SmartCloud tip: Set up a Windows file server

Configure an FTPS/SMB file server on a Windows Server 2008 R2 using persistent storage

Set up a Microsoft Windows Server 2008 R2 on the IBM Cloud so that it can act as a file server. This article details the steps to configure an FTPS and SMB file server using persistent storage; this enables the cloud user to upload and download files to and from instances in the cloud and facilitate data exchange.

View more IBM Cloud tips

Mihai Criveti (mihai.criveti@ro.ibm.com), IT Architect, IBM

Mihai Criveti photoMihai Criveti is an IT Architect mainly focused on cloud computing and virtualization. His interests are cloud computing, virtualization, enterprise architecture, SOA, middleware, digital forensics, and UNIX systems.



Boas Betzler, Senior Technical Staff, IBM

Boas Betzler is a senior technical staff member and member of the IBM Academy of Technology. He has worldwide responsibility for the image center of both the public IBM Compute Cloud and the IBM Shared Private Production Cloud.



14 March 2011

Also available in Japanese

tip informationIn this article, technology experts for the IBM® SmartCloud Enterprise share knowledge on how to perform tasks in the cloud. Tasks range from surprisingly easy to more complex and difficult tasks so that designers, developers, and deployers of all skills levels can learn.

Now that images are supported on Windows, the topics in this series focus on Windows instances, but that doesn't mean we won't cover other really neat tasks. In fact, if you have a task that you'd like to see in this series, let us know and we'll consider it.

First, a little background for those who may not be familiar with Internet Information Services (IIS).

Internet Information Services web server

Microsoft created the Internet Information Services web server application and set of feature extension modules for use with the Windows operating system. At a recent tally, it was deemed the second most used web server behind the Apache HTTP Server.

IIS 7.5, the version that comes with Windows Server 2008 R2, supports the FTP, FTPS, SMTP, NNTP, and HTTP/HTTPS protocols. It's built in a modular format: Individual modules (extensions) can be added or removed so you only have to install the modules you require for specific functionality. Some native modules IIS 7.5 includes are:

  • HTTP modules: Performs tasks such as responding to information and inquiries sent in client headers, returning HTTP errors, and redirecting requests.
  • Security modules: Performs tasks such as specifying authentication schemes, performing URL authorization, and filtering requests.
  • Content modules: Performs tasks such as processing requests for static files, returning a default page when a client does not specify a resource in a request, and listing the contents of a directory.
  • Compression modules: Performs tasks such as compressing responses, applying Gzip compression transfer coding to responses, and performing pre-compression of static content.
  • Caching modules: Performs tasks such as storing processed information in memory on the server and using cached content in subsequent requests for the same resource.
  • Logging and diagnostics modules: Performs tasks such as passing information and processing status to HTTP.sys for logging, reporting events, and tracking requests currently executing in worker processes.

Now let's install an IIS web server on Windows 2008 R2 and configure it as a FTPS server.

Overview

Configuring an FTPS and SMB file server on a Windows Server 2008 R2 instance in the IBM Cloud using persistent storage makes it easier for a cloud user to upload and download files to and from instances in the cloud. This article describes the steps to set up a Windows server in the cloud to do just that.

The three major steps of the task include:

Also provided is a quick overview of WebDAV.

Editor's note: Another word for "pane" as used in this article is "window."

Part 1: Deployment

The tasks involved in deploying the cloud instances and storage include:

  • Adding persistent storage.
  • Adding a Windows Server 2008 R2 server image.
  • Adding a Windows Server 2008 R2 client image.
  • Configuring the persistent storage.

Adding persistent storage

It is important to note that you do not need to add a persistent storage.

If you are using a client system on some other network, you have to ensure that the network of the client is set up in a way to allow connections between the client and the server.

  1. Go to Control panel > Storage in the cloud web interface.
  2. Click Add storage to add persistent storage. Select a Data Center, and Size, give it a Name such as SRV_STORAGE and select the Format as raw.
  3. Click Next.
    Figure 1. Figure 1. Adding persistent storage
    Adding persistent storage using the WebUI
  4. Verify the configuration and click Next.
  5. Review the license agreement and click Submit.
  6. Wait for Notification that the Storage unit was created before creating os images.

Adding a Windows Server 2008 R2 server image

  1. Go to Control panel > Instances in the cloud web interface.
  2. Click Add an instance to get started to add a new base OS image instance.
  3. Select the same Data Center as used when configuring the persistent storage and select a Windows Server 2008 64-bit R2 Datacenter image.
  4. Configure the image.
    Figure 2. Figure 2. Adding a new base OS image instance
    Adding a new base OS image instance using the WebUI
  5. Add a Windows Server 2008 64-bit R2 Datacenter image and configure it to use the persistent storage added in the previous steps.
  6. Click Add disk, select the previously created storage.
  7. Click Add disk and Close.
  8. Click Next and configure a Windows account. Follow the steps in the wizard and finish the configuration.
    Figure 3. Figure 3. Finish adding the instance
    Finish adding the instance
  9. Write down the IP address under your instance name.

Adding a Windows Server 2008 R2 client image

  1. Go to Control Panel > Instances in the cloud web interface.
  2. Click Add instance to get started to add a new base OS image instance.
  3. Add a Windows Server 2008 64-bit R2 Datacenter image.

Configuring the persistent storage on the server image

  1. Go to Start > Administrative Tools > Server Manager > Disk Management on the first (server) image.
  2. Select the persistent storage and make it available online by right-clicking Online.
    Figure 4. Figure 4. Make the disk available online
    Make the disk available online in diskmgmt.msc
  3. Delete the existing partition of the new disk and create a New Simple Volume.
  4. Select the options to format this volume as NTFS and assign a driver letter and volume label. The driver letter I assigned is E:
    Figure 5. Figure 5. New Simple Volume Wizard
    New Simple Volume Wizard in diskmgmt.msc
  5. Create two new folders on the new drive that you will use for file shares. The names I chose:
    • E:\ftproot
    • E:\SMB

You've finished this task and have successfully deployed the cloud instances and storage.

Next you'll configure the FTPS file server.


Part 2: Configuring the FTPS server

The tasks involved in configuring the IIS FTPS file server include:

  • Adding a new web server (IIS) role for FTPS.
  • Configuring an FTPS file server (creating a self-signed certificate, adding an FTP site, configuring the firewall rules, and testing the FTPS server).
  • Adding a Windows Server 2008 R2 client image.
  • Configuring the client.

Adding a new web server (IIS) role for FTPS

To add a new web server role (IIS) for use with FTP and FTPS file servers:

  1. Go to Server Manager > Roles > Roles Summary > Add Roles and add a new Web Server Role (IIS). Make sure you select FTP Server.
  2. Select>Web Server (IIS) from Server Roles and select FTP Server from Role Services. Also select Basic Authentication, Windows Authentication, Digest Authentication and Request Filtering from the Security Role Service
  3. Confirm the selection and click Install.
    Figure 6. Figure 6. Add Roles Wizard
    Add Roles Wizard - web server (IIS)
  4. Finish the installation of the new role

Configuring an FTPS file server

This consists of four subtasks:

  • Creating a self-signed certificate.
  • Adding an FTP site.
  • Configuring the firewall rules.
  • Testing the FTPS server.

Creating a self-signed certificate

  1. Go to Server Manager > Roles > Web Server (IIS) > Internet Information Server.
  2. Select your host in the Connections pane and double-click Server Certificates (Under the IIS section).
  3. In this configuration, use a self-signed certificate. Click Create Self-Signed Certificate in the Actions pane
  4. Specify a friendly name for the certificate and click OK.

Adding an FTP site

  1. Go to Server Manager > Roles > Web Server (IIS) > Internet Information Server.
  2. Right click Sites in the Connections pane then click Add FTP Site in the Actions pane.
  3. Select the physical path created in the previous steps (E:\ftproot) and give your FTP site a friendly name.
  4. Follow the steps in the wizard to configure Binding and SSL settings. Select Start FTP site automatically and Require SSL connections and select the self-signed certificate created in the previous step.
  5. Under Authentication and Authorization Information, select Basic Authentication and specify a user with read and write permissions.
  6. Go to Server Manager > Roles > Web Server (IIS) > Internet Information Server. You can now go to your site in the Connections pane.

Configuring the firewall rules

To configure the firewall rules, you need to permit FTPS connections in your Windows firewall.

  1. Go to Server Manager > Configuration > Windows Firewall and Advanced Security.
  2. Go to Inbound Rules and select New Rule from the Actions pane.
  3. Add a predefined rule for FTP Server and add all FTP connections (FTP Server, FTP Server Secure, FTP Server Passive). Add a new rule for ports 20, 21, and 47000-50000.
  4. Go to Outbound Rules and select New Rule from the Actions pane.
  5. Add a predefined rule for FTP Server and add all FTP connections (FTP Server, FTP Server Secure). Add a new rule for ports 20, 21, and 47000-50000.

Testing the FTPS server

  1. Install an FTPS client. You can use the FileZilla Client, found at filezilla-project.org.
  2. Add a new site using FTPES (FTP over explicit TLS/SSL) and logon type: normal.
  3. Connect to your site, accept the certificate, create a new folder, then upload and download a test file.

Configuring an FTPS file server

The steps here are the same as the steps for testing the FTPS server, except start by installing the client on the client machine.

Note: If you are using a client system on some other network, you have to ensure that the network of the client is set up in a way to allow connections between the client and the server.

  1. Install an FTPS client on the client machine. Again, you can use FileZilla Client from filezilla-project.org.
  2. Add a new site using FTPES (FTP over explicit TLS/SSL) using logon type: normal.
  3. Connect to your site, accept the certificate, create a new folder, then upload and download a test file.

You've successfully configured the FTPS server. Next learn how to configure an SMB file share.


Part 3: Configuring an SMB file share

The tasks involved in configuring a SMB file share include:

  • Configuring a shared folder.
  • Mapping the shared folder on the client machine.

Configuring a shared folder

  1. Create a new folder (or use the one you created in the initial steps).
  2. Right click the folder > Properties > Sharing > Share.
  3. Choose a username to share this folder with and click Add. Example: idcuser.
  4. Click Share.
  5. Click Yes, turn on network discovery and file sharing for all public networks.
  6. Click Done and Close or Advanced Sharing for additional options.

Manage Windows SMB shares from Server Management > Roles > File Services > Share and Storage Management > Shares.

Configure file sharing NetBIOS over TCPIP from Control Panel\Network and Internet\Network Connections Local Area Connection Internet Protocol Version 4 Advanced > WINS > NetBIOS Settings.

Note that SMB across high latency connections is problematic, and you should always use it over an encrypted connection (OpenVPN, IPSEC, PPTP, etc).

Consider using FTPS or WebDAV (both available in IIS) instead.

File and printer sharing

If you need to permit file and printer sharing through the Windows firewall:

  1. Click Start > Check Firewall Status and select Allow a program or setting through Windows Firewall.
  2. Click Change Settings.
  3. Check the Home/Work (Private) or/and Public to permit file sharing though a private network or Internet respectively.
  4. Click OK.

Note: if you're following these steps on a Windows 2003 image you may need to change the scope of the 445 port to Any instead of Subnet when permitting access to Internet clients in your firewall.

Mapping the shared folder on the client machine.

  1. Open Explorer.
  2. Go to Tools > Map network drive.
  3. Select a driver letter and a folder. Select Reconnect at logon.

This can also be performed from the command line:

net use /persistent:yes z: \\server\smb /user username

You're finished … you've successfully configured an SMB file share.


A quick overview of WebDAV

Web-based Distributed Authoring and Versioning

WebDAV (defined in IETF RFC 4918) is a set of methods based on HTTP that makes it easier to collaborate between users when editing and managing documents and files stored on web servers. The protocol makes the web a readable and writable medium; it provides a framework for users to create, change, and move documents on a server (typically a webserver or web share). WebDAV's most important features are locking (overwrite prevention), properties (creation, removal, and querying of information), name space management (ability to copy and move web pages within a server's namespace), and collections (creation, removal, and listing of resources).

With IIS, you can also configure and map WebDAV shares. Following is a quick overview of the steps involved in creating a WebDAV share on the default web site and mapping it on a client machine. (Resources provides additional details on this.)

  1. Add the following features to your web server:
    • WebDAV Publishing
    • Security (all)
  2. From Sites > Default Web Site > WebDAV Authoring Rules, click Enable WebDAV.
  3. From WebDAV Authoring Rules, click Add Authoring Rule and select the permissions and allowed users.
  4. From Default Web Site > IIS > Authentication, enable Windows Authentication.
  5. From Default Web Site > IIS > Authorization Rules and Allow the users.

Mapping WebDAV on the server

  1. Map the WebDAV site on your client machine using net use from a command prompt and typing in a username/password when prompted:
    net use * http://yoursite/

In conclusion

Following these steps, you can now configure an FTPS and SMB file server on Windows Server® 2008 R2 using persistent storage so the server can act as a file server.

Resources

Learn

Get products and technologies

Discuss

Comments

developerWorks: Sign in

Required fields are indicated with an asterisk (*).


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name



The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 


All information submitted is secure.

Dig deeper into Cloud computing on developerWorks


  • Bluemix Developers Community

    Get samples, articles, product docs, and community resources to help build, deploy, and manage your cloud apps.

  • Cloud digest

    Complete cloud software, infrastructure, and platform knowledge.

  • DevOps Services

    Software development in the cloud. Register today to create a project.

  • Try SoftLayer Cloud

    Deploy public cloud instances in as few as 5 minutes. Try the SoftLayer public cloud instance for one month.

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Cloud computing
ArticleID=632238
ArticleTitle=SmartCloud tip: Set up a Windows file server
publish-date=03142011