These days I’m trying to configure my new Windows Server 2008 R2. Of course, I would like to be able to access my files remotely and without any effort (such as downloading a third-party application). There were 3 options to use for accessing remotely files on Windows: VPN and SMB, FTP or FTPS and WebDAV. VPN is a bit complex and I ruled it out. FTPS is a great way to go but unfortunately Windows clients cannot directly map network drives to FTPS (it only supports plain FTP which is insecure). Fortunately, Windows clients can map network drives to WebDAV drives. So that’s the way to go! It’s also a standard and many systems can connect to WebDAV. It’s also pretty “comfortable” as it relies on HTTP. And it becomes quite secure when you use HTTPS.
Fortunately, Microsoft has developed a great IIS 7 extension that adds WebDAV capabilities to websites. It’s included automatically in R2, but for Windows Vista you have to download it from here. There will be a WebDAV icon in the IIS which allows you to configure everything. So, when you need to configure a website’s physical folder for WebDAV access, you just have to do the following:
After all these you’ll be able to connect to your WebDAV! But there’s another problem with most PC clients. If you’re using a self-signed certficate like me, they’ll automatically reject the connection. What to do? Open the website with Internet Explorer (be sure to open it with "Run as Administrator", else the "Install certificate" button won't show up later). Go to the webdav location e.g. https://www.example.com/webdav/. It will complain about the untrusted certificate. Do the following to install the certificate on the client PC:
After all the above steps, the computer can trust the location and you’ll be able to map the network drive with the following command line:
net use * https://www.example.com/webdav
It will ask for username and password. You can also use Windows Explorer’s map network drive wizard. One small problem you could stumble upon, is when trying to move/copy large files. There are two possible problems there:
One last problem you may stumble upon: Unfortunately, WebDAV for IIS has one major bug (at least for me): You cannot add virtual directories that map to a whole hard disk. For some reason, they are not shown when you’re exploring the webdav remotely. To resolve that, you must create a folder in each hard disk e.g. “webdav” and put all your hard disk in there. Then add a virtual directory in IIS that points to that folder. It worked for me!
Conclusion: Webdav’s a really nice way to connect to files remotely! I just wish Microsoft resolved the aforementioned problems and make the administrator’s life easier.
Thanks for the guide! I'd like to add my comments to this.
1. I found that there is a 30 MB file transfer limit by default in IIS which very much affects webdav. It took me forever to Google up the solution which was to adjust the "maxAllowedContentLength" setting (now you can Google it).
2. When I use Web Folder (My Network Places) to connect to the webdav folder it doesn't matter that the certificate was self signed and I don't have to pre-install it in IE.
3. The WebDAV Authoring rules seem to override the NTFS/File/Folder permissions. Strange but fine with me so far.
4. I can't get the "net use" command to work in Windows XP. I get "System error 67 has occurred. The network name cannot be found". Maybe it just works in Vista or Windows 7...
Thanks stefan for the comments!
I also have used Web Folders in Windows Server 2003 and didn't find any problems with the certificate, because it asked me to trust it or not. But in Windows 7, it is automatically rejected without any justification.
I added the IIS transfer limit issue to the guide because it's rather important!
Thanks for the information! I had very good use for it. But why is there a limit so low?
Hans, I can only guess it has to do with security and performance. For the server, multiple large transfers at the same time could affect the server negatively or bring it down, e.g. if they were initiated by a denial-of-service attack. So, Windows leaves it to the administrator's judgement to change the value.
I believe the same could apply for the client side. Additionally, as WebDAV is not a Windows native protocol but depends on the web, I guess it could be more difficult to maintain a quality performance for large transfers.
Thanks for the great article. I've tried reading the IIS.NET articles but they're typical Microsoft banter and don't really get to the nuts and bolts. Your article plus downloading the anyclient WebDav client worked like a champ for my Windows 7 client connecting to our WebDAV IIS 7 subweb.
Thanks for the article ^^, it is very clear and direct to the point. Thanks for the tip about size limits.
I have not researched so much but to address the root drive problem I create JUNCTIONS with mklink utility, hide them from the properties so FTP or SMB clients cannot see them (In fact I think this has something to do with the owner at drive's root level or with elevation, or maybe a mixture of both) this way you do not need to move any data.
One more thing.... I use to connect to Sharepoint sites and libraries using webdav and I ran into trouble with SSL encryption, I had read somewhere in technet that Windows XP/2003 webclient service cannot use https to map network drives (in fact I have had no luck with net use, pushd or map network wizard), but it seems that you can do it via "Add network place" wizard, you say yo do not have troubles with 2003 servers and SSL, is there any hotfix or config you can do for this?
Glad my article helped you!
Hmm, if I remember correctly I did not have any problem with Windows XP. But perhaps it needs a hotfix for HTTPS support. Unfortunately I do not remember :( You may need to search the internet for this thing.