Configuring WebDAV on IIS on Windows 2003 server R2

Typically, file sharing is done on the LAN via the file protocol, which is common file sharing, and is typically done using FTP or HTTP protocols on the Internet. But the use of HTTP is generally only one-way sharing, not easy to upload files, the traditional use of FTP. However, Windows Server can also take advantage of WebDAV (Web-based Distributed Authoring and Versioning, distributed authoring and versioning based on the Web) for file sharing.

WebDAV is a communication protocol based on HTTP 1.1. It adds some extensions to HTTP 1.1 (that is, in get, some new methods have been added outside of several HTTP standard methods, such as post, head, so that the application can write files directly to the Web server, and can lock the file when it is written, and then unlock the file. You can also support version control of files. It is said to be expected to replace FTP as a standard way to move files over the Internet.

This article describes specific ways to configure WebDAV on a Windows 2003 server R2 IIS. WebDAV (webdistributedauthoringandversioning) expands the functionality of the HTTP1.1 communication protocol, allowing users with the appropriate permissions to manage files in a WebDAV folder on a remote Web site directly through a browser or Network Neighborhood. We follow these steps to illustrate the way WebDAV functions are used.

To start the WebDAV feature on a Web site

Create a WebDAV virtual directory?

WebDAV client settings?

WebDAV redirector?

Security policy for WebDAV?

1. Start the WebDAV feature on the Web site

For security reasons, IIS does not start WebDAV by default, so you must activate it by starting IIS Manager, expanding the local computer, selecting Web Service extensions, right-clicking "WebDAV" on the right side of Figure 1, and selecting the "Allow" path to start the WebDAV feature.

2. Create a WebDAV virtual directory

The functionality of WebDAV is implemented through a virtual directory, so you should first create a folder for the virtual directory, and we will set the folder name to WebDAV, or you can use a different name. Next we are going to create a virtual directory on the Web site, assuming that the Web site to start WebDAV functionality is the default Web site.

Step 1 Select Start IIS Manager, expand the local computer, select Web site, right-click Default Web site, and select new → virtual directory.

Step 2 when the "Welcome to the Virtual Directory Creation Wizard" screen appears, click the Next button.

Step 3 in Figure 2, set the alias for this virtual directory (for example, WebDAV), and then select the Real folder for this virtual directory.

Figure 2 Creating a WebDAV virtual directory

Step 4 Select the Write and browse permissions as shown in Figure 3.

Figure 3 Setting Access permissions

Step 5 appears when you have successfully completed the Virtual Directory Creation Wizard screen, click the Finish button.

3.WebDAV Client Settings

WebDAV client computers must run the WebClient service, with Windows Server 2003R2 to choose Start, right-click My Computer, select Computer Management, and then check to see if the "WebClient" service has been started as shown in Figure 4. If it is not already started, activate it by right-clicking the service and choosing start. If the service is disabled, change it to "automatic" or "manual" before activating it.

Figure 4 Enabling the "WebClient" service

Users can connect to a WebDAV virtual directory on his or her computer through Internet Explorer or Network Neighborhood.

IE browser mode?

Please start Internet Explorer Select the File menu, select Open, and then enter the URL and choose "Open as Web Folder", as shown in Figure 5, to enter the username and password for a WebDAV folder that has permission to connect.

Figure 5 IE settings

You will see the picture shown in Figure 6 and you will have access to the files in this WebDAV folder, such as adding, modifying, and deleting files.

Figure 6 Using IE method

Network Neighborhood Way?

Take WindowsServer2003 For example, select start → Windows Explorer → network Places, and double-click Add Network Places. There is one more network connection in My Network Places (see Figure 7), which allows users to click the connection to access files within the WebDAV folder, such as adding, modifying, and deleting files.

Figure 7 Network Neighborhood way?

4.WebDAV Redirector (redirect)

WebDAV Redirector (redirection) is a remote file system based on a WebDAV communication protocol that allows WindowsServer2003, Windows XP clients to connect and access WebDAV folders in a way that maps network drives. For example, in Windows XP Professional, you can connect to a WebDAV folder by opening the Windows Explorer → tools → map network drive, and the specified drive is z:, Path is a Web site's IP address WebDAV or the computer name WebDAV. The actual folder for the WebDAV virtual directory does not need to be set as a shared folder. Figure 8 The picture that you see through Windows Explorer after the connection succeeds.

Figure 8 WebDAV Redirector (redirect)

Description: A Web site that provides WebDAV functionality must be a pure WebDAV site that must be cleared of all the headers established by FrontPage, by right-clicking the site, selecting Properties → HTTP headers, and removing all headers from the custom HTTP header.

5.WebDAV Security Policy

To ensure file security within a WebDAV folder, you must set up security for the WebDAV virtual directory and its corresponding real folder. Permissions for WebDAV virtual directories start IIS Manager, then right-click the WebDAV virtual directory, select Properties, and set permissions as shown in Figure 9, where directory browsing allows users to see the files in the WebDAV folder.

Figure 9 Security policy to set WebDAV

If you choose Script Resource access, the user will have the ability to modify the Webadv within the folder for this article description (scriptfile). In addition to the virtual directory permissions here, you also need to view NTFS permissions to determine whether a user has permission to access files in a WebDAV folder. NTFS permissions on a WebDAV folder give the user the appropriate NTFS permissions. First, set the permission for the Everyone group to read only, and then give "write" permissions to individual users, such as the permissions we give the user "user" to write to. Select the authentication user method to start IIS Manager, then right-click the WebDAV virtual directory, select Properties → directory security, click the Edit button at the authentication and access control, and then select the authentication method by using the diagram 10来. Do not choose "Enable anonymous access" to avoid other attacks. Select the more secure authentication method below the screen and select Integrated Windows Authentication.

Figure 10 Set to Windows authentication

Attached to WebDAV and FTP comparison:

FTP requires an operating system account. WebDAV does not need to apply for any operating system account, and it uses a set of well-defined security authentication mechanisms.

FTP all data (including login information) all use plaintext transfer, encryption must be implemented by themselves, such as: You can manually use GPG to do this thing, but after all, is not convenient. With WebDAV, you can use HTTPS to transfer data, and the encryption and decryption operation is done entirely at the lower level.

FTP transmits data less efficiently, requiring a new TCP connection to be opened for each file transfer, and WebDAV transferring all files requires only one TCP connection.

FTP does not travel through firewalls as easily as HTTP, and is much less widely used in wide area networks than HTTP. WebDAV, which is based on HTTP, has all the benefits of HTTP.

The FTP client tool is not easy to use without WebDAV client tools. You've just seen. After the WebDAV server is configured, accessing the Web folder through Windows 2000/XP Web Folders is not as much a difference as accessing a local folder. If your application supports the WebDAV protocol (for example, Word 2000), you can open the files in the Web folder directly and edit them, and then save them directly in the original Web folder.