Windows DevCenter    
 Published on Windows DevCenter (http://www.windowsdevcenter.com/)
 See this if you're having trouble printing code examples


O'Reilly Book Excerpts: Windows Server Cookbook

Cooking with Windows Server, Part 2

by Robbie Allen

In this excerpt from Robbie Allen's Windows Server Cookbook, Robbie shows you how to build Web sites and how to mailbox-enable users.

Creating Web Sites

Problem

You want to create a web site.

Solution

Using a Graphical User Interface

To create a new web site from scratch using a wizard, do the following:

  1. Open Internet Information Services (IIS) Manager.

  2. In the left pane, expand the server node.

  3. Right-click on the Web Sites node, select NewWeb Site to start the Web SiteCreation Wizard, and click Next.

  4. Type a descriptive name for your site and click Next.

  5. Assign an IP address to your site and click Next.

  6. Related Reading

    Windows Server Cookbook
    For Windows Server 2003 & Windows 2000
    By Robbie Allen

  7. Specify the path to the home directory for your site, decide whether to allow anonymous access to your site, and click Next.

  8. Specify web permissions to control access to your site and click Next, then Finish.

To create a new web site using a previously saved configuration file, do the following:

  1. Open Internet Information Services (IIS) Manager.

  2. In the left pane, expand the server node.

  3. Right-click on the Web Sites node and select NewWeb Site (from file).

  4. Specify the path to the XML file containing your saved IIS configuration, click Read File, select the web site you want to import, and click OK.

  5. If the saved configuration was password protected when it was created, you'll be prompted here for a password; enter it and click OK.

  6. Right-click on the new web site and select Start.

Using a Command-Line Interface

The following command creates a new web site named Human Resources on server with IP 216.44.65.8 and root directory D:\HR:

> iisweb /create D:\HR "Human Resources" /i 216.44.65.8

The following command creates a new site named My Company with root directory D:\Corp and IP address "All Unassigned," effectively making My Company the new default web site on the server:

> iisweb /create D:\Corp "My Company"

The following command creates a site on a standalone server named web04 using local credentials for that computer and leaving the site in a stopped state:

> iisweb /create D:\Finance "Accounting Department" /i 216.44.65.8 
/dontstart /s web01 /u web04\Administrator /p <password>

The following command creates a site by importing a previously saved password-protected site configuration file named hr.xml:

> iiscnfg /import /f D:\hr.xml /d <password> /sp /lm/w3svc/1525757177 
/dp /lm/w3svc/2/child

The ID number 1525757177 for this site can be found by opening the XML file in Notepad and examining the Location attribute of the IisWebServer tag. For example:

<IIsWebServer    Location ="/LM/W3SVC/1525757177"
        AuthFlags="0"
        ServerAutoStart="TRUE"
        ServerBindings="172.16.12.50:80:"
        ServerComment="Human Resources"
    >
</IIsWebServer>

TIP: You can also retrieve this identifier from IIS Manager by clicking the Web Sites folder in the left pane. The list of web sites and their identifiers will be shown in the right pane.

Using VBScript

' This code creates a web site.
' ------ SCRIPT CONFIGURATION ------
strComputer = "<ServerName>" ' computer to connect to
strSiteName = "<SiteName>"   ' web site description
strRootDir = "<DirPath>"     ' root directory for the web site
' The following parameters are optional
' strPort = "<PortNumber>"     ' port for the web site
' strIP = "<IPAddress>"        ' IP address used for the site
' strHostHeader = "<HostName>" ' host header name for the site
' strSiteID = 1234             ' site ID (default is to auto-generate)
' ------ END CONFIGURATION ---------
set objIIS = GetObject("IIS://" & strComputer & "/W3SVC" )
objServerBindings = Array(0)
objServerBindings(0) = strIP & ":" & strPort & ":" & strHostHeader
strNewSiteID = objIIS.CreateNewSite(strSiteName, objServerBindings, _
                                    strRootDir, strSiteID)
WScript.Echo "Successfully created web site " & strSiteName & _
             " with ID " & strNewSiteID

Discussion

If you leave the IP address for your new site as All Unassigned, your new site will be the default web site for your computer, which is the web site the server returns when a browser tries to access an IP address not currently assigned to another site. For example, if a computer has three IP addresses--172.16.12.50, 172.16.12.51, and 172.16.12.52--and only the first address has been assigned to a site, then opening the URLs http://172.16.12.51 or http://172.16.12.52 will return the default web site. It's a good idea to have a default web site configured with general contact information about your company on a server that will be hosting many sites. Note that if there is already a web site that has All Unassigned for its IP address (such as the Default Web Site created when IIS is installed) then if you assign All Unassigned to another site you won't be able to start that site.

Host headers are a feature of the HTTP/1.1 specification and allow IIS to host multiple web sites that have the same IP address and port number but different DNS identities. You can't use host headers for sites that use SSL, however, and to use host headers you must have DNS name resolution working on your network. Also, don't assign any host header names to the Default Web Site. One good side of host headers is that when you have thousands of web sites hosted on a single IIS computer, using host headers to identify them incurs a smaller performance hit than using individual IP addresses.

Using VBScript

The one tricky thing about this code is setting up the ServerBindings array. For whatever reason, instead of making the web site IP address, port, and host header part of the parameters to the CreateNewSite method, they must be concatenated together in an array element and separated by a colon.

See Also

Recipe 12.4, Recipe 12.17, MS KB 304187 (IIS: Home Directory Cannot Point to Mapped Drives), and MS KB 816568 (HOW TO: Manage Web Sites and Web Virtual Directories by Using Command-Line Scripts in IIS 6.0)

Mailbox-Enabling a User

Problem

You want to create a mailbox for a user. This is also known as mailbox-enabling a user.

Solution

Using a Graphical User Interface

  1. Open the ADUC snap-in.

    TIP: This needs to be run on a workstation or server that has the Exchange Management Tools loaded (see Recipe 17.6).

  2. If you need to change domains, right-click on Active Directory Users and Computers in the left pane, select Connect to Domain, enter the domain name, and click OK.

  3. In the left pane, browse to the parent container of the user, right-click on the user, and select Exchange Tasks.

  4. On the Welcome screen, click Next.

  5. Select Create Mailbox and click Next.

  6. Verify the mail alias is what you want, select the server you want the mailbox on, select which store where you want the mailbox, and click Next.

  7. On the Completion screen, click Finish.

Using a Command-Line Interface

> exchmbx -b "<UserDN>"-cr"<server>:<storage group>:<mail store>"

Or alternatively, run the following command:

> exchmbx -b <UserDN> -cr"<Home MDB URL>"

To mailbox-enable user joe with a mailbox on Exchange Server SRV1, Storage group SG1, and mailbox store DB1, execute the following command:

> exchmbx -b "cn=joe,cn=users,dc=rallencorp,dc=com"-cr "srv1:sg1:db1"

TIP: I highly recommend that you keep your storage group and mailbox store names short, simple, and "space" free. Spaces are troublesome to deal with at the command prompt and have caused many administrators unneeded grief. If you do not use spaces and other special characters, you can dispense with the quotes in all of the command-line examples.

Replace <UserDN> with the user's distinguished name, <server> with the Exchange server name, <storagegroup> with the storage group, <mailstore> with the mail store, and <Home MDB URL> with the full homeMDB URL for the desired mailbox store.

Using VBScript

' This code creates a mailbox for a user.
' ------ SCRIPT CONFIGURATION ------
strUserDN = "<UserDN>"   ' e.g., cn=jsmith,cn=Users,dc=rallencorp,dc=com
strHomeMDB = "<Home MDB DN>" 
' e.g. CN=Mailbox Store (SERVER),CN=First Storage Group,CN=InformationStore,
' CN=SERVER,CN=Servers,CN=First Administrative Group,CN=Administrative Groups,
'      CN=RALLENCORPMAIL,CN=Microsoft Exchange,CN=Services,
'      CN=Configuration,DC=rallencorp,DC=com"
' ------ END CONFIGURATION ---------
set objUser = GetObject("LDAP://" & strUserDN)
objUser.CreateMailBox strHomeMDB
objUser.SetInfo( )
Wscript.Echo "Successfully mailbox-enabled user."

Discussion

A mailbox-enabled user is a user who has a mailbox defined in the Exchange organization where the user object exists. This is the most common object in an Exchange organization.

TIP: Mailbox-enabling a user requires Exchange Data Administrator permissions. See the Discussion for Recipe 17.7.

When you create a mailbox for a user with the GUI or VBScript, you call out to the CreateMailbox CDOEXM interface. In the background, the specific changes made by the CreateMailbox method are on the user object in Active Directory and include changes to the following attributes:

Once all of those attributes are in place, the RUS sets additional attributes on the user object. The mailbox cannot be used nor receive email until the RUS has gone through this stamping process.

Using a Graphical User Interface

Creating a mailbox when you create a new user is a trivial task with ADUC because you simply need to specify the email alias and where in the Exchange organization the mailbox should reside. All of the guesswork on where the mailbox can go is removed because you have to select the location from the drop-down menu.

Using a Command-Line Interface

Prior to the ExchMbx tool, there was no simple way to mailbox-enable a user from the command line. The LDIFDE method is not feasible because the msExchMailboxSecurityDescriptor attribute is a binary value and difficult to manipulate with LDIF files and text editors. For flexibility, ExchMbx allows you to specify the entire homeMDB URL, or you can specify the server, storage group, and mailbox store.

TIP: If you want to mailbox-enable multiple users at once, remove the -b option from the parameter list and pipe the distinguished names into ExchMbx from another tool or from a file. Run exchmbx /? for usage details.

Using VBScript

The trickiest part of creating a mailbox for a user with VBScript is to know what to use for the homeMDB attribute. If you use the wrong value you will get the error: "The server is not operational," which isn't helpful feedback. This is where the GUI method is nice, because it looks up all of the possible values for you and lets you select from the list.

I present an alternative scripting method in Recipe 17.16, which lets you specify three well-known pieces of information to locate the proper homeMDB value. Finally, another alternative would be to search Active Directory for all valid homeMDB values, display them, and have the person running the script select from the list just like ADUC does. This third method involves searching against the Configuration container of Active Directory with the following filter: (objectcategory=msExchPrivateMDB).

See Also

MS KB 275636 (Creating Exchange Mailbox-Enabled and Mail-Enabled Objects in Active Directory) and MS KB 253770 (XADM: Tasks Performed by the Recipient Update Service)

Robbie Allen is the coauthor of Active Directory, 2nd Edition and the author of the Active Directory Cookbook.

Windows Server Cookbook

Related Reading

Windows Server Cookbook
For Windows Server 2003 & Windows 2000
By Robbie Allen

Return to the WindowsDevCenter.com.

Copyright © 2009 O'Reilly Media, Inc.