Configuring IIS Web Server Share

The BMC Server Automation infrastructure requires a web server to provision Linux or ESX operating systems.

Although no requirements exist concerning which web server to use, IIS and the Apache web server are typically used. This section describes how to configure IIS to correctly and securely provide the necessary files for provisioning.

Configuring IIS on Windows 2003

For versions earlier than IIS version 7, validate the following settings in IIS Manager, under Web Service Extensions.

Configuring IIS on Windows 2008

For IIS version 7, use these procedures to validate your configuration:

1. Open IIS Manager and view the ISAPI and CGI Restrictions.
   
   
2. Click the data store site and open the MIME Types. In the following example, the data store site name is pxestore.
   
3. If needed, change the configuration, adding or editing the following two entries:
   • Extension .rpm with MIME type text/plain. (The .rpm entry might already exist)
   • Extension .* with MIME type text/plain.
     
4. Verify that the Edit Request Filtering Settings are set as shown in the following example:
   
5. (Optional) Browse the data store web directory and validate that you can open RPMs and other files. If you cannot open files, troubleshoot the issue now to prevent error messages later about the inability to download the file types. For troubleshooting hints, see the next section.
   

Troubleshooting IIS configuration

This section describes common issues with IIS and recommended fixes.

1. To allow IIS to serve libstdc++ RPM files, create a configuration file named web.config in the default web root folder of the website (the default is c:\inetpub\wwwroot). Include the following XML content in this configuration file:

   <?xml version="1.0" encoding="UTF-8"?>
   <configuration>
      <system.webServer>
          <directoryBrowse enabled="true" />
          <security>
              <requestFiltering allowDoubleEscaping="True"/>
          </security>
      </system.webServer>
   </configuration>
   

2. If the following messages appear during provisioning, IIS is not configured properly. See the previous sections about configuring IIS.
   
3. If the following type of message appears, check that the MIME types are configured correctly in the IIS web server. Otherwise, files cannot be served correctly. For information about configuring the MIME types, see the previous procedure.
   

Sharing the Data Store through an IIS Web Server

Use this procedure to share the data store through an IIS web server. In IIS, you can define a virtual directory that corresponds to the data store.

1. In IIS, right-click Default Web Site and select Add Virtual Directory.
2. Configure the directory as follows:
   1. Name: Create a name for the shared data store.
   2. Physical Path: Browse to the data store directory.
   3. Click OK.
3. Click the server in IIS. Under Features, select Directory Browsing.
4. Click Enable.
5. Right-click the data store virtual directory and select Edit Permissions.
6. Click the Sharing tab and click Share.
7. Add the Everyone user and the pxeuser user, both with Read access. Click Share and then click Done.
8. Open IE and browse to the data store. For example, go to http://localhost/<data_store_name>. The following example shows the expected results if the virtual directory was named pxestore.
   
9. (Optional) In IIS, return to the data store virtual directory and remove Everyone from the list of users that have access.
10. (Optional) In IE, verify that now you cannot anonymously browse the data store directory.
11. Navigate to Administrative Tools > Local Security Policy.
12. Under Security Settings, click Local Policies and double-click Security Options. Set the policies as follows:
    • Network security: Do not store LAN manager hash value on next password change = Disabled
    • Network security: LAN Manager authentication level = Send LM & NTLM responses