<DD>To reduce costs and provide better service by enabling customers to update and configure their own Web sites from remote locations.</DD>
<DT><strong>Components</strong></DT>
<DD>Windows NT Server 4.0; Internet Information Server (IIS) 4.0; Active Server Pages (ASP); ADO; Microsoft SQL Server; Internet Explorer version 3.02 with Authenticode 2 update, or later versions of Internet Explorer</DD>
<DT><strong>Environment</strong></DT>
<DD>Intranet, secured; Windows NT network</DD>
</DL>
</td>
<%
If InStr(Request.ServerVariables("HTTP_USER-AGENT"), "MSIE") Then
<p>An Internet Service Provider (ISP) faces critical challenges in today's extremely competitive environment. To be successful, an ISP must constantly think of how to provide excellent service, yet keep rates low. Windows NT and Internet Information Server (IIS) help you to reduce costs and deliver better service by providing a way for your customers to add, delete, or modify the contents of their respective Web sites hosted on your server—without exposing your entire server to unauthorized tampering, or risking server-wide downtime due to software errors on one customer's site. The same feature can be used by ISP employees for remote administration of the server; the setup procedure is the same, except that you grant wider permissions to the Windows NT account used by your employees.</p>
<p>With Windows NT Server and IIS, setting up remote administration for customers is easy; you just provide each customer with a Windows NT user account and a browser that supports JavaScript and frames, and set up a Windows NT account for each customer. (Note: The customer account does not have to be a Windows NT Administrator account; any Windows NT account can be granted appropriate permissions for Web site maintenance.) You then set permissions on the appropriate virtual servers and directories so that customers can make changes only to their own Web sites. Because you grant each customer permissions for that customer's respective virtual server only, other customers' sites on your computer will be unaffected by any changes—or any mistakes—that any one customer makes. If a customer wants to run dynamic Web pages that make use of ActiveX scripting or ISAPI-based programs, you can enable the IIS process isolation feature on those applications; this will isolate the scripts or programs so that they cannot affect the other Web sites hosted on the server computer, thus providing "crash protection" for your server.</p>
<p>Customers can also add or delete, control access to, and set PIC ratings for content directories.</p>
<p>For more information on setting up Windows NT accounts, see Windows NT documentation. For more information on process isolation (running scripts or applications in a process separate from the server itself), see <a href="iiisol.htm">Isolating Applications to Minimize Server Downtime</a>.</p>
<p>To make changes to their Web sites on your server, customers use Internet Explorer to connect to your server over the Internet. Because you have set your server to require Windows NT Challenge/Response authentication for write permission on the directories containing the customer's Web site, it will allow only authorized Windows NT users to make changes to their contents. Customers then use the HTTP PUT and DELETE features of Internet Explorer to add or delete files in their Web sites. IIS 4.0 and Internet Explorer 3.02 (and later versions of Internet Explorer) support the RFC 1867 Internet standard for file upload, as do other popular servers and browsers.</p>
<h2><a name="result">Result</a></h2>
<p>Your employees are not required to handle each and every change to customer Web sites on your server, so your employees can concentrate on more important work. Also, you can allow customers to run interactive applications without risking server downtime due to a misbehaving application on one customer's site.</p>
