Microsoft KB Archive/187036

= Site Server 3.0 Personalization and Membership FAQ =

Article ID: 187036

Article Last Modified on 3/1/2005

-

APPLIES TO


 * Microsoft Site Server 3.0 Standard Edition

-



This article was previously published under Q187036



Q: What is Personalization and Membership?

A: Personalization and Membership is a feature of Site Server 3.0 that allows Web administrators to create online communities with an architecture that can scale to several million user accounts on a single server (or servers) without the limitations imposed in a traditional Windows NT 4.0 domain model. In addition, Personalization and Membership offers personalization, targeted mailing, and a fully extensible schema. Here are some of the advantages Personalization and Membership offers site administrators:
 * Rule Builder - Rule Builder allows an administrator to create personalization rules for users based on usage patterns of your site or attributes assigned to an account during setup without having to know anything about ASP coding.


 * Targeted e-mail - E-mail can be targeted to a specific group of users based on Personalization rules set up by the Rule Builder tool (for example: send e-mail on a new product to all users over 30 who have visited the developers Web page three times in the last week, except those that live in Redmond; send them to another page.)


 * Fully extensible schema - the Personalization and Membership schema is fully extensible and can be modified (add/remove attributes, and so on) through a user friendly administration interface or through coding to the various levels of LDAP, ADSI, or AUO interoperability with Visual Interdev. Personalization and Membership offers Design Time Controls (DTCs) to make the creation of Personalization and Membership enhanced Web pages easier through Visual Interdev or FrontPage 98.


 * Internet Location Service (ILS) - ILS is now built into Personalization and Membership. But unlike the version that shipped in MCIS 1.0, this enhanced version can find users that are connected to multiple servers anywhere in your organization.


 * Address Book Server (ABS) - ABS is also built into Personalization and Membership, but no longer has a fixed Schema. You can add unlimited fields or attributes to a user, and searches can be done on any number of different combinations through applications such as Outlook Express or through Web pages written in Visual Interdev using Personalization and Membership DTCs.


 * Enhanced Security - Personalization and Membership offers several different levels of authentication from very open (Cookie based or HTML forms mainly for user personalization to a non-secure part of a site) to highly secure (DPA or Clear Text with SSL) that visitors have to log in to use. In addition, DPA authentication provides users with a "single user logon" for multiple services including Chat, Mail, News, and Web, through a plug-in to Internet Explorer 3.x (built in to Internet Explorer 4.0) or Netscape 3.xx running on a Windows platform.

Q: What are the Personalization and Membership dependencies?

A: Personalization and Membership requires that the following is installed:
 * Pentium 100Mhz with a minimum of 64MB of RAM
 * 700MB NTFS hard drive
 * Windows NT 4.0 with SP3
 * Windows NT 4.0 Option Pack
 * Internet Explorer 4.01

Q: I changed the Proxy user account password for Membership in Windows NT User Manager and now none of my membership users can log in; why? After doing this, I then attempted to change the password via the Authentication Services Properties page and it also didn't work; why?

A: The Proxy account password must be changed in two places: in the Windows NT User Manager for domains and in the Authentication Service administrator account. You can only create new accounts via the Authentication Services Properties page; you cannot change the password through it.

Q: If I have an existing third-party ODBC compliant database with existing data about my customers (for example: Social Security number, mailing address, and so on), is it possible to use this information along with the data that already exists in the Personalization and Membership Directory Service for direct mailing or personalization?

A: Yes. By creating an Active User Object (AUO) provider through the HTML Administrator page and pointing it to an existing third-party data source, Personalization and Membership can take advantage of external databases from a variety of sources. The only requirement is that the data sources have a common key between them.

Q: What is AUO?

A: Active User Object (AUO) is a COM interface that aggregates user properties from multiple sources into a single property namespace, creating a virtual property schema that can be accessed from any Web page.

Q: While trying to protect certain areas of my Web site for Membership, I get the following error: "Server Error: Failed to create object." Why is this occurring?

A: Your WWW Service is not mapped to the correct Membership Server instance. Right-click on the WWW service that you are attempting to use, and then click Tasks. Select Membership Server Mapping, and then select the correct instance.

Q: When I attempt to add or create a new attribute for a user in the Membership Directory Manager, I get the following error: "Unable to save attribute. An unexpected error occurred (424 Ox1A8)." Why?

A: This is a known issue with using Netscape browsers. The error is the result of using unique characters such as "+" ">" "<" "#" "*" and so on. To work around this issue, do not use these characters when specifying an object name.

Q: What is a DTC?

A: DTC is an acronym for Design-Time Control. DTCs are "wizards" of a sort that are used in Web authoring tools such as FrontPage and Visual Interdev. Basically, DTCs ask you questions about what you are trying to set up and script in the ASP page. The DTC will then create the script, based on the information that has been pre-programmed and the data that you provided. The intent is to keep you from having to write so much code. (It does most of the work for you.) DTCs are designed to be used in both FrontPage and Visual Interdev.

Q: I've had Visual Interdev installed on my machine for months and it was working perfectly. Now when I install Personalization and Membership and attempt to use the Rule Builder or any Personalization and Membership DTCs, they don't work. Why?

A: More than likely you installed Visual Interdev under Internet Information Server (IIS) 3.0. If you have upgraded to IIS 4.0 since then and installed Personalization and Membership, you probably have not updated to the FrontPage98 Server extensions, which are required for the Personalization and Membership DTCs to work properly.

Q: I've just finished using Visual Interdev and some of the Personalization and Membership DTCs to create a page for my site. When I attempt to execute the page, I get "VBScript Runtime Error." There is nothing wrong with the code I wrote, so what is the problem?

A: Assuming all the other code you wrote is correct, more than likely you forgot to create a Membership Header, a Membership Attribute, or a Membership Footer DTC, which must be created in that order. Another common error that can occur is "VBScript compilation Error." The error commonly occurs when you attempt to use two Header DTCs in a row.

Q: How can I configure my Web server to share a Membership directory that has already been created on another server?

A: First, you have to create a new Membership Instance using the Site Server Administrative tool Microsoft Management Console (MMC). When you create this instance (unlike the first one), you are connecting to an existing system, not creating a new one. When you have finished setting up that instance, you will essentially have an LDAP client on the second server that connects via LDAP to the Directory Information Tree on the first server. When that Membership Instance is available on the second server, you can then change the LDAP port number so that it references the instance, and Membership Directory Manager will then display all from the Directory Information Tree. When that step is finished, you can then go into the IIS section of MMC and set up your virtual Web servers to point at and use this new Membership Instance (which is why you have to create it).

Q: Why am I prompted for a username and password when opening Site Server MMC?

A: Personalization and Membership actually has two security systems--one for authentication and access control of the Web (or other protected) content and the other for authentication and access control to the Directory Information Tree (the actual information in the database). When you launch the MMC and get the login pop-up message, it wants to know how you are authenticating to gain access to the Directory Information Tree (the physical information). It is not a Windows NT or domain authentication prompt. By default, the data is set up to allow for anonymous access. Therefore, if you select anonymous you get full access. But if that is changed (as it will be in most setups), then you need an administrative account to gain access. There is a default administrative account called "administrator" and the password is "password". Next time you launch the MMC and get the pop-up message, try using the administrator account and password to verify that it works. The administrator account (o=microsoft;ou=Member; cn=administrator) is generated by default.

Q: Can I connect the Membership directory to production SQL Server databases that already exist?

A: You can connect a new Membership Instance to an existing Site Server 3.0 Membership Directory Information Tree on another server. You can also connect to an existing SQL Server computer and set up a new Membership database on it (as long as it has databases that have been properly configured to work with Site Server 3.0). However, you cannot tie into an old Membership Server database and use it for your Site Server 3.0 Membership database, because the structures are totally different. Users accounts from previous versions of Site Server need to be entered into a new database manually.

Q. How do I create a new Membership Instance?

A. From the MMC, click Start, point to Programs, and choose Microsoft Site Server, Administration, Site Server Service Admin (MMC). Expand (click the plus sign [+]) Personalization and Membership, and select the server you want to create the new instance on. Right-click and select New, Membership Server Instance.

Q. How do I reduce the amount of memory in my system temporarily so I can stress-test Membership in a low-memory scenario?

A. In the Boot.ini file (remember to remove its Read-only property, and add it back after you are done editing) add the /MAXMEM:n command (where n is in MB) at the end of the ARC path specified in the [operating systems] section of the Boot.ini file, as in the following example: multi(0)disk(0)rdisk(0)partition(1)\winnt=Windows NT /MAXMEM=12. This will force Windows NT to only use 12 MB of RAM, ignoring everything else above this.

Q. Why doesn't Network Monitor (Netmon) see any LDAP traffic on my system?

A. Netmon is designed to treat port # 389 as the default for LDAP TCP port. For Netmon to identify your LDAP traffic, you need to define the port number as being LDAP traffic within Netmon. To do this, you must manually edit the Tcpip.ini file under Netmon\Parsers. Under the heading [TCP_HandoffSet], add your new entries as follows: 1003=LDAP 1004=LDAP Q. Why did data (of any sort) not get put into the Membership database I created in SQL when I created a new user, group, schema container, and so on? I just installed Membership and SQL Server, and I have created some user accounts using the create New User Wizard. The users show up in Membership, but not in SQL Server. What's wrong?

A. Nothing is wrong. When Membership is initially installed, the system is set up using Windows NT (Intranet) authentication. In this mode, Membership will use the local Windows NT SAM database to determine whether a user has access rights to protected content or not. In this mode, Membership will also store personalization information (cookies and schema data) in an Access-Jet database (.mdb file). In order to get data into SQL, you need to create a Membership authentication instance, using SQL as the data source. You must also point Membership Directory Manager at this new instance, otherwise the wizards will still be creating data in the original instance.

Q. Using Visual Interdev and the Membership DTCs, I created an ASP page with a header, footer (required), and an attribute (any attribute). When I finished the page, I saved it and tried to view it with Internet Explorer; however, I received the following error:

Response object error 'ASP 0145 : 80004005'

Header Error / / .asp, line x (usually somewhere around 30) The HTTP headers are already written to the client browser. Any HTTP header modifications must be made before writing page content.

A. The DTCs cannot automatically insert a needed command to prevent this. To keep this error from happening, add <%response.buffer = true %> at the beginning of the document.

Additional query words: PM FAQ SS3

Keywords: kbinfo KB187036

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.