David
Sun Mar 09 21:41:34 CDT 2008
On Mar 9, 11:46=A0am, Le Chaud Lapin <jaibudu...@gmail.com> wrote:
> On Mar 9, 7:51=A0am, David Wang <w3.4...@gmail.com> wrote:
>
> > > I checked the services table and it was set to manual. I'd never
> > > touched it since I installed Vista, not once.
>
> > When IIS7 is installed, the service is set to start automatically.
> > Since you didn't touch it, I can only assume you ran some [security]
> > tool as Administrator that changed it.
>
> > > And blaming Microsoft is not pointless.
>
> > Blaming/Venting is rarely useful. For example, I would be one of those
> > people that you are trying to reach within Microsoft where your
> > comments are supposed to help me in a class struggle with other IIS
> > decision makers who never really interact with the IIS community to
> > know what it wants.
>
> Well =A0Blaming/Venting is a form of complaining, and if you think about
> it, most opinionated articles written by peope in an extreme state of
> discontent are actually blames/vents. I never saw myself as an agent
> of change, but for example, recently, I was utterly digusted with what
> I perceived to be Microsoft's deliberate attempt to portray C++/CLI as
> pure C++, and I blamed/vented about it, and as a result, the name of
> their C++/CLI article was changed from "Pure C++." to ".Netting C++",
> to indicate that they were in fact, changing C++ to conform to
> their .NET. =A0I also discovered through colleagues that my very sloppy
> blaming/venting on USENET was being quoted by people who actually
> blame/vent for a living (technical writers for technical
> publications). =A0I also discovered that at least one committee member
> who takes a part in deciding whether C++ should be fundamentally
> changed to accommodate anything was, again, quoting my sloppy blaming/
> venting about Microsoft trying to claim C++/CLI was a "natural
> evolution" of C++.
>
> So blaming/venting is can be very useful. =A0Fortunately, we live in a
> country where such blaming/venting is not only encouraged, but is
> fundamentally integrated into our political philosophy.
>
> I also know that, if I were an engineer working on SnaggleSnits, I
> would occasionally take a peek in forums where users of my
> SnaggleSnits lurked to see what they were saying about my product.
> Politely saying, "The Windows/IIS security model is unnecessarily
> difficult.." or "..Web Folders sometimes fails..." is silly in my
> opinion. =A0The engineeer(s) who designed the IIS security model already
> *know* that. They also know that Web Folders had bugs in it.
>
> What we, as users, need to do, is not express that which is already
> known, but to convey our extreme state of discontent, so when the
> little voice in the engineer's head starts asking, "Hmm...wonder if I
> should fix this, no, ...well...I guess my sers can figure it
> out...they always do..." they can remember that ..nooooo we *DO* want
> to them to get it right. =A0Before the fact. Yes Really.
>
> > However, you really haven't offered me anything of value. All I see is
> > a venting of frustration.
>
> Very frustrated.
>
> > I also see no concrete evidence that there is an issue with IIS7 or
> > the WebDAV component/installation. I only see evidence that you could
> > not get it to work, but that hardly indicates the problem is with IIS7/
> > WebDAV. Perhaps the problem is with other software in your advanced
> > technologies research or non-clean OS environment. Please consider
> > alternatives, or at least give concrete evidence why it *must* be an
> > IIS7 issue.
>
> Here is what I have done so far:
>
> First, in defense of the WebDAV people, I did read at the download
> page for WebDAV for IIS 7.0 that will only run on Windows Server
> 2008. =A0I *guessed* that there is nothing technically limiting to keep
> it from running on Vista Home. =A0We all know that any such limitation
> would probably be artificial - that intentionally preventing certain
> applications from running on client versions of the OS is Microsoft's
> way of achieving product (and hence price) stratification, which I
> would be OK with - that's just business. :)
>
> Nevertheless, I installed WebDAV on Windows Vista Ultimate, hoping it
> would work, and after setting the Windows Process Activation Service
> to automatic, the WebDAV icon showed up in the IIS 7.0 GUI.
>
> Then I looked around a bit trying to make sense of what was what..the
> security and access control model, and again, it was not
> straightfoward, so I figured I would just enable everything possible
> just to get moving, then backtrack and understand what was what, and
> tighten as necessary.
>
> My configuration is:
>
> Windows Vista Home, hosting all software under discussion, including
> IIS 7.0, Visual Studio, 2005, Visual SourceSafe 2005, WebDAV for IIS
> 7.0. =A0My personal login is in the Administrators group. =A0UAC is off.
>
> I started fist with IIS 7.0. =A0I enabled all 4 forms of Authentication
> (anonymous, etc.) and checked that I could browse pages with IE on my
> web site. =A0I did this at each level on the hierarchy, starting at the
> root, the the site-level node for web site, then the virtual
> directories that VSS creates when one checks checkbox on VSS Admin GUI
> dialog box to enable HTTP access from Visual Studio.
>
> Then I went to VSS Admin and created a new empty database at F:\Foo
> and =A0shared this database using Windows Explorer, and gave every type
> of access I could possibly find to all users of this database at OS
> level, including read, write, etc. =A0I then opened the database via the
> UNC share path in VSS Admin, and checked the GUI box noted above.
>
> Then I went to Visual Studio 2005, following steps to set up HTTP
> access to the VSS repository just created. =A0I declined to use SSL, set
> plug-in to Internet, etc. =A0Then I remembered that I had this entire
> set up working on Windows 2003 Server instead of Vista Home, so I
> disabled Anonymous authentication on web site. =A0I took an existing
> Visual Studio 2005 solution to add to the virgin VSS database. =A0When I
> did "add solution to source control", I walked through the steps as
> they came choosing location to be:
>
>
http:///www.mycompanyname.com
> \\MyServerName\Foo
>
> It told me that web site was wanting username/password, so I gave it,
> and then:
>
> I get the warning , "You are about to access yada over HTTP...do you
> want to do this?"
>
> I click YES.
>
> It seems like it's doing something....then there are a bunch of red
> check boxes, and I get the exact same behavior identitfied by this
> link:
>
>
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=3D8846&SiteID=3D1
>
> I followed the "Answer" portion of this link, checking the ss.ini file
> multiple times. =A0I checked the virtual folders to try to add write
> access, which is a bit meaningless to me, as I do not understan what
> it means.
>
> I right click Edit Permissions...
>
> A dialog pops up. On General tab, there is Attributes section with
> checkbox that says:
>
> "Read-only (only applies to files in this folder). "
>
> I clear this checkbox. close dialog. Open dialog. Check box is not
> cleared anymore. =A0Ok, so punt on that.
>
> I go to Windows Vista, IIS 7.0, VSS, and manually set all passwords to
> be identical for the user, and specify impersonation through out.
> That does not work.
>
> Anyhow you get the point. =A0I've fiddled with this for 37 hours now
> with no luck.
>
> > I realize that from your perspective you perceive anything which you
> > configure and does not immediately working should be blamed on someone
> > else, like Microsoft's. However, realize that from my perspective,
> > reported issues with IIS are usually user-specific issues.
>
> > For my part, I have to say that for WebDAV extensibility to work, you
> > need to have the module configured and enabled on a per-URL basis,
> > have the UI extensibility module installed, and the config extension
> > installed and configured. If you've yanked out things to make
> > your .config work, then I doubt WebDAV is functioning correctly
> > regardless of what is shown in the UI. Since we have a totally
> > configurable system in IIS7, the UI only shows what is possible to be
> > configured, not whether the feature works or not.
>
> I have avoided editing the config files manually. I did take a peek at
> SS.INI as noted above, but beyond that, I have stuck with the GUI.
>
> One thing that would be extremely helpful to me is to know if anyone
> is accessing a VSS repository sitting behind IIS 7.0 on Vista Home
> over the Internet from VS 2005.
>
> -Le Chaud Lapin-
It seems like your issues are more related to Visual Source Safe than
IIS.
I can think of several things working against you in your scenario of
VS2005 with VSS2005 and IIS7.
1. "Home" OS SKUs like Vista* are like OS with training wheels, which
can be frustrating to folks that know what they want -- but no amount
of complaining will ever change this trend. There are more complainers
saying the OS is too complicated for the general public and since that
customer segment is larger, they win.
These OS SKUs fundamentally do not expect to run servers/services on
them, so they have appropriate restrictions. For example, UNC folder
sharing is disabled on them unless you walk to some UI to enable them,
ACLs are "simplified" unless you walk to another UI and change to the
real version, and so on. Any one of those "simplifications" can be
incompatible with what you are trying to do, so please do be aware of
the "training wheel" interference.
2. It is not clear which Vista Home SKU you are using. As part of the
"stratification" you mentioned earlier, various parts of IIS are
turned on/off and enabled/disabled differently than on the Server SKU.
Of course, Microsoft is not obligated to publish these details
(confusing to most people), and it meets its responsibility
requirements by announcing "this feature is supported on OS SKU X". It
says nothing about whether it is supported on OS SKU Y, so you are
literally on your own. Any services not behaving as it should -- it is
your responsibility to figure out.
3. It seems very weird that you had to provide both HTTP (WebDAV) and
UNC paths when setting up your VSS solution. And the URL you reference
showed access being done over WebServices. So, I literally see three
different routes of access in your scenario and no clear evidence that
WebDAV is the broken part of it. Of course VSS is supposed to give you
logs and support to diagnose your issue -- IIS is only the web server,
so while it can tell you the WebDAV and WebService traffic and what
happened on them, it is VSS's responsibility to help you make sense of
what happened on your end-to-end scenario.
Frankly, I see lots of evidence pointing towards Visual Source Safe
integration as what you are having issues with. Of course, the OS
limitations may have something to do with it as well. But, what is
clear is that since you are running WebDAV on IIS7 in an unsupported
scenario, you are taking responsibility for any misconfigurations on
IIS7, so it is not possible for IIS7 to be responsible for the
problem.
So, while I am honored that you chose to do your venting here, I do
not think we can do anything for you other than listen and jabber. :-)
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//