space
Contents Detailed Contents Index Previous Next

CHAPTER 10:

Configuring Registry Entries


The configuration Registry stores values that define the working environment for the Windows NT operating system and any services installed on the Windows NT Workstation computer. Usually, to change these values, you use graphical tools, such as Control Panel, Windows NT Setup, or Internet Service Manager. Windows NT Workstation also includes a utility, the Registry Editor (Regedt32.exe), which you can use to inspect and modify the configuration Registry directly.

Microsoft Peer Web Services are configured by using Internet Service Manager. The services also use several additional configuration parameters in the Registry not configured by using Internet Service Manager. Parameters are either specific to a service or are global to Peer Web Services and all services.

Wherever possible, you should use Internet Service Manager to make changes to your Peer Web Services settings. For a Registry change to take effect, you must restart the service affected by the change. For global entries you must restart all services.

See the following sections for entries in this chapter. They show the values used by the Peer Web Services:

 
The following sections help you configure the Registry for your specific needs:

 
Before you modify the Registry, it is strongly recommended that you read Part IV of Windows NT Resource Guide (found in the Microsoft Windows NT Resource Kit). This part of the book describes in detail how to use and change parameters in the Registry.



Caution   Using Registry Editor incorrectly can cause serious problems, including corruption that may make it necessary to reinstall Windows NT or Microsoft Peer Web Services. Using the Registry Editor to edit entries in the Registry is equivalent to editing raw sectors on a hard disk. If you make mistakes, your computer’s configuration could be damaged. You should edit Registry entries only for settings that you cannot adjust through the user interface, and be very careful whenever you edit the Registry directly.

TOP Global Registry Entries

These parameters are used for global control of the Microsoft Peer Web Services.

Registry Path:

HKEY_LOCAL_MACHINE\SYSTEM
 \CurrentControlSet
  \Services
   \InetInfo
    \Parameters

LogFileBatchSize REG_DWORD
Range: 0 - 0xFFFFFFFF
Default: 64*1024 (64 KB)
Specifies the batch size for writing a log file. The server caches the last LogFileBatchSize bytes of data in memory buffers before it dumps the current buffer to disk. Such batch processing reduces the amount of disk traffic created by log files. In some instances, you may need to reduce the time between writing the buffer to disk. To change the default setting you must add this value to the key using the new setting.

ObjectCacheTTL REG_DWORD
Range: 0 - x7FFFFFFF, or 0xFFFFFFFF
Default: 30
This Registry entry controls the Time To Live (TTL) setting, which defines the length of time that objects are held in cached memory. If an object in the memory cache has not been referenced for the defined period, that object will be phased out of the cache. If system memory is limited or the server's contents are dynamic, you can use a lower TTL to prevent system memory from being used to cache a large number of volatile objects. Setting the value to 0xFFFFFFFF disables the object-cache scavenger and allows cached objects to remain in the cache until they are overwritten. Disabling the cache is useful if your server has ample system memory and your data is relatively static.


TOP Service-Specific Registry Entries with Common Names

These parameters are stored in the Registry by service, for service-specific behavior, but have the same name.

Registry Path:

HKEY_LOCAL_MACHINE\SYSTEM
 \CurrentControlSet
  \Services
   \ServiceName
    \Parameters

where ServiceName is

MSFTPSVC FTP Service
GOPHERSVC gopher Service
W3SVC WWW Service

AdminName REG_SZ
Range: String
Default: Administrator
Specifies the user-friendly administrator name. gopher service uses this name to send back responses for gopher plus queries. This parameter also serves as a way of identifying who administers a service.

AdminEmail REG_SZ
Range: String
Default: Admin@corp.com
Specifies the e-mail address for the administrator of a particular service. gopher service uses this name to send back responses for gopher plus queries.

ServerComment REG_SZ
Range: String
Default: ""
Specifies a user-friendly comment for a service. This information is used to add a configurable comment in Internet Service Manager.

AllowAnonymous REG_DWORD
Range: 0, 1
Default: 1
Specifies if an anonymous user should be allowed to connect and make a request to the server. By convention, most Internet services allow anonymous connections to gain access to files.

AnonymousOnly REG_DWORD
Range: 0, 1
Default: 0
Specifies if only anonymous connections are permitted. If set to 1, only anonymous connections are permitted (especially true of FTP service). To change the default setting, you must add this value to the key using the new setting.

AnonymousUserName REG_SZ
Range: String
Default: Guest
Specifies the name of the local user account to use for anonymous users. All server actions associate a username and password with the action. This parameter should not be changed in the Registry. You must change this parameter by using Internet Service Manager so that the appropriate password can also be set. The password is stored in protected area in the Registry.

ConnectionTimeOut REG_DWORD
Range: 0-0xFFFFFFFF
Default: 600 seconds
Specifies the time the server should maintain a connection when there is no activity.

DefaultLogonDomain REG_SZ
Range: string
Default: domainname
This value contains the default logon domain, so the user will not have to type the domain name when logging on to the server. You must define this domain for each service. The default value is the name of the computer where the Peer Web Services has been installed.

LogonMethod REG_DWORD
Range: 0, 1
Default: 0
This value specifies the logon method for clear-text logons. A value of 0 means users must have the right to log on locally to be given access to the server. A value of 1 means that users must have the right to log on as a batch job.

LogAnonymous REG_DWORD
Range: 0, 1
Default: 1
Controls whether a log record should be written for anonymous connections. If set to 0, no log records are written for anonymous connections.

LogNonAnonymous REG_DWORD
Range: 0, 1
Default: 1
Controls whether a log record should be written for non-anonymous connections. If set to 0, no log records are written for non-anonymous connections. Only the FTP and WWW services have non-anonymous user support.

LogFileDirectory REG_EXPAND_SZ
Range: String
Default: %systemroot%\system32\logfiles
Specifies the directory in which log files are to be stored. Each service generates a log record for each request processed.

LogFilePeriod REG_DWORD
Range: 0,1,2,3
Default: 1
Specifies the type of log files to be produced where
0 = No period. Each log file is limited by size specified in LogFileTruncateSize.
1 = Open a new log file each day
2 = Open a new log file every week
3 = Open a new log file every month

LogFileTruncateSize REG_DWORD
Range: 0-0xFFFFFFFF
Default: 4,000,000,000 bytes
Specifies the maximum size of each log file generated. Once the specified size is reached, the logging module automatically opens a new log file. A value of 0 means "do not truncate."

LogSuccessfulRequests REG_DWORD
Range: 0, 1
Default: 1
Determines whether or not to record successful activities in the log file. The value 1 logs successful activities, and 0 turns it off.

LogErrorRequests REG_DWORD
Range: 0, 1
Default: 1
Determines whether or not to record errors in the log file. The value 1 turns error logging on, and 0 turns it off.

LogType REG_DWORD
Range: 0, 1
Default: 1
Specifies the type of logging. The type specifies the destination of log files where
0 = No logging
1 = Log to files

MaxConnections REG_DWORD
Range: 0 - 0xFFFFFFFF
Default: 1000
Specifies maximum number of simultaneous connections that server allows at any given time. When the number of current connections exceeds this value, the service rejects the request. A friendly message can be sent to the client refused access.

WWW Service Registry Entries

In addition to the parameters listed in “Service-Specific Registry Entries with Common Names,” the WWW service maintains the following parameters.

Registry Path:

HKEY_LOCAL_MACHINE\SYSTEM
 \CurrentControlSet
  \Services
   \W3SVC
    \Parameters

AcceptByteRanges REG_DWORD
Range: 0, 1
Default: 1, enabled
The value determines whether the HTTP server will process the "Range" header for type "bytes:". If enabled, the server will signal that it is accepting range requests by sending the "Accept-Range: bytes" header field, and will process an incoming request specifying a "Range: bytes=" header field according to the Internet draft "Byte range extension to HTTP".

AllowGuestAccess REG_DWORD
Range: 0, 1
Default: 1, enabled
This flag specifies whether Guest logons are allowed for the WWW service. When a new user logs on, the server checks to see if the user is logged on as aWindows NT guest user. For a Guest connection, based on the value of this flag, the WWW service either rejects or accepts the new connection. Allowing Guest access has been known to cause problems in a poorly managed site.
Under the default installation of Windows NT systems, the Guest account is granted permissions for all types of access on the system. Because this default could easily compromise security, you should turn this switch off by changing the value to 0.

AllowSpecialCharsInShell REG_DWORD
Range: 0, 1
Default: 0, disabled
This value controls whether the Cmd.exe special characters (such as &) are allowed on the command line when running batch files (.bat and .cmd files). These special characters can pose a serious security risk. If the value of this entry is set to 1, malicious users can execute random commands on the server. Therefore, it is highly recommended to leave this setting as 0, the default.

CacheExtensions REG_DWORD
Range: 0-1
Default: 0x1
Specifies whether Internet Server API (ISAPI) extensions are cached in memory. If set to 0, ISAPI extensions are not cached. See the ISAPI documentation for more information.

CheckForWAISDB REG_DWORD
Range: 0, 1
Default: 0
The WWW Service uses the Wide Area Information Server (WAIS) Toolkit to support Web-based searches. Microsoft does not provide the WAIS Toolkit. This flag is used to specify if search is supported and if the service should check for WAIS Toolkit. If set to 0, the service does not support searches and does not look for WAIS Toolkit. If set to 1, then the service supports searches if Waislook.exe is installed in the system.

CreateProcessAsUser REG_DWORD
Range: 0-1
Default: 1
For CGI scripts, by default the server runs the script in the context of the user making the request by using the Win32 CreateProcessAsUser API. If you set this flag to 0, CGI scripts will be started with the CreateProcess API and the scripts will run in the system context. This has serious security implications because CGI scripts will have much greater access to the system then they normally would have.

CreateProcessWithNewConsole REG_DWORD
Range: 0, 1
Default: 0, disabled
By default, CGI scripts are run in a detached process. If you want to run CGI scripts in a process with a new console, for example, when input/output redirection is in the script, change this setting to 1. The process will then be created using the CREATE_NEW_CONSOLE flag.

Note Creating a new console for each CGI script has serious performance implications and should not be changed unless slower performance is acceptable.

Default Load File REG_SZ
Range: String
Default: Default.htm
Specifies the file to return to a client if no file is included in a client’s request.

Dir Browse Control REG_DWORD  
Range: see the explanation paragraph
Default: 0x4000001e
Specifies both the display attributes of directory browsing and whether the Default Load File is used. the value used here is arrived at by "Oring" (adding) the hexidecimal values of the attributes listed below. The first four digits of the specified value controls whether directory browsing is enabled and whether the default file is enabled. For example, the default setting 0x4000001e has directory browsing disabled but the default file is loaded. To enable directory browsing, you would add the value 0x80000000 to the default setting 0x4000001e, resulting in the value 0xc000001e. To control browsing attributes, you would modify the last four digits. For example, to show only the date of files you could use the value 0xc0000002.

 
  Behavior Value

  Load Default File 0x40000000
  Directory browsing enabled 0x80000000
  Browsing Attributes  
  Show Date 0x00000002
  Show Time 0x00000004
  Show Size 0x00000008
  Show Extension 0x00000010
  Display long date 0x00000020

Filter DLLs REG_SZ
Range: String
Default: sspifilt.dll
Comma-separated list of ISAPI filter DLLs.

GlobalExpire REG_DWORD
Range: 0x0-unlimited (seconds)
Default: 0xffffffff
Specifies the time in seconds that files will be considered valid. This value is used by the server in the expires header (using Greenwich Mean Time [GMT] time) to indicate to clients how long a static file is valid. This is typically set to 0x0, to prevent the files on the server from being cached by proxies or clients.

NTAuthenticationProviders REG_SZ
Range: String
Default: NTLM
Lists possible Windows NT authentication schemes returned to clients. Peer Web Services provides the default NTLM scheme enabled in the WWW Service property sheet. Third parties may provide alternate Windows NT authentication schemes in the future.

ReturnURLUsingHostName REG_DWORD
Range: 0, 1
Default: 0
When the address of the server is returned to the client, the host name field is returned if it has been filled in. If the host name field has not been filled out, this setting controls whether the IP address (0, the default) or the host name (1) is returned. To fill in a host name, configure TCP/IP in the Network applet in Control Panel. Click the DNS tab, and type a name in the Host Name box.

ScriptTimeout REG_DWORD
Range: 0x1-0x80000000
Default: 0x384
Specifies the maximum time the WWW service will wait for a response from CGI scripts.

SecurePort REG_DWORD
Range: 0x0-0xfa00
Default: 0x1bb
Specifies the TCP port to use for SSL.

ServerSideIncludesEnabled REG_DWORD
Range: 0x0-0x1
Default: 0x1
Set to 0x1, this value enables the use of Include files to permit including repetitive information in files.

ServerSideIncludesExtension REG_SZ
Range: String
Default: .stm
Specifies the file extension for files that will use Include statements.


TOP FTP Service Registry Entries

In addition to the parameters listed in “Service-Specific Registry Entries with Common Names,” the FTP service maintains the following parameters.

Registry Path:

HKEY_LOCAL_MACHINE\SYSTEM
 \CurrentControlSet
  \Services
   \FTPSVC
    \Parameters

EnablePortAttack REG_DWORD
Range: 0, 1
Default: 0
This parameter is set by default to prevent a security problem in the FTP protocol specification. The FTP service specification allows passive connections to be established based on the port address given by client. This can allow hackers to execute destructive commands in the FTP service. The problem occurs when the FTP service connects using a port other than FTP Data port (20) and port number is less than IP_PORT_RESERVED (1024). EnablePortAttack controls if such an attack should be allowed. By default, the service does not make any connections to port numbers lower than IP_PORT_RESERVED (other than 20). If you want to users to connect using other ports as specified in the FTP RFC, this flag should be enabled.

ExitMessage REG_SZ
Range: String
Default: ""
FTP Service sends back an exit message when a client sends a quit command. This string specifies the exit message sent.

GreetingMessage REG_MULTI_SZ
Range: String
Default: ""
When a new user connects to the FTP Server, the server can send a friendly welcome message detailing contents and administrative information. This string (multiple lines) specifies the message to use for greeting the new client connections.

MaxClientsMessage REG_SZ
Range: String
Default: ""
When the current connection exceeds the MaxConnections specified for the service, the service can send a friendly message to clients. This message is a single-line message.

AccessCheck REG_DWORD
Range: any
Default: any
Used for access check of incoming user connection. The server impersonates the logged-on user and attempts to open the Registry key for read and write. If the key does not exist, then read and write permissions are granted. If the key exists, then based on the access permission on the Registry key, read and write permissions are granted to the user. This feature is useful for servers that publish content on a FAT volume and hence do not have the rich security features of NTFS. This is not a recommended approach to provide security because of poor manageability and performance. To enable this feature, you must add this value to the key using the appropriate access settings.

AllowGuestAccess REG_DWORD
Range: 0, 1
Default 1
Specifies if guest logons are permitted for FTP service. When a new user logs on, the server checks to see if the user is logged on as WIndows NT user with guest permissions. For a guest connection, based on the value of this entry, the FTP service either rejects or accepts the new connection. Permitting Guest access has been known to create problems in poorly managed sites. Under default installation of Windows NT systems, Guest is granted permissions for many types of access on the system. It is recommended that administrators do not permit access by using the Guest account. To change the default setting to "no access using the Guest account" you must add this value to the key using the new setting.

AnnotateDirectories REG_DWORD
Range: 0, 1
Default: 0 (FALSE)
FTP service supports annotating a directory with custom messages. The annotation text is stored in a special file named ~ftpsvc~.ckm in the directory to be annotated. If this file exists in the target directory of a Change Directory (CWD) FTP operation, then the service responds with the contents of this file for the operation. This provides a way for administrators to add custom messages for directories under consideration. By default the service is configured to not send annotation text. If you choose to add a custom message, the annotation file should be created as well as setting this value to 1. Also, it is recommended you make the annotation file a hidden file so that the file does not show up on a directory listing.

MsdosDirOutput REG_DWORD
Range: 0, 1
Default: 1 (TRUE)
Specifies the style of directory output for a LIST operation from an FTP client. If the value is set to 1, the service generates a MS-DOS-style directory listing. If the value is set to 0, the service generates an UNIX-style listing. Some clients will not display MS-DOS-style listings. For this reason you should consider setting this value to 0. UNIX style listings consume more CPU time.

LowercaseFiles REG_DWORD
Range: 0, 1
Default: 0 (FALSE)
The FTP service uses the native case for filenames (how the filenames are stored in file system). However, in order for exact comparisons with case-sensitive file systems to work, it may be necessary to ensure that proper filenames are used. Administrators can add this value to ensure that the service uses lowercase for such comparisons.


TOP Gopher Service Registry Entries

In addition to the parameters listed in “Service-Specific Registry Entries with Common Names,” the gopher service maintains the following parameters.

Registry Path:

HKEY_LOCAL_MACHINE\SYSTEM
 \CurrentControlSet
  \Services
   \GOPHERSVC
    \Parameters

CheckForWAISDB REG_DWORD
Range: 0, 1
Default: 0
The gopher service uses the WAIS Toolkit to support gopher-based searches. Microsoft does not provide the WAIS Toolkit. This flag is used to specify if search is supported and if the service should check for WAIS Toolkit. If set to 0, the service does not support searches and does not look for WAIS Toolkit. If set to 1, then the service supports searches if Waislook.exe is installed in the system.


TOP Setup Registry Entries

The Peer Web Services creates the following parameters during setup. These values are used by the Setup program after initial setup to determine the current configuration of your Peer Web Services. Note that multiple Registry paths are included in this section.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  INetMgr

InstalledBy REG_SZ
Range: INetStp
Default: INetStp
The presence of this entry indicates that Peer Web Services is installed.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  INetMgr
   \Parameters

MajorVersion REG_DWORD
Range: 1
Default: 1
Indicates the major version number, for example, the 2 in version 2.0.

MinorVersion REG_DWORD
Range: 1-9
Default: 0
Indicates the minor version number, for example, the 0 in version 2.0.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  INetMgr
   \Parameters
    \AddOnServices

FTP REG_SZ
Range: string
Default: fscfg.dll
Defines the configuration DLL used by the FTP service.

Gopher REG_SZ
Range: string
Default: gscfg.dll
Defines the configuration DLL used by the gopher service

WWW REG_SZ
Range: string
Default: w3scfg.dll
Defines the configuration DLL used by the WWW service.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  INetStp

AnonymousUser REG_SZ
Range: String
Default: IUSR_computername
Specifies the anonymous user account created during setup.

InstallPath EG_SZ
Range: String
Default: c:\inetsrv
Specifies the installation location for Peer Web Services.

MajorVersion REG_DWORD
Range: 1
Default: 1
Indicates the major version number, for example, the 2 in version 2.0.

MinorVersion REG_DWORD
Range: 1-9
Default: 0
Indicates the minor version number, for example, the 0 in version 2.0.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  INetStp
   Help
The presence of this entry indicates that Help is installed.

HKEY_LOCAL_MACHINE\SOFTWARE
 \Microsoft
  \INetExplore

InstalledBy REG_SZ
Range: INetStp
Default: INetStp
The presence of this entry indicates that Internet Explorer is installed.


TOP Server MIME Mapping

If your server provides files that are in multiple formats, you must configure your server’s Multiple Internet Mail Extensions (MIME) mapping to ensure your server maps the file type correctly when returning the file to remote browsers. If MIME mapping on the server is not set up for a specific file type, browsers may not be able to retrieve the file. Over 100 MIME mappings are installed by default.

»&#nbsp;&#nbsp; To configure additional MIME mappings

<mime type>,<filename extension>,,<gopher type>

text/html,htm,,1

image/jpeg,jpeg,,5

 


TOP Associating Interpreters with Applications (Script Mapping)

With filename-extension mapping, you can map filename extensions to the proper program to run files with those extensions. The file extensions shown below are preinstalled.

.bat or .cmd=C:\WINNT35\System32\cmd.exe /c %s %s

.idc=c:\Inetsrv\Server\Httpodbc.dll

For other filename extensions, you must edit the information in the the Windows NT Registry.

In the .bat example above, the first %s is the mapped URL (that is, E:\Webroot\Scripts\Test.bat). The second %s represents the parameters to the URL (in other words, the query string; the second %s is used only if an equals sign is not found).

Thus you can reference URLs like:

/scripts/test.bat?This+is+a+search

/scripts/bugs.idc?Assign=Johnl

»&#nbsp;&#nbsp; To configure additional script mappings

 


TOP Adding Virtual Directories by Using the Registry

You should use Internet Service Manager to manage your virtual directories. You can, however, add or modify virtual directories by using Regedt32.exe.

»&#nbsp;&#nbsp; To add virtual directories using the Registry:

 



Note   Virtual directories will not appear in directory listings (also called directory browsing for the WWW service). To access a virtual directory users must know the virtual directory’s alias, and type the URL address in their browser. For the WWW service, you can also create links in HTML pages. For the gopher, service you can create explicit links in tag files for users to access virtual directories. For the FTP service, you can list virtual directories using directory annotations.


Contents Detailed Contents Index Previous Top Next

© 1996 by Microsoft Corporation. All rights reserved.