2.3. Working with FPSE-Based Web Sites

FrontPage Server Extensions (FPSE) is one of the oldest publishing and remote-authoring mechanisms offered for Web sites developed using FrontPage and Visual Studio. The current Microsoft-supported versions of FPSE are:

  • FPSE 2000, available as an IIS 5.1 component with Windows XP

  • FPSE 2002, available as an IIS 6.0 component with Windows 2003

NOTE

There's also a version of FPSE 2002 for IIS 7.0 on Windows Vista machines supported by RTR (Ready-to-Run) that's available for download at www.rtr.com.

In cases of both Windows XP and Windows 2003, FPSE can be installed from the Add/Remove Windows Components section in the Add or Remove Programs dialog box. As discussed earlier, you can elect to install FPSE binaries and files as components while installing IIS on the machine.

2.3.1. Understanding FPSE

FPSE is an ISAPI-based authoring and publishing mechanism that provides the backbone for Web-based clients (such as FrontPage, Expression Web, and SharePoint Designer) to open content from remote Web sites for authoring and publishing content from one location to another. Besides remote authoring and publishing, FPSE also enables features such as version control, permissions management, etc., and provides support for a variety of Web components (such as Web search, form-based components, hit counters, etc.) available in FrontPage and inherited by Expression Web and SharePoint Designer.

IIS 6.0 supports the most updated and robust version of FPSE (FPSE 2002), which provides a Web-based site management and administration console. After you choose and install FPSE 2002 as a component with IIS 6.0, a Web site called Microsoft SharePoint Administration is created for you and is used to administer FPSE 2002 Web sites on the Web server.

NOTE

Don't be confused by the naming of Microsoft SharePoint Administration for this Web site. It's so called because if SharePoint Team Services (STS) is installed on the machine, this Web site provides an interface for the administration of STS Web sites along with serving as an administration tool for FPSE 2002 Web sites.

If you open the properties of this Web site using the IIS Manager, the important thing to notice (in the Home Directory tab) is that this Web site uses C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions50ISAPI\_VTI_ADM as the root folder. All the FPSE 2002 binaries and support files are stored at C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions50.

Also, it has the execute permissions set to Scripts and Executables (allowing for the execution of .dll and .exe) and uses a new application pool called MSSharePointAppPool. This application pool is also created when FPSE 2002 is installed on a machine.

Before you can use FPSE 2002 on your Web sites, you must ensure that it's enabled as a Web Service extension in IIS. You can do this by using the Web Service Extensions pane in the IIS Manager. If the status of FPSE 2002 shows as being prohibited, simply right-click on it and then choose Allow from the popup menu to enable it for use.

2.3.2. Extending and configuring Web sites

To perform many of the FPSE 2002 configuration and management operations, you must be an administrator on the Web server machine. You use the Microsoft SharePoint Administration Web site for configuring Web sites in IIS with FPSE 2002. The main Web page of the Microsoft SharePoint Administration Web site, as shown in Figure 2.13, shows the list of Web sites and indicates whether they're configured with FPSE 2002.

Figure 2.13. The Microsoft SharePoint Administration home page

The process of configuring FPSE 2002 on a Web site is called extending a Web site. To extend a Web site with FPSE 2002, follow these steps:

  1. Using the IIS Manager, create a new Web site. Ensure that the root folder for the Web site is empty. While creating a root folder for an FPSE 2002-based Web site, keep in mind that FPSE 2002 itself manages permissions for users and groups. It's best that you use the FPSE 2002 administration Web site to add or remove users and groups rather than directly managing them by using Windows Explorer (via the Security tab). To start with, when you create the root folder, ensure that the folder doesn't inherit permissions from its parent folder, and set Administrators and System accounts to have full control.

  2. In the IIS Manager, right-click on the Web site and then choose All Tasks Configure Server Extensions 2002 from the popup menu. This takes you to the Extend virtual server with the FPSE 2002 Web page inside the Microsoft SharePoint Administration Web site. You can also reach this page by clicking the Extend link next to the Web site on the home page of the Microsoft SharePoint Administration Web site.

    NOTE

    The Configure Server Extensions 2002 option isn't enabled if you already have the Web site extended with FPSE 2002 or if the root folder of the Web site contains hidden metadata.

  3. Ensure that the Administrator user name is correct and then click Submit. This begins the process of extending the Web site, and once complete, you return to the home page of the Microsoft SharePoint Administration Web site. The URL and Version columns are updated with the URL of the Web site and the version of FPSE 2002 on the Web site. Also, the Extend link has now changed to Administration.

If you go to the root folder of the Web site (by right-clicking on it in the IIS Manager and then choosing Open from the popup menu) after it has been extended with FPSE 2002, a number of _vti folders now exist inside the Web site. These folders contain files that store the hidden metadata necessary for operating FPSE 2002.

These folders are important for the proper operation of FPSE 2002 on the Web site. Deleting any of these folders can result in the corruption of FPSE 2002.


Also, if you expand the Web site in the IIS Manager, the _vti_bin virtual directory appears, with the root folder at C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions50ISAPI. This virtual directory contains the binary files that enable the remote authoring and publishing features of FPSE 2002 on the Web site. It exists in every site or subsite (also called subweb) that's configured to be an FPSE 2002 Web site.

NOTE

A virtual directory is a virtual folder inside a Web site, the content of which doesn't reside inside the root folder of the Web site. You use virtual directories to share files and folders across multiple Web sites.

By default, the virtual directory uses the same application pool as the Microsoft SharePoint Administration Web site (MSSharePointAppPool) and has the execute permissions set to Scripts and Executables. If this virtual directory is missing or isn't set up properly, FPSE 2002 authoring and publishing features can't work.

Now that you have FPSE 2002 set up for your Web site, you can use SharePoint Designer to open the Web site for live editing of Web pages and other files, use FPSE 2002-based Web components, and publish content to and from the Web site. To open your FPSE 2002-based Web site in SharePoint Designer, simply choose File Open Site and then type the URL of the Web site in the site name text field. Your best bet for the Web site's correct URL would be the URL indicated in the URL column for the Web site in the home page of the Microsoft SharePoint Administration Web site.

2.3.3. Managing and administrating sites

After you extend your Web site with FPSE 2002, you need to set some configuration settings to provide functionality to Web components that you insert on pages by using SharePoint Designer. Most of these configuration settings can be done using the Microsoft SharePoint Administration Web site, although FPSE 2002 offers a command-line tool called owsadm.exe — mostly used for performing bulk operations on a number of Web sites using batch files — to perform these operations.

2.3.3.1. Change configuration settings

Some configuration settings for FPSE 2002 that you make using the Microsoft SharePoint Administration Web site apply to all the Web sites that are extended with FPSE 2002 on the Web server. These settings include the list of available rights and installation defaults for FPSE 2002 and are available at the home page of the Microsoft SharePoint Administration Web site.

Besides these, several settings apply specifically to Web sites. You can access these by clicking on the Administration link next to the Web site in the home page of the Microsoft SharePoint Administration Web site. Using the Virtual Server Administration page, you can perform these operations:

  • Visit the Web site-specific administration pages: Using these administration pages, you can add or remove users and roles, perform server health checks, and create subwebs.

  • Uninstall FPSE 2002: You can choose to either completely remove FPSE 2002 or just remove the binaries from the Web site. As indicated in the description text, a full uninstall removes all virtual directories, subweb information, hidden metadata files, and folders.

  • Upgrade the virtual server with FPSE 2002: This allows you to perform an upgrade of the hidden metadata of the Web site in case an update or service pack updates the FPSE 2002 binaries.

  • Change the configuration settings: As shown in Figure 2.14, these settings allow you to set up the SMTP mail server settings for use by the FrontPage form components, enable or disable authoring, log authoring actions, etc.

  • Configure user accounts limits: This allows you to set a limit to the number of users that can be created via the FPSE 2002 user management console.

Figure 2.14. The Change Configuration Settings Web page

2.3.3.2. Adding users and roles

FPSE 2002 allows you to add or remove users and groups by using the Microsoft SharePoint Administration Web site and manages the actual New Technology File System (NTFS) (folder and file level) security and permissions for the users and groups itself.

It does so by managing roles for users and groups. A role is a list of rights and privileges that are given to the members of the role. For example, the Administrator role has a list of rights that allow its members to view, add, and change all server content and manage server settings and accounts.

Using the Manage Roles Web page, as shown in Figure 2.15, you can view the roles available by default and add/remove roles.

Figure 2.15. The Manage Roles Web page

To access the Manage Roles administration Web page, click the link that's the name of the Web site in the Microsoft SharePoint Administration Web site home page. This takes you directly to the site-specific administration pages, where you can use the Manage Roles link in the Users and Roles section.

After the roles are created, you can add users and groups to these roles by using the Manage Users Web page accessible from the Users and Roles section.

NOTE

When you add a user (or group) to a specific role by using the FPSE 2002 administration Web site, FPSE 2002 in the background creates a local security group (with the prefix ows_) and adds the user (or group) to the local group. FPSE 2002 then adds this local group with appropriate permissions to the NTFS Access Control Lists (ACL) of the Web site folders.

FPSE 2002 stores the roles and permissions associated with the roles in files called roles.ini at C:Documents and SettingsAll UsersApplication DataMicrosoftWeb Server Extensions50. These files are used to reapply the security settings to FPSE 2002 Web sites in operations such as checking a server's health.

2.3.3.3. Checking a server's health

The Check Server Health Web page, as shown in Figure 2.16, is a single operation that can be used on FPSE 2002 Web sites to detect and repair problems with security; reapply security settings stored in roles.ini files; and check, verify, and repair FPSE 2002 on subsites inside a Web site. It can also be used to re-create any missing _vti_bin directories, provided that the hidden metadata for the Web site is intact.

It's important to understand that the Check Server Health operation removes all existing NTFS security on the Web site's folders and files and reapplies the security settings stored in the roles.ini files. So, if you've added any users (or groups) directly to the NTFS security by using Windows Explorer (or other means), these permissions are lost. Therefore, it's recommended that you perform all security operations on FPSE 2002 Web sites by using the Microsoft SharePoint Administration Web site so that they're saved in the roles.ini files for repair.


Figure 2.16. The Check Server Health Web page

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.118.1.25