Dwayne,
This is what I had to do last summer with 14.3....
- Tim
-----Original Message-----
From: L-Soft PreSales Consulting / Ben Parker
[mailto:[log in to unmask]]
Sent: Wednesday, June 15, 2005 4:04 PM
To: Timothy D Newcomb
Cc: [log in to unmask]
Subject: Re: Installing LISTSERV www interface (Win2003/IIS6)
On Wed, 15 Jun 2005 14:22:34 -0500, "Timothy D Newcomb"
<[log in to unmask]>
wrote:
>I have found that the link to scripts/wa.exe still asks me to download,
>but now I can get into everything through the web interface...server
>mgmt, list mgmt, etc.....
>I ended up changing the name of the wwwroot directory, removing all the
>website setup including the exe extension stuff. It all seems to be
>working now...
The attached paper offers an alternative setup method with a slightly
different directory structure.
>Note: In your instructions for Setting and Checking Listserv www
>interface permissions, updated August 18, 2004
>
>Under the "Set IIS Management Permissions"
>
>You state "... Select Default Web Site
>Find and Select 'Scripts'
>Right click
>Click on properties
>The first tab up should say "Virtual Directory'..."
>
>This is not true according to your install procedure in the
>document...the scripts directory is not virtual,
It should be virtual, as this directory is not created by a normal
installation of W2003. i.e. it needs to be manually added. But it
might have been added for some other application.
>and the radio button
>will NOT say 'A directory located on this computer' but rather 'The
>Designated Directory'
Yes, that would be an indication that the directory exists for some
other application.
>
>
>
>Finally,
>
>I would like to use a separate database for the lists and list
>memberships that will actually be coming from a MS SQL server db.
What do you mean a separate database? LISTSERV does not need/use a
database on its own. It can be connected to a database and can store
subscriber information in a database if desired, but there are some
limitations.
>I can
>set up the ODBC, but are there any special considerations ? Is this in
>more detail in the manual ?
See LISTSERV Developers Guide Manual Chap 4
http://www.lsoft.com/manuals/1.8e/developer/developer.pdf
Setting and Checking LISTSERV www interface permissions.
Windows 2003 /IIS 6.x
(Alternate Method, dirs in LISTSERV Tree)
Last Updated: Feb 18, 2005
Copyright 2005 L-Soft international Inc. All Rights Reserved
------------------------------------------------
These instructions apply to
Windows 2003 (any SP)
Internet Information Server IIS 6.x
These instructions are generally similar for Windows NT 4.0/IIS 4.0 or
Windows 2000/IIS 5.0 but nomenclature of some setup menu buttons may be
slightly different. If you would like a copy of our separate paper(s) on
either NT 4.0/IIS 4 or W2000/IIS5 please ask.
--------------------------------------
Create Additional Required Directories
--------------------------------------
Stop LISTSERV, if currently running.
After the normal installation of LISTSERV make the following additional
directories if they do not already exist. Note, the directory names below
are the defaults specified or chosen in a default installation. If you have
chosen not to use these defaults, then you must make any necessary
transpositions. The Drive letter is shown as x:\ because we have no idea
which drive you install LISTSERV and IIS on. IIS defaults to installing on
C: on most cases, but not all. Please make appropriate substitutions where
necessary.
x:\LISTSERV\LISTS (parent directory for list message archive files)
x:\LISTSERV\WWW (parent directory for LISTSERV www 'root' dir)
x:\LISTSERV\WWW\ARCHIVES (this will be LISTSERV www 'root' dir)
x:\LISTSERV\WWW\ARCHIVES\UPLOAD (this dir is required)
x:\LISTSERV\WWW\SCRIPTS (where LISTSERV wa.exe cgi script will run)
In site.exe (LISTSERV Site Configuration Utility)
Click Advanced configuration button
Click Web Archives button (3 fill-in lines are shown)
top line of 3 (where LISTSERV can run scripts)
x:\LISTSERV\WWW\SCRIPTS (you can 'browse' to find this dir)
middle line of 3 (relative URL)
/scripts/wa.exe
(note if installing on a port other than 80, you must enter full URL:
http://listserv.example.com:8080/scripts/wa.exe)
bottom line of 3 (where LISTSERV will place its files)
x:\LISTSERV\WWW\ARCHIVES
click OK
Verify that site.exe copies the WA.EXE to the x:\LISTSERV\WWW\SCRIPTS
directory. If not, then copy it manually from x:\LISTSERV\MAIN\wa.exe.
Do not start LISTSERV yet.
---------------------------------------
Set NTFS File and directory permissions
---------------------------------------
(Note, the 'Everyone' user is fundamentally unsecure and
should have no place in a properly secured NTFS file system.)
Security settings as below are most easily set or checked using the
Windows Explorer program. First Select the desired Directory. Then
Right-Click on 'Properties', then choose the 'Security' Tab.
IF the IUSR-* user (or Administrators Group or SYSTEM user) is not present
you will need to click the Add... button. Searching for Local_Machine
IUSR_* user is significantly different in Windows 2003 from previously in
Windows 2000 and NT 4, and is beyond the scope of this paper.
x:\LISTSERV\ (and all subdirs or child directories)
Administrators Full Control
System Full Control
x:\LISTSERV\LISTS (and all subdirs or child directories)
Administrators Full Control
System Full Control
IUSR_* READ (anonymous user guest account for your machine)
x:\LISTSERV\WWW\ARCHIVES (and all subdirs or child directories)
Administrators Full Control
System Full Control
IUSR_* READ (anonymous user guest account for your machine)
x:\LISTSERV\WWW\SCRIPTS
Administrators Full Control
System Full Control
IUSR_* READ & EXECUTE (anonymous user guest account for machine)
x:\LISTSERV\WWW\ARCHIVES\UPLOAD
Administrators Full Control
System Full Control
IUSR_* READ & WRITE (anonymous user guest account for machine)
(Note this is the ONLY directory where the IUSR_* account needs 'WRITE'
permissions. In IIS6, the IUSR_* account typically has WRITE-DENY
permissions on all directories.)
Now start LISTSERV.
Look in the x:\LISTSERV\WWW\ARCHIVES directory.
There you should see several files, including DEFAULT.WWWTPL, HEADER.HTML,
TRAILER.HTML, INDEX.HTML, and DEFAULT.HTM (more files may also be there,
but at least these). This is a good sign. It means LISTSERV recognizes
the directory and can write its files there.
If this does not happen, then there is a problem. Repeat steps leading to
this point. Do NOT pass here until this step performs OK.
------------------------------
Set IIS Management Permissions
------------------------------
open the IIS Management console (also known as Internet Services Manager)
Select the name of your machine and click on + to expand the options
Select Web Sites
Click on + to expand the options
Select Default Web Site and Right Click
Select New
Select Virtual Directory
set Alias 'archives' (without quotes, without '/')
set true directory path x:\LISTSERV\WWW\ARCHIVES
set IIS permissions to READ (only)
click Next
click Finish
Select Default Web Site
find and Select 'Scripts'
Right Click
click on Properties
The first tab up should say 'Virtual Directory'
verify this is the radio button that says
'A directory located on this computer'
verify the directory path is x:\LISTSERV\WWW\SCRIPTS
verify that READ, WRITE, and DIRECTORY BROWSING boxes are ALL UN-CHECKED
verify the Application name: is blank or grayed out (Default Application)
verify the Starting point is "<Default Web Site>"
verify the Execute permissions is "Scripts and Executables"
verify the Application Pool is grayed out
Select the tab marked 'Directory Security'
under 'Anonymous access and authentication control' click 'Edit...'
verify that 'Anonymous access' box is checked for Authentication Methods
under this Click 'Edit...'
verify that the Username is IUSR_* (name of your machine)
verify there is a password shown.
click OK
click 'Apply' if you have changed anything, else click OK
click 'Apply' if you have changed anything, else click OK
IIS 6 implements a variety of restrictions on ASP, CGI, and other executable
scripts that are significantly stronger than previous versions of IIS.
You must now configure IIS to allow it to run the wa.exe script.
Select Web Service Extensions
(make sure the tab at the bottom says 'Extended')
The settings for all types of scripts (ASP. ISAPI, etc.) default to
prohibited. Some may already be enabled, depending what you may have
running on your web site. There are 2 ways to grant permissions for
the wa.exe script to run.
1. Fast (but insecure) method (not recommended)
Select the "All Unknown CGI Extensions" and click on 'Allow'
You will receive a warning message that this is a potential security
risk. Click 'Yes' to allow.
2. Slower (but more secure) method (recommended)
Select the option to 'Add a new Web service extension...'
For Extension Name enter 'exe' (without quotes)
For Required files: click Add and browse to find
x:\LISTSERV\WWW\SCRIPTS\wa.exe
Click OK
Check the box 'Set extension status to Allowed'
Click OK
Sometimes it is necessary to stop/restart the Default Web Site in the
IIS Manager at this point. It does not hurt to do so now.
-----------------------------------------------
Now try to access http://your_server_name/scripts/wa.exe
from a local web browser.
You should see a page 'Welcome to LISTSERV'.
If this does not work or you get a 'page cannot be displayed' error
try the link http://your_server_name/archives/index.html
(this is a static page link which should always work.)
If you get the 'Welcome to LISTSERV' page, then click on
'Mailing List Management Interface'.
You should be presented with a 'Login Required' page, requesting your
email address and Personal LISTSERV Password to login. If you don't
have a Personal LISTSERV Password (different from the CREATEPW stored in
site.cfg) now would be a good time to create one. Click on the link
above the login boxes to "Get an new LISTSERV Password"
If either URL doesn't work, then check network access permissions between
your desktop machine and the server machine. Network rules may also prevent
access to a remote machine.
If with either URL you are presented with a Windows login screen asking for
Windows account User login and Password, then your NTFS file/directory
permissions above are not correct. Revisit the above section on these
settings.
If you can get this far then you should be OK.
If not, then work back to last successful checkpoint, then work forward again.
|