This chapter is from the book
This chapter is from the book
This chapter is from the book
Configuring Web Clients
Internet Information Services is only half of the equation when it comes to browsing the Web. It ensures that there is something to browse, but it doesn't provide the actual browsing interface to the user. In the Microsoft world, that job is taken by Internet Explorer (IE). It's IE's job to ensure that the user can reach the content on the Web servers inside the company and on the Internet.
Proxy Servers
One of the techniques frequently used in corporate environments to protect individual user's computers from outside attack is a device called a proxy server. The proxy server acts as the middle man between all transactions from internal Web browsing clients and the outside world. In addition to being an intermediary, most proxy servers provide a caching feature that enables them to request a page the first time a client requests it but not when the same client or another client accesses the same page.
Only Developers Can Prevent Caching
Controlling the caching of the proxy server and preventing it from caching inappropriate content is the responsibility of the Web developer. That being said, proxy servers generally don't cache content that contains passed parameters or where the user is logged into a site.
Proxy servers are used instead of or in conjunction with firewalls because of this caching service and because proxy servers allow tighter control of the content that can get into the network. This enables system administrators to prevent employees from going to sexually explicit sites or sites that might not be appropriate. Finally, proxy servers provide a logging feature that enables the administrator to monitor the Web sites being visited by employees.
With all these features, it's no wonder that many organizations are implementing proxy servers to help control Internet access. However, when proxy servers are implemented it means that the browser (IE) must be told how to communicate with the proxy server to be capable of communicating with the Internet.
Possible Proxy
By selecting Automatically Detect Settings, IE will attempt to automatically find a proxy server. By selecting the Use Automatic Configuration Script option, you specify that you want IE to configure itself based on the file you point to on the intranet.
Recent versions of IE have a feature called automatic proxy detection. This eliminates the need for you to manually configure proxy settings on each machine. However, for the test you'll have to know how to configure a proxy server in Internet Explorer. Step By Step 3.18 shows you how to configure a proxy server in Internet Explorer.
STEP BY STEP 3.18: Configuring a Web Server to Accept Client Certificates for Authentication
Start Internet Explorer.
From the menu select Tools, Internet Options.
Click the Connections tab.
-
Click the LAN Settings button. A dialog box similar to Figure 3.18 appears.
Figure
3.18 LAN settings are really proxy settings. Click the option Use a Proxy Server for Your LAN.
-
Enter the address and port for the proxy server into the Address and Port text boxes. If you need to enter separate addresses and ports by service, you can do this by clicking the Advanced button and entering the addresses into the dialog box that appears (see Figure 3.19).
Figure
3.19 Advanced settings enable you to select addresses by protocol. Click the OK button to close the LAN Settings dialog box.
Click the OK button to close the Internet properties.
)
Figure
3.18)
Figure
3.19As soon as you've entered the proxy settings, IE starts using them. In other words, as soon as they are entered, you should be able to start surfing the Internet from IE.
Troubleshooting Access
If you're having problems browsing the Web, there's a relatively short set of problems that can be the cause. In the next few sections we go through the potential problems one by one.
Network Connectivity
One of the most frequently overlooked causes of problems is that the computer has lost network connectivity all together. One of the first things to check is that the machine can communicate with other servers and machines on the local network.
Problems in cabling, a port failure on a hub, or a network card failure can all lead to a complete loss of networking. This is the first check that should be performed.
TCP/IP Settings
The next potential problem is that the computer's TCP/IP settings have become corrupted. Although this is less of an issue with DHCP being used by a large number of organizations, it is still a possibility to be explored.
No Settings for DHCP
DHCP settings are overridden by an entry in the TCP/IP settings of Windows 95/98/Me. Because of this, you should ensure that the TCP/IP settings are blank in a Windows 95/98/Me machine that should be getting all its information from DHCP.
The best way to test TCP/IP settings is to try to ping the default gateway. This is done by doing an IPCONFIG/ALL command from the command line to retrieve the default gateway and then a PING dftgateway, where dftgateway is the default gateway returned by IPCONFIG. PING should return the number of milliseconds it took to reach the default gateway, which is typically less than 10 milliseconds. If this test is successful then it is very likely that the TCP/IP settings are okay.
Name Resolution Settings
The next possible problem is that the name being entered in the browser isn't being resolved into the IP address the browser must contact to receive the information. This translation process is handled by DNS (and sometimes by local host files for intranet sites).
The easiest way to test whether name resolution is working properly is to open a command prompt and run the PING command—for instance, PING http://www.microsoft.com. Note that many Web sites will not return ping responses. However, if PING starts the process rather than returning a message saying you've entered a bad address then name resolution is working.
Proxy Settings
The next potential problem is that the proxy settings are missing from IE when a proxy server is required for access to the Internet—or where proxy server settings are present and there is no proxy server.
Be a Proxy User
Consultants who travel frequently have problems where some clients have proxy servers and others do not. One way to help mitigate the effort of reconfiguring all the time is to use separate user profiles for each customer. IE settings are based on the user—and thus the customer if you use a separate logon to your notebook for each customer.
If you're using a proxy server and have just selected automatic proxy server detection, you should try to manually set up the proxy server settings. This will help eliminate the possibility of an automatic discovery failure. Similarly, it might be a good idea to manually configure the proxy settings if you normally use an automatic configuration script.
Conversely, if no proxy server exists in your environment and there are still proxy server settings in IE, you won't be able to access the Internet either.
Server Problems
If the previous troubleshooting steps don't resolve the issue then server problems might be preventing access to the Internet. It's important at this point to check other machines to see whether they are having the same problem and check from servers to see whether they appear to be running correctly.
Case Study: Joe's Bass Magnets
Essence of the Case
Using Microsoft Internet Information Services allows Joe's Bass Magnets to gain access to a broader audience than it can by having its shop in Little Rock.
Scenario
Joe's Bass Magnets has built a local following in the Little Rock, Arkansas, area by providing some innovative ways to catch bass. Its lures have developed a following in the bass fishing community, and the company is ready to expand.
Armed with Front Page and its new Windows 2000 server, the company creates a simple Web site that shows customers what its lures look like along with some testimonials, including a video clip from former president Bill Clinton.
It configures a section on the Web site for users to place orders, using SSL encryption to keep the credit card numbers of its customers safe during transmission. Because it's a small outfit, the company doesn't have automated order processing yet—all the orders are routed to e-mail where they are processed manually later.
Analysis
In addition to the Windows 2000 server, Joe's Bass Magnets needs to order its SSL certificate from one of the trusted root certification authorities.