Personal tools

Creating a WebServer in VMWare

From MohidWiki

Revision as of 17:39, 4 April 2012 by Davidbrito (talk | contribs) (Configure VM in Windows Server 2008 R2 in console)
Jump to: navigation, search

Create VM in VMWare vSphere

2GB RAM
80GB thin provision and no partitions to be easier migration
Windows 2008 Server R2 64 bit
1 CPU

To Install guest OS, edit VM settings, add the Windows ISO to DVD drive and select "connect at power on" so that the drive launches the installation disk. And Start the VM.

Configure VM in Windows Server 2008 R2 in console

Installed Windows Server 2008 R2 64 bit in the 80GB disk

Installed VMTools from vSphere: Inventory->Virtual Machine->Guest->Install/Upgrade VM Tools

Change Computer Name

Change computer name to VM-WebServer

Update Windows

Run Windows Updates untill there are no more updates.

Activate Windows

Under Computer->Right.click->Properties->Activate and give windows key.

Install Antivirus

Install Antivirus from \\davinci\Software and schedule scans and automatic updates. In server needs F-Secure for servers.

Enabled Remote Connections

Other Installations

Install .net 4.0 if not existing

Add server roles

Server Management->Add Roles->IIS-> Select Common HTTP features (all), Application Development (ASP) Security (Simple and Digest) and Management Tools (IIS6 metabase compatibility) as FTPServer machine. Check that ASP is installed.

Add WebSites in IIS

  1. Copy the content of the sites from the old machine FTPServer to VM-WebServer (datacenter.mohid.com, forecast.maretec.org and InternalSites)
  2. Add the sites in IIS (hostname, path and in bindings selected the VM ip and in host filled with the site name)
  3. Edit the permissions to the root folder websites to the user IUSR (default anonymous user) to read and list folder contents. In case of folders that are restricted it will be described later.
  4. Remove the authenticated users from the root folder permissions (security) if exist.
  5. Add a power user outside IIS in computer management so that the folders can be accessed for management. In IIS give this added user the root folder permissions for all permissions except full control and special permissions.
  6. Share the websites root folder and allow authenticated users to have full control (from LAN).

Virtual Directories

  1. Added Virtual Directories for datacenter.mohid.com and forecast.maretec.org for NAS folder web.
  2. NAS needs acess by user web. Add user outside IIS in Computer Management.
  3. NAS needs acess by user web. Right click the virtual directory->"Manage Virtual Directory"->"Advanced Settings"->"Physical Path Credentials"->Insert web user
  4. NAS needs acess by user web. Select the virtual directory -> select basic settings -> test connection settings to be sure that it is working

Restricted Folders and Permissions

  1. Add users "user", "guadiana", "mondego", "ucoimbra" in Computer Management
  2. In IIS in folders guadiana, mondego, disable anonymous authentication and enable basic authentication
  3. Add to this folders the permission for the users created (mondego and ucoimbra for folder Mondego) for reading and list folder content.
  4. Add also to this folders the user IIS_IUSRS with read, list folder and execute.
  5. Remove user IUSR if exists.

WebServices

The site datacenter.mohid.com has webservices and needs .net 4.0

  1. In each webservice folder right click -> "Manage Application" -> "Advanced Settings" -> "Convert to Application" to ASP.NET 4.0
  2. In the case of datacenter it was needed to add the user IIS_USRS to the root folder with read permissions and list folder contents so that the webservices would work
  3. Do not add the user "everyone" with read permissions because it should not be needed.
  4. The paths ins the config files had to be changed and since it uses paths from FTPServer the disk W was mapped from the old server. The connection has to be linked to the new FTPserver when it is ready.

ASP

The site forecast.maretec.org has ASP and needed to get the anonymous user as "web" the same as NAS access. Because in the root does asp commands as FSO.FileSystemExists or Server.MapPath that are executed inside ASP, trough user "IUSR" (anonymous) but need to have "web" user access.

  1. In IIS in root folder of forecast.maretec.org in "Authentication" the anonymous authenticatios was changed from "IUSR" to "web".


Users Added in Computer Management have to compile with this options: -Password never expires -User cannot change password -Disconnect "Remote Control" -"Remote Desktop Services Profile" deny user.

Links

Go Back to VMWare

Retrieved from "http://wiki.mohid.com/index.php?title=Creating_a_WebServer_in_VMWare&oldid=5953"