The configuration Registry stores values that define the working environment for the Windows NT operating system and any services installed on the Windows NT Workstation computer. Usually, to change these values, you use graphical tools, such as Control Panel, Windows NT Setup, or Internet Service Manager. Windows NT Workstation also includes a utility, the Registry Editor (Regedt32.exe), which you can use to inspect and modify the configuration Registry directly.
Microsoft Peer Web Services are configured by using Internet Service Manager. The services also use several additional configuration parameters in the Registry not configured by using Internet Service Manager. Parameters are either specific to a service or are global to Peer Web Services and all services.
Wherever possible, you should use Internet Service Manager to make changes to your Peer Web Services settings. For a Registry change to take effect, you must restart the service affected by the change. For global entries you must restart all services.
See the following sections for entries in this chapter. They show the values used by the Peer Web Services:
The following sections help you configure the Registry for your specific needs:
Before you modify the Registry, it is strongly recommended that you read Part IV of Windows NT Resource Guide (found in the Microsoft Windows NT Resource Kit). This part of the book describes in detail how to use and change parameters in the Registry.
These parameters are used for global control of the Microsoft Peer Web Services.
Registry Path:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\InetInfo
\Parameters
LogFileBatchSize | REG_DWORD |
Range: 0 - 0xFFFFFFFF Default: 64*1024 (64 KB) |
Specifies the batch size for writing a log file. The server caches the last LogFileBatchSize bytes of data in memory buffers before it dumps the current buffer to disk. Such batch processing reduces the amount of disk traffic created by log files. In some instances, you may need to reduce the time between writing the buffer to disk. To change the default setting you must add this value to the key using the new setting. |
ObjectCacheTTL | REG_DWORD |
Range: 0 - x7FFFFFFF, or 0xFFFFFFFF Default: 30 |
This Registry entry controls the Time To Live (TTL) setting, which defines the length of time that objects are held in cached memory. If an object in the memory cache has not been referenced for the defined period, that object will be phased out of the cache. If system memory is limited or the server's contents are dynamic, you can use a lower TTL to prevent system memory from being used to cache a large number of volatile objects. Setting the value to 0xFFFFFFFF disables the object-cache scavenger and allows cached objects to remain in the cache until they are overwritten. Disabling the cache is useful if your server has ample system memory and your data is relatively static. |
These parameters are stored in the Registry by service, for service-specific behavior, but have the same name.
Registry Path:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\ServiceName
\Parameters
where ServiceName is
MSFTPSVC | FTP Service |
GOPHERSVC | gopher Service |
W3SVC | WWW Service |
AdminName | REG_SZ |
Range: String Default: Administrator |
Specifies the user-friendly administrator name. gopher service uses this name to send back responses for gopher plus queries. This parameter also serves as a way of identifying who administers a service. |
AdminEmail | REG_SZ |
Range: String Default: Admin@corp.com |
Specifies the e-mail address for the administrator of a particular service. gopher service uses this name to send back responses for gopher plus queries. |
ServerComment | REG_SZ |
Range: String Default: "" |
Specifies a user-friendly comment for a service. This information is used to add a configurable comment in Internet Service Manager. |
AllowAnonymous | REG_DWORD |
Range: 0, 1 Default: 1 |
Specifies if an anonymous user should be allowed to connect and make a request to the server. By convention, most Internet services allow anonymous connections to gain access to files. |
AnonymousOnly | REG_DWORD |
Range: 0, 1 Default: 0 |
Specifies if only anonymous connections are permitted. If set to 1, only anonymous connections are permitted (especially true of FTP service). To change the default setting, you must add this value to the key using the new setting. |
AnonymousUserName | REG_SZ |
Range: String Default: Guest |
Specifies the name of the local user account to use for anonymous users. All server actions associate a username and password with the action. This parameter should not be changed in the Registry. You must change this parameter by using Internet Service Manager so that the appropriate password can also be set. The password is stored in protected area in the Registry. |
ConnectionTimeOut | REG_DWORD |
Range: 0-0xFFFFFFFF Default: 600 seconds |
Specifies the time the server should maintain a connection when there is no activity. |
DefaultLogonDomain | REG_SZ |
Range: string Default: domainname |
This value contains the default logon domain, so the user will not have to type the domain name when logging on to the server. You must define this domain for each service. The default value is the name of the computer where the Peer Web Services has been installed. |
LogonMethod | REG_DWORD |
Range: 0, 1 Default: 0 |
This value specifies the logon method for clear-text logons. A value of 0 means users must have the right to log on locally to be given access to the server. A value of 1 means that users must have the right to log on as a batch job. |
LogAnonymous | REG_DWORD |
Range: 0, 1 Default: 1 |
Controls whether a log record should be written for anonymous connections. If set to 0, no log records are written for anonymous connections. |
LogNonAnonymous | REG_DWORD |
Range: 0, 1 Default: 1 |
Controls whether a log record should be written for non-anonymous connections. If set to 0, no log records are written for non-anonymous connections. Only the FTP and WWW services have non-anonymous user support. |
LogFileDirectory | REG_EXPAND_SZ |
Range: String Default: %systemroot%\system32\logfiles |
Specifies the directory in which log files are to be stored. Each service generates a log record for each request processed. |
LogFilePeriod | REG_DWORD |
Range: 0,1,2,3 Default: 1 |
Specifies the type of log files to be produced where 0 = No period. Each log file is limited by size specified in LogFileTruncateSize. 1 = Open a new log file each day 2 = Open a new log file every week 3 = Open a new log file every month |
LogFileTruncateSize | REG_DWORD |
Range: 0-0xFFFFFFFF Default: 4,000,000,000 bytes |
Specifies the maximum size of each log file generated. Once the specified size is reached, the logging module automatically opens a new log file. A value of 0 means "do not truncate." |
LogSuccessfulRequests | REG_DWORD |
Range: 0, 1 Default: 1 |
Determines whether or not to record successful activities in the log file. The value 1 logs successful activities, and 0 turns it off. |
LogErrorRequests | REG_DWORD |
Range: 0, 1 Default: 1 |
Determines whether or not to record errors in the log file. The value 1 turns error logging on, and 0 turns it off. |
LogType | REG_DWORD |
Range: 0, 1 Default: 1 |
Specifies the type of logging. The type specifies the destination of log files where 0 = No logging 1 = Log to files |
MaxConnections | REG_DWORD |
Range: 0 - 0xFFFFFFFF Default: 1000 |
Specifies maximum number of simultaneous connections that server allows at any given time. When the number of current connections exceeds this value, the service rejects the request. A friendly message can be sent to the client refused access. |
In addition to the parameters listed in Service-Specific Registry Entries with Common Names, the WWW service maintains the following parameters.
Registry Path:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\W3SVC
\Parameters
AcceptByteRanges | REG_DWORD |
Range: 0, 1 Default: 1, enabled |
The value determines whether the HTTP server will process the "Range" header for type "bytes:". If enabled, the server will signal that it is accepting range requests by sending the "Accept-Range: bytes" header field, and will process an incoming request specifying a "Range: bytes=" header field according to the Internet draft "Byte range extension to HTTP". |
AllowGuestAccess | REG_DWORD |
Range: 0, 1 Default: 1, enabled |
This flag specifies whether Guest logons are allowed for the WWW service. When a new user logs on, the server checks to see if the user is logged on as aWindows NT guest user. For a Guest connection, based on the value of this flag, the WWW service either rejects or accepts the new connection. Allowing Guest access has been known to cause problems in a poorly managed site. Under the default installation of Windows NT systems, the Guest account is granted permissions for all types of access on the system. Because this default could easily compromise security, you should turn this switch off by changing the value to 0. |
AllowSpecialCharsInShell | REG_DWORD |
Range: 0, 1 Default: 0, disabled |
This value controls whether the Cmd.exe special characters (such as &) are allowed on the command line when running batch files (.bat and .cmd files). These special characters can pose a serious security risk. If the value of this entry is set to 1, malicious users can execute random commands on the server. Therefore, it is highly recommended to leave this setting as 0, the default. |
CacheExtensions | REG_DWORD |
Range: 0-1 Default: 0x1 |
Specifies whether Internet Server API (ISAPI) extensions are cached in memory. If set to 0, ISAPI extensions are not cached. See the ISAPI documentation for more information. |
CheckForWAISDB | REG_DWORD |
Range: 0, 1 Default: 0 |
The WWW Service uses the Wide Area Information Server (WAIS) Toolkit to support Web-based searches. Microsoft does not provide the WAIS Toolkit. This flag is used to specify if search is supported and if the service should check for WAIS Toolkit. If set to 0, the service does not support searches and does not look for WAIS Toolkit. If set to 1, then the service supports searches if Waislook.exe is installed in the system. |
CreateProcessAsUser | REG_DWORD |
Range: 0-1 Default: 1 |
For CGI scripts, by default the server runs the script in the context of the user making the request by using the Win32 CreateProcessAsUser API. If you set this flag to 0, CGI scripts will be started with the CreateProcess API and the scripts will run in the system context. This has serious security implications because CGI scripts will have much greater access to the system then they normally would have. |
CreateProcessWithNewConsole | REG_DWORD |
Range: 0, 1 Default: 0, disabled |
By default, CGI scripts are run in a detached process. If you want to run CGI scripts in a process with a new console, for example, when input/output redirection is in the script, change this setting to 1. The process will then be created using the CREATE_NEW_CONSOLE flag. Note Creating a new console for each CGI script has serious performance implications and should not be changed unless slower performance is acceptable. |
Default Load File | REG_SZ |
Range: String Default: Default.htm |
Specifies the file to return to a client if no file is included in a clients request. |
Dir Browse Control | REG_DWORD | |
Range: see the explanation paragraph Default: 0x4000001e |
Specifies both the display attributes of directory browsing and whether the Default Load File is used. the value used here is arrived at by "Oring" (adding) the hexidecimal values of the attributes listed below. The first four digits of the specified value controls whether directory browsing is enabled and whether the default file is enabled. For example, the default setting 0x4000001e has directory browsing disabled but the default file is loaded. To enable directory browsing, you would add the value 0x80000000 to the default setting 0x4000001e, resulting in the value 0xc000001e. To control browsing attributes, you would modify the last four digits. For example, to show only the date of files you could use the value 0xc0000002. |
|
Behavior | Value |
|
Load Default File | 0x40000000 | |
Directory browsing enabled | 0x80000000 | |
Browsing Attributes | ||
Show Date | 0x00000002 | |
Show Time | 0x00000004 | |
Show Size | 0x00000008 | |
Show Extension | 0x00000010 | |
Display long date | 0x00000020 |
Filter DLLs | REG_SZ |
Range: String Default: sspifilt.dll |
Comma-separated list of ISAPI filter DLLs. |
GlobalExpire | REG_DWORD |
Range: 0x0-unlimited (seconds) Default: 0xffffffff |
Specifies the time in seconds that files will be considered valid. This value is used by the server in the expires header (using Greenwich Mean Time [GMT] time) to indicate to clients how long a static file is valid. This is typically set to 0x0, to prevent the files on the server from being cached by proxies or clients. |
NTAuthenticationProviders | REG_SZ |
Range: String Default: NTLM |
Lists possible Windows NT authentication schemes returned to clients. Peer Web Services provides the default NTLM scheme enabled in the WWW Service property sheet. Third parties may provide alternate Windows NT authentication schemes in the future. |
ReturnURLUsingHostName | REG_DWORD |
Range: 0, 1 Default: 0 |
When the address of the server is returned to the client, the host name field is returned if it has been filled in. If the host name field has not been filled out, this setting controls whether the IP address (0, the default) or the host name (1) is returned. To fill in a host name, configure TCP/IP in the Network applet in Control Panel. Click the DNS tab, and type a name in the Host Name box. |
ScriptTimeout | REG_DWORD |
Range: 0x1-0x80000000 Default: 0x384 |
Specifies the maximum time the WWW service will wait for a response from CGI scripts. |
SecurePort | REG_DWORD |
Range: 0x0-0xfa00 Default: 0x1bb |
Specifies the TCP port to use for SSL. |
ServerSideIncludesEnabled | REG_DWORD |
Range: 0x0-0x1 Default: 0x1 |
Set to 0x1, this value enables the use of Include files to permit including repetitive information in files. |
ServerSideIncludesExtension | REG_SZ |
Range: String Default: .stm |
Specifies the file extension for files that will use Include statements. |
In addition to the parameters listed in Service-Specific Registry Entries with Common Names, the FTP service maintains the following parameters.
Registry Path:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\FTPSVC
\Parameters
EnablePortAttack | REG_DWORD |
Range: 0, 1 Default: 0 |
This parameter is set by default to prevent a security problem in the FTP protocol specification. The FTP service specification allows passive connections to be established based on the port address given by client. This can allow hackers to execute destructive commands in the FTP service. The problem occurs when the FTP service connects using a port other than FTP Data port (20) and port number is less than IP_PORT_RESERVED (1024). EnablePortAttack controls if such an attack should be allowed. By default, the service does not make any connections to port numbers lower than IP_PORT_RESERVED (other than 20). If you want to users to connect using other ports as specified in the FTP RFC, this flag should be enabled. |
ExitMessage | REG_SZ |
Range: String Default: "" |
FTP Service sends back an exit message when a client sends a quit command. This string specifies the exit message sent. |
GreetingMessage | REG_MULTI_SZ |
Range: String Default: "" |
When a new user connects to the FTP Server, the server can send a friendly welcome message detailing contents and administrative information. This string (multiple lines) specifies the message to use for greeting the new client connections. |
MaxClientsMessage | REG_SZ |
Range: String Default: "" |
When the current connection exceeds the MaxConnections specified for the service, the service can send a friendly message to clients. This message is a single-line message. |
AccessCheck | REG_DWORD |
Range: any Default: any |
Used for access check of incoming user connection. The server impersonates the logged-on user and attempts to open the Registry key for read and write. If the key does not exist, then read and write permissions are granted. If the key exists, then based on the access permission on the Registry key, read and write permissions are granted to the user. This feature is useful for servers that publish content on a FAT volume and hence do not have the rich security features of NTFS. This is not a recommended approach to provide security because of poor manageability and performance. To enable this feature, you must add this value to the key using the appropriate access settings. |
AllowGuestAccess | REG_DWORD |
Range: 0, 1 Default 1 |
Specifies if guest logons are permitted for FTP service. When a new user logs on, the server checks to see if the user is logged on as WIndows NT user with guest permissions. For a guest connection, based on the value of this entry, the FTP service either rejects or accepts the new connection. Permitting Guest access has been known to create problems in poorly managed sites. Under default installation of Windows NT systems, Guest is granted permissions for many types of access on the system. It is recommended that administrators do not permit access by using the Guest account. To change the default setting to "no access using the Guest account" you must add this value to the key using the new setting. |
AnnotateDirectories | REG_DWORD |
Range: 0, 1 Default: 0 (FALSE) |
FTP service supports annotating a directory with custom messages. The annotation text is stored in a special file named ~ftpsvc~.ckm in the directory to be annotated. If this file exists in the target directory of a Change Directory (CWD) FTP operation, then the service responds with the contents of this file for the operation. This provides a way for administrators to add custom messages for directories under consideration. By default the service is configured to not send annotation text. If you choose to add a custom message, the annotation file should be created as well as setting this value to 1. Also, it is recommended you make the annotation file a hidden file so that the file does not show up on a directory listing. |
MsdosDirOutput | REG_DWORD |
Range: 0, 1 Default: 1 (TRUE) |
Specifies the style of directory output for a LIST operation from an FTP client. If the value is set to 1, the service generates a MS-DOS-style directory listing. If the value is set to 0, the service generates an UNIX-style listing. Some clients will not display MS-DOS-style listings. For this reason you should consider setting this value to 0. UNIX style listings consume more CPU time. |
LowercaseFiles | REG_DWORD |
Range: 0, 1 Default: 0 (FALSE) |
The FTP service uses the native case for filenames (how the filenames are stored in file system). However, in order for exact comparisons with case-sensitive file systems to work, it may be necessary to ensure that proper filenames are used. Administrators can add this value to ensure that the service uses lowercase for such comparisons. |
In addition to the parameters listed in Service-Specific Registry Entries with Common Names, the gopher service maintains the following parameters.
Registry Path:
HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet
\Services
\GOPHERSVC
\Parameters
CheckForWAISDB | REG_DWORD |
Range: 0, 1 Default: 0 |
The gopher service uses the WAIS Toolkit to support gopher-based searches. Microsoft does not provide the WAIS Toolkit. This flag is used to specify if search is supported and if the service should check for WAIS Toolkit. If set to 0, the service does not support searches and does not look for WAIS Toolkit. If set to 1, then the service supports searches if Waislook.exe is installed in the system. |
The Peer Web Services creates the following parameters during setup. These values are used by the Setup program after initial setup to determine the current configuration of your Peer Web Services. Note that multiple Registry paths are included in this section.
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
INetMgr
InstalledBy | REG_SZ |
Range: INetStp Default: INetStp |
The presence of this entry indicates that Peer Web Services is installed. |
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
INetMgr
\Parameters
MajorVersion | REG_DWORD |
Range: 1 Default: 1 |
Indicates the major version number, for example, the 2 in version 2.0. |
MinorVersion | REG_DWORD |
Range: 1-9 Default: 0 |
Indicates the minor version number, for example, the 0 in version 2.0. |
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
INetMgr
\Parameters
\AddOnServices
FTP | REG_SZ |
Range: string Default: fscfg.dll |
Defines the configuration DLL used by the FTP service. |
Gopher | REG_SZ |
Range: string Default: gscfg.dll |
Defines the configuration DLL used by the gopher service |
WWW | REG_SZ |
Range: string Default: w3scfg.dll |
Defines the configuration DLL used by the WWW service. |
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
INetStp
AnonymousUser | REG_SZ |
Range: String Default: IUSR_computername |
Specifies the anonymous user account created during setup. |
InstallPath | EG_SZ |
Range: String Default: c:\inetsrv |
Specifies the installation location for Peer Web Services. |
MajorVersion | REG_DWORD |
Range: 1 Default: 1 |
Indicates the major version number, for example, the 2 in version 2.0. |
MinorVersion | REG_DWORD |
Range: 1-9 Default: 0 |
Indicates the minor version number, for example, the 0 in version 2.0. |
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
INetStp
Help
The presence of this entry indicates that Help is installed. |
HKEY_LOCAL_MACHINE\SOFTWARE
\Microsoft
\INetExplore
InstalledBy | REG_SZ |
Range: INetStp Default: INetStp |
The presence of this entry indicates that Internet Explorer is installed. |
If your server provides files that are in multiple formats, you must configure your servers Multiple Internet Mail Extensions (MIME) mapping to ensure your server maps the file type correctly when returning the file to remote browsers. If MIME mapping on the server is not set up for a specific file type, browsers may not be able to retrieve the file. Over 100 MIME mappings are installed by default.
<mime type>,<filename extension>,,<gopher type>
text/html,htm,,1image/jpeg,jpeg,,5
With filename-extension mapping, you can map filename extensions to the proper program to run files with those extensions. The file extensions shown below are preinstalled.
.bat or .cmd=C:\WINNT35\System32\cmd.exe /c %s %s
.idc=c:\Inetsrv\Server\Httpodbc.dll
For other filename extensions, you must edit the information in the the Windows NT Registry.
In the .bat example above, the first %s is the mapped URL (that is, E:\Webroot\Scripts\Test.bat). The second %s represents the parameters to the URL (in other words, the query string; the second %s is used only if an equals sign is not found).
Thus you can reference URLs like:
/scripts/test.bat?This+is+a+search
/scripts/bugs.idc?Assign=Johnl
3. Type the filename extension used for your scripts.
4. In the String editor, type the full path to the interpreter used with that script.
5. Restart the WWW service.
You should use Internet Service Manager to manage your virtual directories. You can, however, add or modify virtual directories by using Regedt32.exe.
where <service> is W3SVC, GOPHERSVC, or MSFTPSVC
3. Type the alias name for your directory and click the OK button.
4. In the String editor, type the full path to the virtual directory.
© 1996 by Microsoft Corporation. All rights reserved.