Microsoft Windows 2000 File System
Digital Dashboard Sample Documentation

This document contains information about the File system Dashboard, available in the preview release of the Digital Dashboard Resource Kit 2.0. This document contains the following sections.

Feature Description

Installing the File System Digital Dashboard

Configuring the File System Digital Dashboard

Managing Security on the File System Dashboard

Creating Your First Digital Dashboard

Using Web Folders with the File System Digital Dashboard

Feature Description

The File System Digital Dashboard stores Web Parts and Digital Dashboards in the Microsoft Windows 2000 file system. Digital Dashboards are represented by folders in the file system containing Web Parts. These folders are unique, however, as they contain a special set of properties called WebDAV properties (Distributed Authoring and Versioning) that identify them as Web Parts and Dashboard Folders. WebDAV allows for the transmittal of sophisticated properties through HTTP. While these folders and Web Parts appear to be normal files in the file system they can only be created through the Dashboard or the Web Part Builder because of the special properties. Once created though, you can use the file system to copy, move and delete both Folders and Web Parts as long as they remain in a root Dashboard Folder.

The File System Digital Dashboard consists of two main components:

         An NTFS Folder and IIS Virtual Root to physically store Web Parts and Digital Dashboard items and properties.

         An NTFS Folder and IIS Virtual Root that stores the web pages and other necessary components for the Dashboard Factory.

 

There are three tiers to a Dashboard Application:

In this Digital Dashboard, storage is maintained in the Windows 2000 file system. Parts and Dashboard Folders are stored under an IIS Virtual Root. The Key is that these items be kept in a WebDAV compliant store because the Dashboard Factory uses HTTP 1.1 and WebDAV to create, edit and delete dashboard folders and Web Parts. Both Windows 2000 and Exchange Server 2000 provide WebDAV Access natively. The Digital Dashboard Resource Kit installs an IIS Extension to enable WebDAV Access to the store.

 

The Dashboard Factory provides the assembly logic for the Digital Dashboard. It receives requests from a client and uses WebDAV, XML and XSL to read/write, assemble and transform a folder full of Web Parts into a Digital Dashboard. The Factory then delivers the assembled Dashboard Application to the client in the presentation tier the Browser.

Installing the File System Digital Dashboard

During installation, you will be asked to provide the following information.

         The name of folder and Virtual Root that will hold your users Digital Dashboards, the default is Dashboards.

         The name of the Web root that users will use to connect to a dashboard. The Dashboard Factory files will be stored in the Web root that you specify. The default virtual root name is Factory, on the default Web Site server.

Your responses are recorded in the IIS Metabase and used by the dashboard viewer and database. If you modify virtual root directory names, or the database name and location, you should reinstall your software to update the IIS Metabase settings.

To install the File System Digital Dashboard

         Run DDRK_FS.msi from the CD ROM. An installation wizard guides you through the process.

Setup copies the following files to your computer.

Files

Description

\Dashboards\

The folder that will contain users Digital Dashboards. It is registered in IIS as a Virtual Folder with Write and Directory Browsing enabled as well as script execution. The folder contains a Welcome and Administration dashboard by default.

\Factory\*.*

The Dashboard Factory. This is a set of files that support dynamic rendering at run time. During installation, these files are copied to the \inetpub\wwwroot\DDRK folder (or to another subfolder name that you specify).

Configuring the File System Digital Dashboard

After installation completes, the Digital Dashboard is fully configured. However, if you encounter problems while running the software, you should review the error file and verify server IIS settings to ensure that the configuration is accurate and complete.

Verifying Server Configuration

You should have two new IIS Virtual Roots. By Default they are Factory and Dashboards. Their folders will be located (by default) at c:\inetpub\wwwroot\Factory and c:\inetpub\wwwroot\Dashboards. Using Internet Information Services, you should verify that both the virtual directories support the following settings: Directory Read, Write and Listings enabled, and Execute Permissions set to Scripts Only.

Verifying the Dashboard Factory dashboard_config.inc File

In the c:\inetpub\wwwroot\Factory folder is an include file titled dashboard_config.inc, the file should be configured as follows:

<%

Const stPortalServer = "http://server"

Const stPortalVRoot = "Dashboards"

Const stDashVRoot = "dashboards/welcome/"

%>

 

stDashVRoot can be modified to enable an automatic redirect from the http://server/factory/ to your default Digital Dashboard (note the trailing /). StPortalVRoot is the location where users dashboards are stored. DBList.asp uses this to know where to create dashboards.

There is also a second configuration file in the Dashboards folder titled factory_config.inc. This file is used by the Web Part Builder to understand what Dashboard Factory is used to process the Dashboard Folders.

Managing Security on the File System Dashboard

When a user or administrator changes any setting or properties on a dashboard or Web Part, the Dashboard Factory writes settings back to the file system. For this reason, security is an essential consideration. There are two main ways in which you must manage security on the File System Digital Dashboard: the authentication method on the dashboard factory and dashboards virtual roots and the folder permissions on the underlying folders. The two common methods for managing authentication on the virtual roots is to either enable anonymous log-ins or to require Windows 2000 Authentication.

Anonymous Log-Ins

Enabling anonymous log-ins is not recommended or supported. If anonymous access is enabled, the dashboard factory ASPs will run under a process logged in as IUSR_SERVER. IUSR is not a trusted account, and therefore cannot write dashboard changes back to the Server. In order to run the dashboard with anonymous log-ins you must enable write permissions for the IUSR_SERVER user on the underlying Dashboard Factory and Dashboards folder. This creates security hole.

Windows 2000 Authentication

Using Windows 2000 Authentication enables a significant level of control over dashboard access. The File System Digital Dashboard installs with Windows 2000 Authentication turned on by default. You can then manage who has access to which dashboard (both read and write) by controlling access to the underlying folders in the Dashboards directory.

Once IIS security has been properly established you will manage dashboard security through windows 2000 file system permissions.

Setting Windows 2000 Security Security

Digital dashboards are designed to honor security on the underlying dashboard folders and Web Parts. Once a user is authenticated, the dashboard factory runs on the server under the security profile of the user. By setting security on dashboard folders and Web Parts, you can prevent users from seeing dashboards and Web Parts to which they should not have access.

In the Windows 2000 file system digital dashboard, there are three fundamental sets of user permissions for dashboards and Web Parts:

1.      No Accessthe user cannot see the dashboard or Web Part. This maps to a user being denied both read and write access to the item in the file system

2.      Read Onlythe user can see the dashboard or Web Part but cannot not modify it. This maps to the user having read access to the item in the file system

3.      Modificationthe user can create and edit the Web Part or dashboard. This is equivalent to the user having read, write modify access to the item in the file system

To set security for the Windows 2000 file system sample dashboard:

1.      In the Windows file system, right click the Web Part or dashboard folder on which you want to set security, and then select Properties.

2.      Click the Security tab, and then do one or both of the following:

3.      Add users and groups: click Add, and then select the users and groups to which you want to give permissions.

4.      Remove users and groups: click Remove, and then select the users and groups who currently have permissions on this folder that you want to remove.

5.      Under Permissions, allow or deny permissions to the users and groups youve chosen by selecting the appropriate check boxes, Click Apply, and then click OK to apply the permissions you just configured.

Note   If the folder on which you are setting permissions is a subfolder, and you want the permissions of the parent to propagate to this folder, select the Allow inheritable permissions from parent to propagate to this object check box.

If you are having difficulties with security permissions, be sure to look out for security that is inherited from parent folders.

Creating Your First Digital Dashboard

When the installation is complete, you should be presented with a welcome dashboard and administration dashboard page that allows you to add and delete Digital Dashboards to your site. (the default address of this dashboard is http://server/dashboards/welcome. To create a dashboard, simply click the Add New Dashboard button and type in the name for your first dashboard.

Using Web Folders with the File System Digital Dashboard

After you install the File System Digital Dashboard, you can use Windows Web folders to work with the catalog and perform basic administrative tasks.

Web folders provide a simple, UI-based way to see what items are available. You can also double-click an item to open it in a browser window. In addition, right-click commands allow you to rename, move, delete, and create items in the Web Part Catalog.

To use Web folders, follow these steps.

1.      Double-click My Network Places on the desktop.

2.      Double-click Add New Network Place.

3.      Type the URL (for example, http://MyServer/Dashboards). This is the URL used to access the folder containing Digital Dashboards.

Note that adding a non-Web Part item to a catalog database does not make it a Web Part since none of the properties of the Web Part schema have been populated. You must Create new Web Parts either through the Digital Dashboard interface or through the Web Part Builder.