Best IT Blog

Windows 2000 Internet Information Server

Posted in O S (375) by Guest on the December 25th, 2010

IIS Components

  • File transfer Protocol (FTP) Server
  • World Wide Web (WWW) Server
  • Simple Mail Transfer Protocol (SMTP) Service
  • Network News Transport Protocol (NNTP) Service
  • FrontPage 2000 Server Extensions
  • Internet Services Manager (HTML)
  • Internet Information Services Snap-in
  • Visual InterDev RAd Remote Deployment Support
  • Indexing Service
  • Certificate Services

Windows 2000 Professional can only support 10 network connections and Windows 2000 Servers support an unlimited number of connections. Windows 2000 Professional includes the Personal Web Manager package (a web site administration tool) not included on Windows 2000 servers. The HTML Internet Services Manager and the NNTP Service are not available on Windows 2000 Professional.
Most IIS components are installed when Windows 2000 is installed. The “Add/Remove Programs” applet in the control panel may be used to add any additional IIS components. Select “Add/Remove Windows Components”, click on “Internet Information Services (IIS)’, then click details.

Created at Installation of IIS

  • Default Web Site located in c:Inetpubwwwroot

Security Enhancements

Security of the WWW server can be increased by:

  • Obtaining a certificate for the web server
  • Enable IP address or domain name access restrictions.
  • Disable anonymous access and specify a secure authentication method.
  • Configure the web server to send encrypted communication.
  • Place all content on an NTFS file system.
  • Set up home directory security settings.
  • Use firewalls to protect the server.

Web Site Management                                                                                                  

The “Internet Services Manager” is used to manage web sites on the computer. This can be done locally or remotely.
The Web Site Properties dialog box can be displayed by starting the “Internet Services Manager”, click on the + next to the server to be configured, then right click the web site to configure, and select “Properties”. The Web Site Properties dialog box tabs are:

  • Web Site – Web site properties window with an IIS 3.0 Admin tab allowing selection of the web site to be administered if a user connects with the IIS 3 administration tool. Only one web site may be managed with the IIS 3 administration tool. This tab is used to configure Web site ID, Connections, and Logins. The following may be set:
    • Description – Identifies the site in the Microsoft Management Console.
    • IP Address
    • Advanced button brings up a window:
      • Multiple Identities – A text list box set of entries including IP address, port and host header the site responds to. Default port is 80 and SSL port is 443.
      • Multiple SSL Identities – The site and port number secure connections are made over (default 443).
    • TCP Port – Default is 80.
    • SSL Port – Port for SSL communications. Default is 443.
    • Connections limited or unlimited – Default limited connections is 1000.
    • Connection Timeout – Default is 900 seconds.
    • Enable Logging checkbox and specify “Active log format”. Format types:
      • Microsoft IIS Log Format
      • NCSA Common Log Fromat
      • ODBC Logging – For database, very resource intensive.
      • W3C Extended Log File Format – The most flexible
    • Log “Properties” button and window:
      • General Properties – Set log file creation frequency and location where log files are stored.
        • The New Log Time Option – Causes new file creation, set to daily, weekly, monthly, unlimited, or when the log file gets to a specific size. The default is daily.
        • Directory path the log file is stored in.
        • Extended Logging Options list items that can be in the logging file:
          • Date
          • Time – default
          • Client IP Address – default
          • User Name
          • Service Name
          • Server IP
          • Server Port
          • Method – default
          • URL Stem – default
          • URL Query
          • HTTP Status – default
          • Win32 status
          • Bytes Sent
          • Bytes Received
          • Time Taken
          • Protocol Version
          • User Agent
          • Cookie
          • Referrer
      • ODBC Properties – Set the data source name (DSN), log data table. The user name and password used to store data in the database is set.
      • Extended Properties – Use checkboxes to select fields to be put in the log file. Time, client IP address, method, URI stem, and HTTP status are saved by default.
  • Operators – Configure what users may manage the web site. In the Web Site tab, operators cannot set IP Address, Port, SSL Port, or use the Advanced button. In the performance tab, operators can’t use the Bandwidth throttling. In the home directory, operators cannot set Directory Source, read setting, write setting, and application settings.
  • Performance
    • Performance Tuning – Sliding bar used to adjust server resources to he held in reserve to service requests quickly. This can be set depending on the number of hist per day that are expected. Fewer than 10,000, fewer than 100,000, or more than 100,000.
    • Enable Bandwidth Throttling – Limits the bandwidth use of one web site. It is enabled (default) or disabled.
    • Maximum Network Use – The value in Kbps of maximum bandwidth the website may use.
    • HTTP Keep-alive Enabled – Requires more resources, but keeps the connection to t
      he web browser open for quicker response. Turning off keep-alives or setting a short timeout can improve the performance of an IIS server that is low on memory and bandwidth.
  • ISAPI Filters – Add ISAPI filters to modify IIS performance for the web site. They are Internet Server Application Prrogramming interfaces and have global and site filters. Global filters are not be displayed, although they are applied. The web server must be restarted after adding or modifying global filters but, site filters are effective immediately. Global filters are run prior to Site filters.
  • Home Directory – Enter username and password who has access to a remote directory where that username and password is used for the access. Select where home files are:
    • Content comes from “A directory located on this computer” radio button.
    • Content comes from “A share located on another computer” radio button.
    • Content comes from “A redirection to a URL”. This option is used to redirect to another web site, when that web site has been moved.
    • “Local Path” or “Network Directory”.
    • Access Permissions checkboxes of Read, Write (The browser may update files with the PUT command is Write access is allowed), and Script source access”.
    • Content Control checkboxes of “Log visits” (Access is logged), “Directory browsing” allowed (A directory listing is sent to the browser), and “Index this resource” (A searchable index is generated)).
    • Application Settings
      • Name
      • Starting point
      • Execute Permissions:
        • None
        • Scripts only – Files with appropriate extensions are run as scripts without execute permission set.
        • Scripts and Executables – Files with proper extensions are run as scripts or ISAPI DLLs or CGI executables.
      • Application Protection
  • Documents – Specifies the default document to be returned by the browser if no document on the web page is specified. A footer for all HTML pages on the web site may also be specified. Options:
    • Enable default document – The page to show if a specific page is not requested. Several documents may be listed with the document at the top of the list being the default document.
    • Enable document footer – Can be used to add footer information to each page.
  • Directory Security – Three buttons:
    • Anonymous Access and Authentication Control – Any account using the anonymous logon or basic authentication must have the log on locally privilege configured in User Manager for Domains.
      • Allow Anonymous Access checkbox – Allows any web browser to access without a username or password. Used rather than basic or Windows NT Challenge/Response authentication if this is on also.
      • Account Used for Anonymous Access button – Specification of the anonymous access account.
      • Basic Authentication checkbox – Allows uses with web browsers that don’t support Windows Authentication to give a username and password for restricted web page access. The account name and password are not encrypted. Used if anonymous access is disabled or file permission does not permit anonymous access requiring a domain user account. This requires a domain user account.
      • Default Domain for Basic Authentication “Edit” button – The domain the user using basic authentication is assumed to belong in.
      • Digest authentication for Windows domain servers. – User accounts must store passwords with reversible encryption.
      • Integrated Windows Authentication – Required for requiring SSL communications to the web. Required to connect to the administration web site for this site (To perform remote administration). This requires a domain user account. Used under these conditions:
        • Anonymous access is disabled or denied due to file permissions requiring an NT user account.
      • Secure Communications – The “Server Certificate” button starts the IIS server certificate wizard.
    • IP Address and Domain Name Restrictions – Set all computers to either be granted access (radio button) or denied access (radio button) except those listed in the textbox. The textbox lists the IP and station address or internet names.
    • Assign a certificate to the web site
  • HTTP Headers
    • Enable Content Expiration checkbox
    • Content should (radio buttons) – Sets when the content will expire in the web browser cache by sending expiration headers with the web page.
      • Expire Immediately.
      • Expire after Days(textbox) and minutes (textbox). Default is 30 minutes.
      • Expire on Date (boxes).
    • Custom HTTP Headers
    • Content Rating (Edit Ratings button) – Voluntary classification of subject matter.
      • Rating Service – Tab containing buttons to display a public web site with rating classification information.
      • Ratings – Set ratings from 0 to 4 for violence, sex, language, and nudity. An e-mail address of the rating person and rating expiration date is set.
    • MIME Map (File Types button) – Associate file types on the web page with MIME types. Multipurpose Internet Mail Extensions (MIME) types are sent to the web browser.
  • Custom Errors – What to do if an error is encountered in serving the requested web page. Can specify an HTML file to be sent when an error occurs and use one of the following to specify where the file is:
    • File path
    • URL
  • Server Extensions – Can be used after the web server is configured to use FrontPage server extensions.

Publication Methods

  • Copy web pages into the default web site’s home folder in c:Inetpubwwwroot.
  • Virtual Directories – Causes directories on other servers to appear as though they are on your server. The Web Services Manager or Windows Explorer can be used to create virtual directories
  • Virtual Servers – A single server is made to appear as though it is more than one server. They only work on Windows 2000 Servers, not on Windows 2000 Professional. Requirements:
    1. One of:
      • An IP address is required for the primary server and each virtual server. IP addresses must be on one NIC. Multiple IP addresses can be assigned to one NIC using the “Network Dial-up Connections” folder.
      • A different TCP port number to be used.
      • A different FQDN to be used to access the new si
        te in the Host Header for this site: text box.
    2. A home directory must be assigned to each IP address using the directories tab.

Web Services Manager Menu Selections

Selections when the web site is selected:

  • New
    • Virtual directory
    • Web Site – Used to create additional virtual web servers.

Personal Web Manager

Accessed from Administrative Tools, Personal Web Manager is for novices.

Indexing Service

This service indexes web site content by creating two databases of words, one based on web server HTML files and the other based on other document types. The database take about 40% of the amount of room the original data takes. The Indexing Service works on all Windows 2000 operating systems and must be configured to start automatically if desired.
Search Tools:

  • Windows Explorer search tool.
  • Start menu search tool.
  • The “Computer Management” Index Service search tool. Computer Management is started by right clicking on “My computer” and selecting “Manage”.

Certificate Services

Used to manage and issue security certificates which are used for providing secure web connections between the web client and the web server. The “Add/Remove Programs” applet in the control panel may be used to add Certificate Services.

  • Certificate Authority (CA) – An organization that is trusted to issue certificates.
    • Enterprise root CA – The first and most trusted CA on the network requires the use of Active Directory.
    • Enterprise subordinate CA – Subordinate to the enterprise root CA requires the use of Active Directory.
    • Stand-alone root CA – A root for the certificate hierarchy and does not require Active Directory.
    • Stand-alone subordinate CA – Subordinate to the stand-alone root CA and does not require Active Directory.
  • Public Key Infastructure (PKI) – Implemented when certificates are used.
  • Public Key
  • Private Key

After Certificate Authorities are created, certificates can be set up fro use th selecting the administrative tool, “Certification Authority”. Selections:

  • Action
    • New
      • Certificate to Issue – Display certificates the CA cannot issue yet. This is where the CA can be authorized to issue these various certificates.

How users get Certificates

  • Windows 2000 users can use the MMC Certificate snap-in command line utility by typing “mmc” on the command line.
  • Access http://CA_server_name/certsrv with a web browser.
  • Administrators can set group policy so computers request certificates automatically when they are required using the administrative tool “Active Directory Users and Computers”.

Comments Off on Windows 2000 Internet Information Server

System and Application Unit Testing

Posted in Application by Guest on the December 20th, 2010

Testing must be an on-going activity throughout all phases of a project and should be an integral component of quality assurance efforts. A complete testing strategy cannot be developed until after vendor selection, so this section contains suggestions for possible activities that could be included in a testing strategy, and a general description of the types of testing Project Manager should consider. A complete testing strategy and plan must be developed once the project reaches the implementation planning phase. The Project Workbook should be updated by the Project Director to include the Test Plan, once it is finalized.

Testing starts at the unit level, as team members test portions of the functionality encompassed within a single module, interface, report or modification. Data modeling is used to test delivered functionality. Customizations, interfaces and reports are first tested by their developer before they are submitted for testing by functional users. Functional users will conduct a unit test of the customization, report or interface and formally accept it before it is moved to production.

As the implementation of the project progresses, so does the nature of testing. After each module has been thoroughly unit tested, integration testing begins. As integration testing proceeds, more end-user participation is needed. Project Management Office (PMO) recommends that there be one person (a central point of contact or testing coordinator) responsible for tracking the status of test scripts and the documented results of each test. Any test scripts which identify errors should be tracked and given to the appropriate person to resolve. After the error has been resolved, it should be re-tested by the same individual who originally uncovered the error.

The next step in the testing cycle is to carry out system testing, to validate that the entire system performs as expected. Given concerns voiced by members of the user community over an “all or nothing” cutover, Project Manager may choose to perform a modified parallel test. In this scenario test scripts are created using two to four weeks of live data from a previous month. The output from the scripts (including process, interface and reporting outputs) is compared to the output from the legacy system. Unexpected discrepancies will be analyzed, resolved, and re-tested. This cycle is repeated until the team (and the user community) is confident that the new system is ready for production.

Each module Project Team should develop detailed test plans and acceptance criteria. These plans will be integrated and coordinated for the testing of inter-module processes. The plan should also identify one or more Testing Coordinators.

Test Scenarios

A test scenario documents the scope of a testing effort. It identifies the portion of the system being tested, which major functions or areas are to be tested, the approach to be used, the resources assigned, and the expected outcome of the testing. One or more test cases will be defined to accomplish the defined test scenario.

Test Cases

A test case describes the data and the process steps required to test a portion of the system for correctness, in support of a test scenario. A test case defines the specific functions to be tested, any base data that must be present prior to testing, data that will be input during the test, the process steps to be performed to accomplish the test, and the expected outcome from the test in the form of expected data results and deliverables. Test cases should be established for both functional and technical testing.

Test cases are also referred to as test scripts. As these test scripts are completed they serve as a good foundation for documentation and training.

Test cases should be designed to be reusable – individual test cases should be used as a component of later business process and integration testing, and should use the same general format as training and documentation materials.

Functional Testing

Functional tests allow the institution to validate the utility and accuracy of end-user processes. To accomplish functional tests, users run through a process from end to end. For example, the user looks up data, enters new data, executes system processes (interfaces or batch updates), generates output (reports or queries), and verifies the results of the test.

Technical Testing

A technical expert defines a technical test to ensure that the system operates correctly from a technical and performance standpoint. This involves the technical specialist verifying that the system operates correctly, that interfaces are correctly developed, that data loads correctly, that control tables are loaded, and that any system fixes are applied and operate correctly. Technical testing should also include load testing to ensure that system performance (including network, server and client architecture) meets expectations.

Unit Testing

This is a test with a narrow scope, relating to the test of a single module, a conversion process, an interface, a report or query, or any other single component of the system. This test can be both a technical test and/or a functional test, with the task owner taking responsibility for configuration and base documentation.

Integration Testing

An integration test verifies the correctness of several system components working together. An ERP system implementation typically includes integration testing and acceptance

  • At the time the delivered system is installed and configured with basic institutional data,
  • After any customizations and custom interfaces or processes are developed,
  • And as part of test conversions prior to deployment, to ensure that the system works properly with all customizations and legacy data in place.

This test includes both technical and functional testing, validating the ability of the system components to “talk” to each other and pass data correctly. Each iteration of integration testing fosters user ownership and knowledge transfer.

Planning for intermediate sign-off points also ensures that errors are caught and corrected at the right time. For example, performing an integration test immediately after basic installation and configuration identifies errors in configuration or system bugs. Correcting these early allows later integration testing to focus on errors in customization or data conversion.

System Testing

The system test validates that all aspects of the system are functional. This will require both functional and technical testing, and should also include a system stress or load test. The stress test will assess the ability of the system to handle expected production-size volumes.

Security Testing

Security testing validates that each type of user profile provides access to the correct areas of the application, and that data inquiry and update controls behave as expected. Security testing should include validating a user’s access to the online application, and any relevant batch or reporting processes the user should be able to execute. The security test must also validate that technical and project team members have appropriate access to development environments, but that both data and processes in the eventual production environment are properly secured. As such, the security test should be specifically defined within the context of the database environment.

Date Testing

Date testing is designed to test the system’s response to data-sensitive transactions.

Acceptance Testing

The main function of Acceptance Testing is to validate that a given module or function meets end-user expectations, and that no further development or correction is required. User acceptance tasks should be included as milestones in the project WBS, and serve several important functions:

  • Acceptance validates that the work in a given area is 100% complete,
    and will not be revisited,
  • Acceptance gives end users a chance to interact with, approve and begin to “own” a function or area,
  • Any re-work discovered after acceptance constitutes a scope change, and must be handled through the issue and change control processes.

Acceptance testing should be performed at the completion of each major (i.e.: requiring many days effort to complete) functional module, customization, interface or report. The acceptance test is not necessary for low-effort tasks, but in any situation where re-work would cause significant project schedule, resource or budget disruption, or where dependent processes would be significantly impacted, the acceptance test is a necessary quality assurance step.

The final acceptance test is the testing of the full system after it has been placed into a “non-live” production environment. This test can include performing the same tests used during the system test, and may include a mini parallel test with data loaded into both the new and legacy system so that results can be cross-checked and validated. Upon user satisfaction with the final acceptance testing, the new system goes into production.


Comments Off on System and Application Unit Testing

Sample Change Management Perspective

Posted in Compliances (1300) by Guest on the December 20th, 2010

Any project with the scope of an IT implementation will introduce change into an organization, and you need to use this opportunity to review existing processes, and adopt best practices where they provide benefit and can be implemented with reasonable effort. These kinds of changes can impact both individuals and departments, and may affect departmental interactions, working habits and even institutional culture.  Institutional change must be carefully managed to ensure that the outcome of any change is positive. 

A strong Change Management program will include an integrated communications plan, training and documentation plan, and an organizational development plan, which will be tied into the overall project so that activities take place at appropriate times.

Once the project moves into the implementation planning phase, you should plan for, and develop a support structure for the following general phases of a Change Management process:

Planning the Change Program: Developing a dynamic change plan with milestones and feedback loops tied to the phases of the system implementation.

Generating Sponsorship: Ensuring that the leadership teams are on board and committed, and that they understand and act on their roles as required for the successful outcome of program.  The project Steering Committee and Project Sponsors will need to fill this role.

Managing Organizational Impacts: Determining the extent to which current processes and institutional characteristics are aligned with the requirements of the planned business processes.  Understanding the new work processes that will be implemented, and defining the job and workplace skills required to support the new organization.  Assessing the current level of skill within the affected user population and comparing current to desired skills.

Preparing End Users: Providing stakeholders with a clear understanding of specific changes, how the changes affect them, and how the changes fit into the bigger picture is imperative to create end user acceptance and advocacy. 

Providing Production Support Post Go-Live:  Because you might implement several major systems, applications technology and reporting tools in overlapping phases or migrations, there will be a need to provide production support for some migrations while others are still being implemented. The organizational and staffing impacts of these competing needs have to be considered and managed.


Comments Off on Sample Change Management Perspective

A Good Project Starting Point Considerations

Posted in Projects (400) by Guest on the December 19th, 2010
  1. Clearly define project deliverables
  2. Carefully contemplate the objectives of each deliverable  
  3. Define what constitutes successful completion of the deliverable
  4. Provide an estimate of effort and / or duration needed to complete the deliverable
  5. Prepare appropriate documentation needed to complete the deliverable
  6. Communicate and / or implement any associated processes defines as part of the deliverable


Comments Off on A Good Project Starting Point Considerations

Sample Visio – Unix Privileges: Sudo – Bigadmin

Posted in Visio Samples - Stencils (457) by Guest on the December 18th, 2010
Comments Off on Sample Visio – Unix Privileges: Sudo – Bigadmin

Sample Remedy / Heat Incident Tracking ID

Posted in Business (600) by Guest on the December 17th, 2010


Remedy / Heat Tracking ID:
Date / Time: 

Item #

Support Need


Notes / Description


Comments Off on Sample Remedy / Heat Incident Tracking ID
Next Page »