USE ILS TO SNIFF OUT USERS WITH DYNAMIC IP ADDRESSES

Many people have trouble locating one another in the world of dynamically assigned IP addresses. They want to use Internet conferencing technology, but they can't keep track of their own IP addresses, much less someone else's. To help solve this problem, Microsoft created Internet Locator Service (ILS), a directory service that lets users register their dynamic IP addresses on a central server so that other users can find the addresses easily. Users who have access to an ILS directory can search for and establish conferencing connections with other users.

ILS stores user information, including IP addresses, in a virtual database on your server. Applications can use HTTP (via Internet Information Server--IIS--Active Server Pages­ASP­scripts), Lightweight Directory Access Protocol (LDAP), and User Location Protocol (ULP) to query and update the ILS database. ILS supports ULP, so NetMeeting 1.0 and Intel Internet Phone applications work with the service, but Microsoft plans to eventually phase out ULP and make LDAP the standard ILS protocol. Figure 1, page 182, shows how the ILS components work together.

If you've used Microsoft NetMeeting, you might be familiar with ILS. You've probably seen the public ILS servers that Microsoft and Four11 provide for connecting with other people. These servers are free, but they're problematic if you're using them to communicate with corporate clients. Public ILS servers typically service thousands of users during peak periods, and some users include obscenities in their user information. This situation doesn't create an ideal environment for professional communications.

In a business, how can you take advantage of ILS? You can do so by running your own ILS server for company employees and clients.

Set Up the Search
Suppose your company wants employees and clients to collaborate through Internet conferencing software. You can set up a standard ILS configuration so that NetMeeting users can find and connect with one another. In addition, you can provide an HTML-based interface so that users can browse a Web page to find out whether a particular person is online. If the person is online, users can click a link to automatically start NetMeeting and connect with that person.

The first step in setting up an ILS server is installing the ILS software (available free from Microsoft at http://www.microsoft.com/netmeeting) on an IIS server. ILS requires at least 16MB of RAM (32MB on Alpha systems) and consumes 25MB of hard disk space. ILS is compatible with IIS 3.0 and IIS 4.0. The basic ILS setup is straightforward; I recommend accepting the default settings.

When you complete the ILS setup, verify that your ILS's HTTP installation works correctly by selecting the Verify Installation link from the ILS start page. (You can connect directly to the installation verification program at http://machinename/ILS/Verify/Verify.htm.) Follow the verification program's steps. If you have trouble performing the verification program's tests, consult the "Troubleshooting Setup" section of the ILS documentation.

When your verification of the HTTP installation executes without error, load NetMeeting 2.x to make sure that the LDAP interface functions correctly. In NetMeeting, select Options from the Tools menu, then select Calling in NetMeeting to change the software's default server setting to the DNS name (preferably) or IP address of your ILS server. If your ILS server processes LDAP requests correctly, you can connect to your server and see yourself listed in the user directory. You might need to refresh the directory for your information to appear.

If you want to support NetMeeting 1.0 or Intel Internet Phone clients, you also need to test your system's ULP support. Open a ULP application and verify that it can connect to the ILS server. If you don't want to support ULP, you can remove support for the protocol by opening the LDAP Service Properties box in IIS's Internet Service Manager (ISM) and clearing the Enable ULP Interface check box on the ILS Server tab, as Screen 1 shows.

You can adjust other LDAP service settings in the ISM, including how long records remain in the ILS database (the Client Time to Live parameter). ILS stores user information in a virtual database in your server's RAM, so to prevent the service from weighing down your server, you must make sure unnecessary entries don't take up database space. When a NetMeeting client connects to an ILS server, the server lets the client know its Client Time to Live parameter, so the client software periodically refreshes its data on the server. ILS purges from the database all clients that don't refresh their entries before their Client Time to Live expires. The default Client Time to Live parameter is 20 minutes. Not only does the Client Time to Live parameter save RAM space, but it is beneficial if the server crashes. Because your clients refresh their database information periodically, they can completely rebuild a lost database within the ILS server's Client Time to Live period. The ISM also lets you adjust the maximum number of records the database can hold.

If you're going to use ILS only internally, you don't need to consider firewall reconfiguration when you set up your ILS server. Just make a DNS name for your ILS server. (For information about adding DNS Resource Records, see Spyros Sakellariadis, "Integrating and Administering DNS," September 1996.)

Gear Up the Guard Dog
If you plan to let outside hosts access your ILS server, you need to open ports on your firewall for ILS communications. Table 1 lists the TCP ports you must modify, depending on the network protocol you're running. For help reconfiguring your firewall, consult Microsoft Knowledge Base article Q158623, "How to Establish NetMeeting Connections Through a Firewall" (http://premium.microsoft.com/support/kb/articles/q158/6/23.asp).

You must consider two security problems ILS creates. First, if you're going to make your ILS server publicly accessible, consider giving it a name other than ils.yourcompanyname.com, which reveals that the server holds your ILS system. (The less other people know about your system security, the better; however, a determined person can discover the nature of your ILS server through other means.)

Second, seriously consider the security concerns inherent in letting outside Internet users make unsolicited inbound connections to your desktop computers. After all, you probably purchased a firewall to prevent outsiders from accessing your internal systems. Be sure your security measures are extremely well defined before you launch an ILS server for external users.

Make Your Best Friend Better
Once your ILS server is securely running, you can make it friendlier to your clients by implementing one of the ASP scripts that Microsoft includes with ILS. You can easily merge this script into your company's Web site.

To test your new system, have a few users connect to your ILS server and start NetMeeting. Then, open your Web browser and set its location to http://machinename/ILS/Templates/ilsfind.asp. You'll see a screen that looks like Screen 2. In this screen, you can either view a list of all the users connected to the ILS server or search for specific users by their email addresses. If ILS finds the person you're looking for, a Microsoft NetMeeting hyperlink appears. Click the link to launch NetMeeting and connect to the other user.

Search Parties
Now that you know how to set up an ILS server, how can ILS benefit your company? One of ILS's most exciting uses is helping people establish desktop video conferencing connections.

For years, I've expected a leap in the popularity of desktop video conferencing. Every year, companies release products that I expect to make video conferencing ubiquitous, but it remains low on my corporate clients' list of priorities.

Perhaps the most prevalent obstacle facing people who use video conferencing and other collaboration software is finding and connecting to one another across the Internet. ILS eliminates that problem.

Set up an ILS server, and your users will be able to find one another with a few mouse clicks. High-tech conferencing and collaboration have never been so easy.