Technical White Paper - Directory Wizards Server Configuration.pdf · Internet Information Services...

Technical White Paper

Web Server Configuration – Internet Information Service (IIS)The following web server configuration instructions apply to UnitySync, Directify, emPass, andInfocanon. While we use UnitySync as an example throughout the document, the configuration is verysimilar for all programs. It will be clear in the instructions where and how they differ. If you have anyquestions at all, please contact [email protected] for clarification and assistance.

Table of ContentsWeb Server Configuration – Internet Information Service (IIS) ............................................................... 1 Internet Information Services (IIS) version 7 ............................................................................................ 2

IIS 7 Server: Add Virtual Directory ....................................................................................................... 2 IIS 7 Server: Configure Web Service Extensions .................................................................................. 8

Allow All Unspecified CGI Modules ............................................................................................... 8 Configure Individual CGI Extensions .............................................................................................. 9

IIS 7 Server: Handler Mappings .......................................................................................................... 10 IIS 7 Server: Edit Default Error Behavior ........................................................................................... 12 IIS 7: Access Your Program ................................................................................................................ 15

Internet Information Services (IIS) version 8 .......................................................................................... 16 IIS 8 Server: Add Virtual Directory ..................................................................................................... 16 IIS 8 Server: Configure Web Service Extensions ................................................................................ 23

Enable All Unspecified CGI Modules ............................................................................................ 23 Configure Individual CGI extensions ............................................................................................. 25

IIS 8 Server: Handler Mappings .......................................................................................................... 26 IIS 8 Server: Edit Default Error Behavior ........................................................................................... 28 Access Your Program Using IIS 8 ....................................................................................................... 31

Appendix A: Configure individual .cgi .................................................................................................... 33 IIS 7 or IIS 8 ........................................................................................................................................ 33

Appendix B: Program-specific .cgi files .................................................................................................. 37 Directify ............................................................................................................................................... 37 emPass ................................................................................................................................................. 37 InfoCanon ............................................................................................................................................ 37 UnitySync ............................................................................................................................................ 37

mailto:[email protected]

Internet Information Services (IIS) version 7

NOTE: Current versions of Directory Wizards products will not run on 32-bit servers. Therefore, IIS 7 is the minimum requirement for these programs.

IIS 7 Server: Add Virtual DirectoryFirst you must add a virtual directory for the program.

1. Start the IIS Manager found under Start > Administrative Tools.

2. Expand Web Sites.

3. Right-click on Default Web Site.

a. Select Add Virtual Directory...

4. Type in the Alias you wish to use to access the program.

NOTE: In this example, UnitySync is used, resulting in the following URL:

http://localhost/UnitySync

Use a descriptive name. For instance, if you are working with Directify or InfoCanon, you willlikely want to use the specific program name for an alias.

Also, select where you would like the virtual directory to point to. This should be the cgifolder within your program files.

NOTE: In the example, c:\UnitySync\cgi is used. The designation of the cgifolder is important for security reasons. DO NOT simply use c:\UnitySync.

5. Click OK.

http://localhost/UnitySyncX

6. Confirm the CGI role service is enabled in IIS.

a. Go to Start > Administrative Tools > Server Manager

b. The Server Manager will open. Expand Roles, then Web Server (IIS)

c. Scroll through the sections under Summary in the right window pane until you find RoleServices

d. Click Add Role Services

e. Make sure that CGI is selected under Application Development. If it is, simply click Cancel toexit the window and proceed to step 6. If it is not, select CGI and click Next>.

f. You will be asked to confirm installation of your selection. Click Install.

g. The next window will show you the progress of your installation. Nothing is click-able inthis window.

h. Finally, your installation results will appear. Once complete, click Close.

7. Return to the IIS Manager found under Start > Administrative Tools.

8. Expand Sites.

9. Expand Default Web Site.

a. Locate the virtual directory that you just created. In our example, it is unitysync. Highlightthe virtual directory and in the Features View menu that appears in the center pane, findAuthentication (in the IIS section) and double-click it.

10. Authentication:

a. For UnitySync:

1. If Anonymous Authentication is Enabled, click Disable in the Actions pane.

2. If Windows Authentication is Disabled, click Enable in the Actions pane.

b. For Directify:

1. If Windows Authentication is Enabled, click Disable in the Actions pane.

2. If Anonymous Authentication is Disabled, click Enable in the Actions pane.

c. For emPass:



Note: The security of your emPass password sync is ensured by the use of LDAPSSL, and no information is available via the emPass virtual directory.

You have created a virtual directory with the necessary configuration.

IIS 7 Server: Configure Web Service ExtensionsRequired CGI programs must be allowed to execute. This can be done in one of two ways.

Allow All Unspecified CGI ModulesWhile this is the quickest way to enable CGI, you will only be able to execute All Unspecified CGI Modules if you are running IIS 7 in ISAPI mode. This feature is not available if you are running IIS in Integrated mode.

If you are running IIS 7 in Integrated mode, or if you prefer to configure individual CGI, proceed toAppendix A.

1. Go to the IIS Manager (Start > Administrative Tools) and select the primary server to open theserver Home page.

2. Under the IIS section in the main window pan, double-click ISAPI and CGI restrictions.

NOTE: This icon might be found under Security instead.

3. The window will change to show ISAPI and CGI extensions that are permitted on the webserver. Click Edit Feature Settings... in the right pane.

4. Select Allow unspecified CGI modules, then click OK.

Configure Individual CGI ExtensionsIf you do not wish to allow all unknown CGI extension to execute due to security concerns, you must configure the needed CGI files one by one. For instructions to configure individual CGI extensions, please see Appendix A.

IIS 7 Server: Handler Mappings1. Return to the IIS Manager (Start > Administrative Tools) and select the primary server to open

the server Home page.

2. Find the icon for Handler Mappings – this may be found under IIS or Server Components – anddouble-click it to open.

3. Right-click CGI-exe, then click Edit Feature Permissions...

4. Make sure that Execute is checked. If it is not, select Execute then click OK.

5. Double-click CGI-exe. Make sure the Request path is *.cgi. If it is not, fill in the Request pathfield with *.cgi and click OK.

Handler mappings are now configured.

IIS 7 Server: Edit Default Error BehaviorThis configuration step allows detailed error messages to be presented when accessing the Program from other than the local server.

1. Go to the IIS Manager (Start > Administrative Tools) and select the primary server to open theserver Home page.

2. Expand the Sites folder.

3. Click on the Default Web Site to select, then double-click the Error Pages icon in the IIS section.

NOTE: If you have other items configured under the Default Web Site besidesour products, you may elect to click on the specific virtual directory to apply the

error behavior only to that one, but not all of your virtual directories. The directions that followbelow are the same regardless of whether you elect to apply it to the Default Web Site or aspecific virtual directory.

4. Click Edit Feature Settings... in the right pane.

5. The default setting for errors is Detailed errors for local requests and custom error pages for remoterequests. This default setting will result in a generic error if you access the program from aremote server.

6. Instead, select Detailed errors then click OK to save the selection.

7. This will change the default behavior for all errors.

IIS 7: Access Your ProgramYour IIS 7 configuration is complete! To access your program, open a browser window and type in the alias address you selected in step #4 of Add a Virtual Directory (i.e., http://localhost/UnitySync) and you should see the program interface. If you do not, please double check all configuration steps to ensure they have been completed, then contact [email protected] if any questions remain.

IMPORTANT NOTE: If you are configuring use via https://, please note that Directory Wizards products will not work properly if you are using self-signed certificates.



Internet Information Services (IIS) version 8

IIS 8 Server: Add Virtual DirectoryFirst you must add a virtual directory for the program.

1. Start the IIS Manager. From the Start page, go to Server Manager, then highlight IIS in the left pane. Right-click the default server shown in the Servers section on the right side of the window, then select Internet Information Services (IIS) Manager.

2. In the IIS Manager window, expand Sites.

3. Right-click on the Default Web Site.

4. Select Add Virtual Directory...

5. Type in the Alias you wish to use to access the program.

NOTE: In this example unitysync is used, resulting in the following URL:

http://localhost/unitysync

Use a descriptive name. For instance, if you are working with Directify or InfoCanon, consider using the program name for the alias.

6. Select where you would like the virtual directory to point to. This should be the cgi folder in your program files.

NOTE: In the example, c:\UnitySync\cgi is used. Pointing to the cgi folder is important for security reasons. DO NOT use c:\UnitySync.

7. Click OK.

8. Confirm the CGI role service is enabled in IIS.

a. Go back to the Server Manager and select IIS in the left column of the window.

b. Scroll through the pane on the right side of the window until you find Roles and Features.

c. Is CGI listed there? If so, it is enabled. You may proceed to step 10. If it is not, please continue.

http://localhost/unitysync

9. Click the TASKS drop-down just above the Roles and Servers section on the right and select Add Roles and Features.

a. The Add Roles and Features Wizard will appear. Select Role-based or feature-based installation and click Next.

b. On the Server Selection page, click Select a server from the server pool, then find your server in the Server pool window below and click Next>.

c. On the Server Roles page, expand down to Application Development (Web Server (IIS) > Web Server > Application Development) and click on the unselected CGI, then click Next>.

d. Click Next> on the next window, Features, to proceed.

e. Finally, click Install.

f. The next window will show you the installation progress. Once it completes, click Close.

g. If you'd like to confirm the installation, go back to steps 6a, b and c and confirm CGI isnow listed.

10. Return to the IIS Manager. From the Start page, go to Server Manager, then highlight IIS inthe left pane. Right-click the default server shown in the Servers section on the right side ofthe window, then select Internet Information Services (IIS) Manager.

a. Expand Sites

b. Expand Default Web Site

c. Locate the virtual directory that you previously created. In our example, it is unitysync.

d. Highlight the virtual directory.

e. In the Features View menu that appears in the center pane, double-click Authentication. Theicon for Authentication is found in the IIS section.

11. Authentication:

a. For UnitySync:

1. If Anonymous Authentication is Enabled, click Disable in the Actions pane.

2. If Windows Authentication is Disabled, click Enable in the Actions pane.

b. For Directify:



c. For emPass:



Note: The security of your emPass password sync is ensured by the use of LDAP SSL, and noinformation is available via the emPass virtual directory.

12. If Windows Authentication is Disabled, click Enable in the Actions section in the right pane.

You have successfully added the virtual directory.

IIS 8 Server: Configure Web Service ExtensionsCGI programs must be allowed to excute. This can be done in one of two ways.

Enable All Unspecified CGI ModulesWhile this is the quickest way to enable CGI, you will only be able to execute All Unspecified CGI Modules if you are running IIS 8 in ISAPI mode. This feature is not available if you are running IIS in Integrated mode.

If you are running IIS 8 in Integrated mode, or if you prefer to configure individual CGI, proceed to Appendix A.

1. Start the IIS Manager. From the Start page, go to Server Manager, then highlight IIS in the left pane. Right-click the default server shown in the Servers section on the right side of the window, then select Internet Information Services (IIS) Manager.

2. Under the IIS section in the main window pane, double-click ISAPI and CGI restrictions.

NOTE: This icon might be found in the Security section.

3. The window will change to show ISAPI and CGI extensions that are permitted on the web server. Click Edit Feature Permissions... in the right pane.

4. Select Allow unspecified CGI modules, then click OK.

You have successfully allowed CGI to execute.

Configure Individual CGI extensionsIf you do not wish to allow all unknown CGI extensions to execute due to security concerns, you mustconfigure the needed CGI files one by one. For instructions to configure individual CGI extensions, please see Appendix A.

IIS 8 Server: Handler Mappings1. Return to the IIS Manager (Server Manager > IIS > right-click the default server shown in the

Servers section on the right side of the window, and select Internet Information Services Manager)and select the primary server to open the server Home page.

2. Double click the Handler Mappings icon found under either the IIS or Server Components section.

3. Right-click CGI-exe, then click Edit Feature Permissions...

4. Make sure that Execute is checked. If it is not, select Execute then click OK.

5. Double-click CGI-exe. Make sure the Request path is *.cgi. If it is not, fill in the Request path field with *.cgi and click OK.

You have successfully set up Handler Mappings.

IIS 8 Server: Edit Default Error BehaviorThis configuration step allows detailed error messages to be presented when accessing the Program from other than the local server.

1. Return to the IIS Manager (Server Manager > IIS > right-click the default server shown in theServers section on the right side of the window, and select Internet Information Services Manager)and select the primary server to open the server Home page.

2. Expand the default server and then Sites folder.

3. Click on the Default Web Site to select, then double-click the Error Pages icon in the IIS section.

NOTE: If you have other items configured under the Default Web Site besidesour products, you may elect to click on the specific virtual directory to apply the

error behavior only to that one, but not all of your virtual directories. The directions that followbelow are the same regardless of whether you elect to apply it to the Default Web Site or aspecific virtual directory.

4. Click Edit Feature Settings... in the right pane.

5. The default setting for this error is Detailed errors for local requests and custom error pages forremote requests. This default setting will result in a generic error if you access the programfrom a remote server.

6. Instead, select Detailed errors then click OK to save the selection.

You have successfully edited default error settings for all error types.

Access Your Program Using IIS 8Your IIS 8 configuration is complete! To access your program, open a browser window and type inthe alias address you selected in the Add Virtual Directory setup (i.e., http://localhost/UnitySync)and you should see the program interface. If you do not, please double check all configuration stepsto ensure they have been completed, then contact [email protected] if any questions remain.

IMPORTANT NOTE: If you are configuring use via https://, please note thatDirectory Wizards products will not work properly if you are using self-signed

certificates.



Appendix

Appendix A: Configure individual .cgi

IIS 7 or IIS 81. Start the IIS Manager. From the Start page, go to Server Manager, then highlight IIS in the

left pane. Right-click the default server shown in the Servers section on the right side of thewindow, then select Internet Information Services (IIS) Manager.

2. Under the IIS section in the main window pane, double-click ISAPI and CGI restrictions.

3. The window will change to show ISAPI and CGI extensions that are permitted on the webserver. Click Add... in the right window pane.

4. In the Add ISAPI or CGI Restriction window:

a. Browse to the cgi directory for the program you are configuring.

b. In the lower right corner of the Browse window, use the drop-down to view All Files.

c. This step enables you to see the .cgi files you need to configure, as shown below.

5. Select one of the necessary .cgi files (as detailed in Appendix B).

a. Once you've opened one of the .cgi files needed, fill in a Description. We suggest using theprogram and cgi file name – in our example, this is UnitySync config cgi.

b. Click the check box next to Allow extension path to execute.

c. Click OK.

NOTE: There are several .cgi files that you will need to allow, and you'll need togo through the previous steps 4 & 5 for each of them. Please refer to the

Program-specific .cgi files listed in Appendix B for a complete list for the program you are

configuring.

6. Once you have added all of the necessary .cgi files, the Restrictions window will now showthem with a status of Allowed. If any are listed as Not Allowed, it means you neglected to checkAllow extension path to execute. You'll need to highlight those lines, right-click to Edit...,check the appropriate box, and then click OK.

7. See below how the list will look when all .cgi files are properly configured.

Appendix B: Program-specific .cgi files

Directify

• config.cgi

• directify.cgi

emPass• empass.cgi

InfoCanon

• cgi-test.cgi

• config.cgi

• editor.cgi

• infocanon.cgi

UnitySync

• config.cgi

• csv.cgi

• ldap.cgi

• logview.cgi

• o365.cgi

• odbc.cgi

• proc.cgi

• smtp.cgi

Technical White Paper - Directory Wizards Server Configuration.pdf · Internet Information Services...

Documents

Transcript of Technical White Paper - Directory Wizards Server Configuration.pdf · Internet Information Services...