IST346: Lab Last Update: 4/12/2010 1:18 PM

L10 – Web Services

Overview

In this lab you will explore how setup and configure Web services on the Windows and Linux platforms.

Learning Objectives

Upon completion of this lab, you should be able to

·  Configure Internet Information Services on the Windows Platform.

·  Setup a Windows Server for remote file publishing.

·  Configure Apache, PHP and MySQL on the Linux Platform

·  Setup an configure a LAMP application on Linux

Lab Breakdown

This lab consists of 2 parts:

  1. Setting up and configuring Web services on Windows
  2. Setting up and configuring Web services on Linux

Requirements

Before you start this lab you will need:

  1. Your PSD (Portable Storage Device) connected to a lab computer, or a computer running VMware Server 1.09 / VMware Workstation 6.X.
  2. You must complete L09 prior to working on this lab.
  3. These virtual machines, from the VM Garden, on your PSD:
  4. Win2008x (Windows Server 2008) – acting as the server (domain, file, web)
  5. Vista1 (Windows Vista) – acting as a workstation
  6. Centos5 (Centos Linux 5) - acting as a web server
  7. All virtual machines must be configured on VMNet8 with subnet 192.168.80.0

Part 1 – Web Services on Windows

Overview

In this first part we will configure web services on Windows. The primary HTTP server on the windows platform is Internet Information Services, or IIS. IIS is a powerful and highly configurable web platform; I encourage you to read more about IIS by visiting http://learn.iis.net/

The goal for this part of the lab will be to configure IIS on your Win2008x virtual machine. We will setup the web server, and then share out the main folder where the web server is running so that client computers (in this case the Vista1 virtual machine) can publish files to the website. Once the server-end is configured, we will test the configuration on the workstation.

1.a Installing the IIS role on the win2008 server

On the Win2008x virtual machine, logged on as Administrator, install the IIS role. I will not provide instruction how to do this. If you need specific instructions for how to do this, please visit:

http://learn.iis.net/page.aspx/29/installing-iis-70-on-windows-server-2008/

Be sure to install the ASP.NET as per the instructions.

To check that you have IIS installed correctly,

  1. logon to your Vista1 virtual machine as titupp (Tally Itupp)
  2. Open up the internet explorer web browser
  3. Enter the url http://win2008x.ad.fauxco.com you should see the IIS welcome page.

IMPORTANT: If this is not working, it’s time to use the troubleshooting skills you’ve learned so far. You might want to try these out anyways just to get a feel for the process. Remember, use the outside-in approach:

·  Is the service required for HTTP to work, DNS working? Use nslookup for this

·  Does the server respond to pings? Use ping for this

·  In the web service port open and available? Use nmap for this. Check the firewall on the server.

Once you know for certain the web server is up and running you may move on to 1.b

1.b Our Active Directory Security Configuration for web publishing

In this next step, we will setup the file structure and security necessary to facilitate web publishing for this particular example. What we’re going to do is make an Active directory group, and then give that group permissions to write files into a file share that will also serve as our website.

On the Win2008 virtual machine, logged on as Administrator:

  1. Create a user group called web-publishers-group in the Active Directory Users and Computers Utility. (Or using the command line, of course)
  2. Add the users tally itupp and bob enweave to this group.
  3. Create a folder called website in the C:\shares folder
  4. Set the security on this folder.
    Break security inheritance on the c:\shared\website folder. (we did this in the File sharing labs ago) Bring up the Security tab under the Properties dialog. Click on Advanced and then Edit. And then clear the checkbox titled Include inheritable permissions from this objects parent.

    And copy the permission entries.

    Click Ok until you’re back at the Security dialog. You should now be able to edit the access controls. Click edit and change the existing permissions:
    Everyone and Users should have these permissions:

    (this allows anonymous users to visit the website. If everyone is not there, add it.)
    and the web-publishers-group and Administrators should have these permissions:

    (this allows admins and web publishers to copy files to the share)
    Click Ok until back at the properties dialog, then click close.

Next we should test our file permissions by verifying that a user of the web-publishers-group can write files to the website file share.

From your Vista1 virtual machine logged on as titupp (Tally Itupp)

  1. Browse to the \\win2008x.ad.fauxco.com\shares folder as you’ve done in previous labs. (Start-> run)
  2. Create a new text document in the website folder. If you can save the document, then your permissions are correct.
  3. Delete the document.
  4. If you can create and delete the document, then you setup the security properly.

1.c Configure IIS to use our website folder, and publish files.

In this final step we will configure IIS to use the folder we created in the previous step and then publish files to our website from the Vista1 workstation.

On the Win2008x virtual machine, logged on as Administrator:

  1. Open the Internet Information Services Manager utility under Server Manager. NOTE: If you’re not seeing it then you need to restart the Server Manager Utility.
  2. Browse the connections until you have selected the Default Web Site.
  4. Click on Basic Settings to change the location of the default folder for the website. Currently it is set to %SystemDrive%\inetpub\wwwroot you will change it to c:\shares\website like so:
  5. Click Ok when done.
  6. Finally restart the website. Click back on Default Web Site and then click the restart link under manage website

Now that we’ve changed the location of the website files, it is time to publish files to the website.

From your Vista1 virtual machine logged on as titupp (Tally Itupp)

  1. Download the website.zip example website package file from the place where you got this lab. Place the .zip file on your desktop in your vista1 virtual machine.
  2. Double-click to open the website.zip file copy the contents to \\win2008x.ad.fauxco.com\shares\website
  3. Open internet explorer and visit http://win2008x.ad.fauxco.com you should see the Fauxco.com website:

Note: If it does not work, check your install of IIS, did you enable the ASP.NET role service? Did you change IIS to use the proper directory? Did you copy the files directly into the \\win2008x.ad.fauxco.com\shares\website folder from vista1?

NOTE: In the next section we will get the Blog working (the link on the page of the website you created).

Part 2 – Web Services on Linux

Overview

In this next part we will configure web services on Linux. We will configure the LAMP stack on the Centos5 virtual machine and then configure a popular blog application wordpress. The end game is to get wordpress to talk to your active directory so that your users can logon to the application using their existing accounts in Active Directory.

2.a Putting DNS to work for you.

When you set-up a service, you want that service to be easy for end users to locate. This is the rationale behind DNS. For example if you want to search for something you just type http://www.google.com imagine if you had to actually enter google’s IP address http://66.249.81.104 just to search? Ouch.

Let’s setup our centos5 server to resolve to the DNS name blog.ad.fauxco.com so that when employees want to find our blog they can just type in http://blog.ad.fauxco.com

A few labs back we configured DNS to run on the win2008x virtual machine. In fact, it was a requirement for Active Directory. The plan is to get the IP address for the Centos5 virtual machine and then enter a DNS record into the DNS running on win2008x.

First, let’s recall the golden rule of services.

A server running a service should have a static IP address.

Since we’ll be running a blog on the centos5 virtual machine we should first set the IP address and DNS client configuration.

Setting the DNS client and static IP address in Centos5

  1. Make sure Centos5 is using the VMNet8 network, if not, change the network and reboot the server.
  2. Logon to Centos5 as root with password SU2orange!
  3. From the menu, select System à Administration à Network. You should see this dialog:
  4. Double-click on the eth0 configuration to edit it.
  5. From the Ethernet Device dialog, select, Statically Set IP address and enter the following information:
  6. When you’re ready, click OK to dismiss the dialog and return to the network configuration.
  7. Click on the DNS tab and enter the following information (remember servers on our network use Active Directory for DNS).
  8. Return to the Devices tab, and select File à Save to save the configuration and then and click Activate to activate the new configuration. (Note: you might have to save, click Deactivate then click Activate).
  9. Open a terminal window, and verify your network setup is correct and name resolution works. If you can tracert some host on the internet, like www.syr.edu then you know you’ve got it configured properly. Do not proceed until you are certain you have it configured properly!

Setting DNS names on the DNS server

Once everything’s good, it’s time to add an entries to DNS. On the Win2008x virtual machine, logged on as Administrator:

  1. Using Server Manager open the forward lookup zone ad.fauxco.com under the Win2008 DNS Server.
  2. Right-click on ad.fauxco.com and select New Host. Fill in the dialog:

    Click Add Host and then close the dialog.
  3. Remember most servers have at least two names, one internal name (in this case it’s centos5) and then a functional name which helps the user indentify the role of the server. In this case we want: blog.ad.fauxco.com So right click again on ad.fauxco.com and add a new alias or CNAME record, like this:


And click OK when you’re done.

  1. When you’re finished make sure BOTH names resolve. Open a command prompt, and type:
    nslookup blog.ad.fauxco.com it should resolve to your IP address. Do the same for centos5.ad.fauxco.com. Make sure this is correct before you continue!

2.b Installing the LAMP roles onto Centos5

Next we will install the LAMP (Linux, Apache, MySQL, PHP) roles into the Centos5 Linux server. You can read this blog for specific steps on how to do this:
http://www.techiecorner.com/125/how-to-install-lamp-apache-php-and-mysql-in-linux-using-yum/

From the Terminal Window of the Centos5 virtual machine logged in as root:

  1. Type this command to install the required packages from the internet:
    yum install httpd php mysql mysql-server php-mysql
    this will install the required lamp components using the yum package manager.
  2. Make sure the MySQL database server and the Apache web server will launch at startup, type:
    chkconfig mysqld on and then
    chkconfig httpd on
  3. Start the Apache and MySQL servers, type:
    service httpd start and then
    service mysqld start
  4. Set the MySQL admin (root) password to SU2orange!, type:
    mysqladmin -u root password 'SU2orange!'
  5. Finally write a test.php script to verify everything is working. By default the Apache web server stores files in the path /var/www/html, so let’s create the document there, type:
    nano /var/www/html/test.php
  6. This will open the nano editor. Inside the editor type:
    <?php phpinfo(); ?> and then press ctrl+x to exit, and y to save.
  7. Verify the test.php file exists, type:
    ls –l /var/www/html/ to list the files in the folder (that’s a lowercase “L” not a “one”). You should see the test.php file that you created.
  8. Now open up the Firefox browser on the centos5 virtual machine and visit:
    http://blog.ad.fauxco.com/test.php for example:

Important: You must make sure the test.php page works before you can continue.

2.c Installing word press blog software

Once you have LAMP configured it’s time to install your first LAMP application – Wordpress.

These instructions to explain how to install wordpress: http://codex.wordpress.org/Installing_WordPress

Here are some more step-by-step instructions, from the Terminal Window:

1.  Create the wordpress database in mysql. Type:
mysqladmin create wordpress –p
This will prompt you for the MySQL root password, enter SU2orange!
If you don’t see an error, then your database was created. Time to install the blog software.

2.  We will install to /var/www/html/ so first type,
cd /var/www/html/ to change into the website folder.

3.  Next, download the Wordpress tarball package:
wget http://wordpress.org/latest.tar.gz

4.  Once it’s downloaded, you can extract the tarball with
tar –zxvf latest
(press the TAB key to complete) if you cannot find the file, try wordpress in place of latest.
This will extract the files from the tarball to the folder wordpress

5.  So we need to move the files out of the wordpress folder and back into the root web folder. Type:
mv wordpress/* . ç (yes, you need the period “.” At the end here – the period refers to the current folder.)
This will move all the files out of the wordpress folder into the current folder (the root web folder).

6.  The next thing you need to do is change the permissions and ownership on the files so that you can configure wordpress via a web browser.
Change the file owner to apache for all files in this folder
chown apache:apache –R *
Then give write permissions to the folder itself:
chmod a+w ../html

7.  Next go back to your Firefox browser on the centos5 virtual machine and visit:
http://blog.ad.fauxco.com you should see: