Note: This could be any file really, just happens to be video files for this post.
It has been a long time coming, but here’s a post that is more Microsoft based than what I normally write about …
Essentially, we have a CIFS share with videos in, and to test if there’s any difference in behaviour accessing videos over the share, we want to setup IIS 6 (Windows 2003 R2 SP2) and IIS 7 (in Windows 2008 R2 SP1) to allow web-based delivery of these video files.
The IIS 6 Setup
Note: We can leave the Default Web Site with the default settings (which include anonymous authentication enabled and no directory browsing.)
Firstly, right-click the Default Web Site, and choose New > Virtual Directory... (saves reconfiguring the Default Web Site - leaves it untouched)
Image: IIS 6 New Virtual Directory
Follow through the wizard giving an alias of say ‘videos’:
Image: IIS 6 VDCW Virtual Directory Alias
For the web site content directory we enter the share path name:
Note: Test you can get to this share first via Windows Explorer.
Image: IIS 6 VDCW Web Site Content Directory
For the credentials, since this is going to be a video repository that anyone can get to, un-tick the ‘Always use the authenticated user’s credentials’ and enter a user name and password which has access to the share, and NTFS permissions to the files
Image: IIS 6 VDCW Security Credentials
All we need is read permissions (we’ll add browse too, this isn’t a requirement though.)
Image: IIS 6 VDCW Virtual Directory Access Permissions
That’s pretty much it. If we have a video called movie.mpg and our web server is called IIS6, the following link should open up with the movie:
The IIS 7 Setup
The IIS 7 setup is pretty much identical.
Firstly, right-click the Default Web Site, and choose Add Virtual Directory...
Image: IIS 7 Add Virtual Directory
Enter ‘videos’ for alias, enter the physical path (the share), click on ‘Connect as...’ and provide the login.
Image: IIS 7 Configure Virtual Directory
And that’s it (we don’t even need directory browsing, and by default it selects anonymous authentication.) A link like the below should deliver our movie.
Unrelated note (but we like it anyway) - just something discovered in the process of writing this - take it for a spin:
To create a local windows user in Windows with a random password (displayed on screen) via the DOS shell>
net user “xerxes” /add /random
No post can escape without a little of my passion for NetApp ... Of course, the CIFS share in question was on NetApp storage, and the main purpose of my lab was to convince myself a problem was an IIS configuration issue ...
Some commands to investigate CIFS share permissions, and more, on NetApp Clustered ONTAP:
cifs options show -vserver svm1
export-policy rule show -vserver svm1 -policyname default -instance
vserver name-mapping show -vserver svm1 -direction win-unix
vserver name-mapping show -vserver svm1 -direction unix-win
cifs share show
vol show -fields policy,junction-path,junction-parent
Note i: Volumes/Qtrees acting as just CIFS shares would usually have the default export-policy.
Note ii: Only using set diag here because it usually gives more detail in the output.