Chapter Five

 

Chapter Five. 1

Chapter 5 Overview. 1

Creating Data Folders and Setting NTFS Security. 2

Adding Sample Data. 10

Changing Permissions to the Staff_Web Folder 11

 

 

 

Chapter 5 Overview

 

In Chapter 5 you will create a set of folders that will hold web data.  After these folders are created, you will set the permissions for these folders.  Setting permissions allow you to control who can and can not access folders.

 

Materials needed in this chapter

q       List of school sites in your district. (Production build only)

q       Sample default page (Included on the CD)

 

 

Creating Data Folders and Setting NTFS Security

 

 

 

1.      Open the E drive that has been labeled Web_Data.  Create a new folder and name this folder Web_Sites.

 

The Web_Data drive may be labeled differently on your  web server.

 

 

2.      Place the pointer over the Web_Sites folder.  Right mouse button click: choose Properties.

 

 

 

 

3.      Web_Sites Properties / General tab:  Click the Security tab.

 

 

 

 

4.      Web_Sites Properties / Security tab:  Remove the check mark from the check box in front of Allow inheritable permissions from parent to propagate to this object.  This check box is located in the lower left corner of this window.

By default, Windows 2000 gives the Everyone group (any user who logs into the machine) a security setting of full control over the data in a folder.  Any sub folder will inherit the same security setting at the parent folder. Example: UserData/Teacher.  The folder UserData is the parent folder.  Teacher is the sub folder.  Full control allows the user to read data, change data and delete data.  This can be problematic on a web server.  Clearing the check box for Allow inheritable permissions from parent to propagate to this object allows sub folders to have a different set of security permission than the parent folder.

 

Permissions

Allows

Full Control

Viewing, running, changing, deleting and changing owner 

Modify

Viewing, running, changing, and deleting

Read & Execute 

Viewing and running

Read

Viewing

Write

Viewing, running, changing, and deleting

 

 

 

 

 

 

 

 

 

This window states that you will be changing the permission to this folder.  By changing the permissions to the folder, you control who has access to the data contained inside the folder.

5.      Security Alert window:  This window will appear on the screen.  Click Remove.

 

 

 

 

 

 

 

 

 

 

6.      Web_Sites Properties / Security tab:  Click Add.

 

 

 

7.      Select Users, Computers, or Groups window: Select Administrator then click Add.  Repeat this process for Administrators and IUSR_WEBSERVER. 

 

 

 

8.      Select Users, Computers, or Groups window:  Click OK.

 

 

 

9.      Web_Sites Properties / Security tab:  Select Administrator.  Click the allow check box across from Full Control in the Permissions area of this window.  Placing a check mark in this box will automatically place checks in the other check boxes.

 

 

 

 

10.  Web_Sites Properties / Security tab:  Select Administrators.  Click the Allow check box across from Full Control in the Permissions area of this window.  Placing a check mark in this box will automatically place checks in the other check boxes.

 

 

 

 

11.  Web_Sites Properties / Security tab:  Select IUSR_WEBSERVER.  Verify that only the following allow check boxes contain check marks:

q       Read & Execute

q       List Folder Contents

q       Read

Click Apply.  Click Ok.  The window will close.

 

 

Adding Sample Data

12.  Open the Web_Sites folder.  Create the following folders:

q       District_Main_Web

q       Staff_Web

q       Adams_High_School

q       Jefferson_Middle_School

q       Washington_Elementary

13.  Place a sample page in each folder.  (You may create your own pages or copy the samples provided in the Sample Web Page folder on the CD.)  This sample file must be named default.htm.
Leave this window open.

 

 

 

Changing Permissions to the Staff_Web Folder

The Staff Web site will contain web sites created with Microsoft products and non-Microsoft products.  Consequently, FTP access must be made available to this folder.  This forces a slight change to the security of this folder.

 

14.  Place the pointer over the Staff_Web folder.  Click the right mouse button choose Properties and click.

 

 

 

 

15.  Staff_Web Properties / General tab: Click Security tab.

 

 

 

 

16.  Staff_Web Properties / Security tab: Click Add…

 

 

 

 

17.  Select Users, Computers, or Groups window: Select Everyone, click Add.  Click Ok.

 

 

 

 

18.  Staff_Web Properties / Security tab: Click Apply, click Ok.

 

 

 

19.   E:\Web_Sites window:  Close this window.