Microsoft KB Archive/325806

= How to use the SQL Server CE Connectivity Management utility =

Article ID: 325806

Article Last Modified on 9/9/2005

-

APPLIES TO


 * Microsoft SQL Server 2000 Standard Edition
 * Microsoft SQL Server 2000 Windows CE Edition 2.0
 * Microsoft SQL Server 2000 64-bit Edition

-



This article was previously published under Q325806



IN THIS TASK
SUMMARY
 * Create a New Virtual Directory by Using the SQL Server CE Virtual Directory Creation Wizard
 * Modify an Existing Virtual Directory

REFERENCES



SUMMARY
This article describes the contents of and how to use the SQL Server CE Connectivity Management utility. This utility is installed when you run Setup for SQL Server CE 2.0 server tools. Before you can access a database in Microsoft SQL Server by using replication or remote data access (RDA) through Hypertext Transfer Protocol (HTTP), you must set up a virtual directory and configure the appropriate the NTFS file system permissions. Microsoft SQL Server 2000 Windows CE Edition (SQL Server CE) provides the SQL Server CE Connectivity Management utility to create and to manage virtual directories and NTFS permissions.

back to the top

Create a New Virtual Directory by Using the SQL Server CE Virtual Directory Creation Wizard
The SQL Server CE Virtual Directory Creation Wizard includes the following sections:
 * Virtual Directory Alias and Content Folder: On this page of the SQL Server CE Virtual Directory Creation Wizard, you create an alias and content folder for the virtual directory.
 * Virtual Directory Alias: For quick reference, you can create an alias for the virtual directory. Microsoft recommends that you use the same naming conventions that you use for a folder. This alias name is specified in the InternetURL property for connectivity.
 * Virtual Directory Content Folder: You must have a content folder for a virtual directory. By default, the wizard points to the location in which the SQL Server CE Server Agent is installed. You can specify a location change on disk for better disk-space management, although a copy of the SQL Server CE Server Agent must be located in that location. If you do specify a different location, the wizard can copy and register the SQL Server CE Server Agent to the new location. All temporary files for data transfer to and from the instance of Microsoft SQL Server will reside in this location.
 * Virtual Directory Authentication: The SQL Server CE Virtual Directory Creation Wizard provides three authentication options:
 * Anonymous Authentication: With Anonymous authentication, Microsoft Internet Information Services (IIS) does not perform client authentication. SQL Server CE Server Agent performs all the work that it does on behalf of the client under the identity of the Internet Guest account. By default, the Internet Guest account is IUSR_, but you can designate some other Windows user account as the Internet Guest account.
 * Basic Authentication: With Basic authentication, the SQL Server CE client must supply a valid Windows account user name and password. IIS tries to log on by using the client-supplied user name and password. If the logon attempt succeeds, SQL Server CE Server Agent performs all its work under the identity of the specified Windows user account. If the logon attempt fails, the request from the client is rejected. You can use Basic authentication for both Internet and intranet applications. For Basic authentication, each client must have a valid Windows account with a corresponding user name and password.
 * Integrated Windows Authentication: Integrated Windows authentication functions similarly like Basic authentication. The SQL Server CE client must supply a valid Windows account user name and password. IIS tries to log on by using the user name and password. If the logon attempt succeeds, SQL Server CE Server Agent performs all its work under the identity of the Windows user account. If the logon attempt fails, the client synchronization request is rejected. Integrated Windows authentication has one primary advantage over Basic authentication: Unlike Basic authentication, Integrated Windows authentication does not transmit the client's user name and password over the network in unencrypted form. Therefore, no one can intercept the password. Integrated Windows authentication works best with intranet applications. Integrated Windows authentication is seldom used for Internet applications because it cannot operate over a proxy server or firewall.
 * NTFS Permissions: User: You see this page only if you selected Basic or Integrated Windows Authentication on the previous page. Type the name of the user who requires NTFS permissions on either the computer that is running IIS or the computer that is running SQL Server. With the SQL Server CE Virtual Directory Creation Wizard and the SQL Server CE Connectivity Management utility, you can configure only one user at a time. To configure multiple users simultaneously, use Windows Explorer. You must add NTFS permissions if either or both of the following conditions exist:
 * The computer that is running IIS uses NTFS.
 * The SQL Server CE-based application uses replication. The snapshot folder, which is typically located on the computer that is running SQL Server, exists on an NTFS drive partition.
 * NTFS Permissions: Computer Running SQL Server: If your application uses replication, you must set NTFS Read permission on the actual snapshot folder and the share. Most frequently, the snapshot folder is located on the computer that is running Microsoft SQL Server. Select the check box on this page of the SQL Server CE Virtual Directory Creation Wizard or the NTFS Permissions Wizard if either of the following conditions exists:
 * You created and specified a snapshot share during the SQL Server Distributor configuration.
 * You created the snapshot share and you will specify it during the SQL Server Distributor configuration.
 * NTFS Permissions: Snapshot Folder: Type the network path of the SQL Server snapshot folder. Use the Universal Naming Convention (UNC) for the snapshot share path. Depending on the virtual directory authentication that you selected, the appropriate Microsoft Windows user account requires Read permission on the snapshot share and subfolders.

back to the top

Modify an Existing Virtual Directory
You can use the SQL Server CE Connectivity Management utility to modify an existing virtual directory. To modify an existing configuration, click a virtual directory from the list in the left pane of the SQL Server CE Connectivity Management utility, and then modify the settings that appear in the right pane:
 * Click Virtual Directory Content Folder, and then click the HTTP Content Folder tab: On this tab, modify the content folder that is associated with an existing virtual directory or change the HTTP permissions to the folder. Type the full path to the content folder that is associated with the virtual directory (for example, C:\Program Files\Microsoft SQL Server CE 2.0\Server), or click Browse to find the folder on the local computer. Specify the HTTP permissions to the folder. SQL Server CE requires Execute permission. Microsoft does not recommend that you add Write permission to this location.

If you modify the content folder, you must run the NTFS Permissions Wizard to set NTFS permissions on the new location. To start the NTFS Permission Wizard, on the NTFS Permissions tab of the SQL Server CE Connectivity Management utility, click Add/Modify NTFS Permissions for User.
 * Click Virtual Directory Authentication, and then click the HTTP Authentication tab: On this tab, modify HTTP authentication of an existing virtual directory.
 * Click NTFS Permissions, and then click the NTFS Permissions Tab: On this tab, start the NTFS Permissions Wizard. Use the NTFS Permissions Wizard to modify NTFS permissions on the computer that is running IIS or SQL Server. The NTFS Permissions Wizard includes the following pages:
 * NTFS Permissions: User: This page in the NTFS Permissions Wizard is functionally the same as the NTFS Permissions: User page in the SQL Server CE Virtual Directory Creation Wizard.
 * NTFS Permissions: Computer Running IIS: After SQL Server CE Server Agent (Sscesa20.dll) starts, it tries to create, to read, to write, and to delete input and output replication or remote data access (RDA) message files. These message files are put on the computer that is running IIS in the content folder that you specified during the IIS virtual directory configuration. This is the same folder that contains SQL Server CE Server Agent (Sscesa20.dll). You control access to the folder and the SQL Server CE Server Agent by assigning NTFS permissions to that folder and file.

Read and Write access permissions are required on the content folder (which is also the temporary file location for the input and output message files), and Read and Execute access permissions are required on SQL Server CE Server Agent (Sscesa20.dll).
 * NTFS Permissions: Computer Running SQL Server: This page in the NTFS Permissions Wizard is functionally the same as the NTFS Permissions: Computer Running SQL Server page in the SQL Server CE Virtual Directory Creation Wizard.
 * NTFS Permissions: Snapshot Folder: This page in the NTFS Permissions Wizard is functionally the same as the NTFS Permissions: Snapshot Folder page in the SQL Server CE Virtual Directory Creation Wizard.
 * NTFS Permissions: Snapshot Folder Access: Depending on the virtual directory authentication that you select, the appropriate Microsoft Windows user account must have Read permission on the snapshot share that you specified and the snapshot subfolder. You can use this page to specify the NTFS permissions for the snapshot folder.

back to the top

