service Key Manager to create a new key and add a certificate for SSL. After you create the new key, submit it to your certification authority. When you receive a valid key certificate, you then import into Key Manager to associate it with the key you created earlier.

For more information about SSL, as well as instructions on using Key Manager, see the documentation for Microsoft Internet Information Server version 3.0.

iThe ILS server is set up by default to handle the following two SSPI security packages: NTLM (Windows Challenge/Response ) and DPA (Distributed Password Authentication). The NTAuthorizationProviders registry key contains the values DPA and NTLM. To fully enable the DPA package, you must install Microsoft Membership System (MBS) and make sure that the DPA setting is first in the list of authentication providers in the NTAuthenticationProviders registry key.

For information about setting up Microsoft Membership System, see the Membership System documentation.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LDAPSVC\Parameters \NTAuthenticationProviders

For information about editing registry keys, see the Microsoft Windows NT Server documentation.


Important Editing registry keys affects the service at a very fundamental level. Make sure that you are familiar with the functionality of editing registry key values.


iii

Confirming That the Platform Is Functioning

Before setting up ILS, check the hardware, software, and companion products to make sure that they are correctly set up. In particular, check the following:

iiiiiiiii

Troubleshooting the Platform

If all configurations are correct, bringing up a small network of Windows NT 4.0 servers should be straightforward. If you have trouble, consider the following troubleshooting steps:

Previous Page Index Next Page Microsoft Home Page

Return to Start Page


© 1996-1997 Microsoft Corporation. All rights reserved.