Best Practices for Site Packager

  • Article

This topic provides important information about packaging your Commerce Server 2002 site.

Security Issues

Tips for Using Site Packager

Security Issues

  • After you unpack a site, an unpack.vbs script may exist in the root folder of the application (if you unpack the Blank site, it will not exist). Make sure you delete or secure the file immediately after unpacking.

Anonymous users can access this file. Unauthorized use of this script file could lead to denial of service or the breaking of site settings.

  • After you unpack a site to a remote computer, you must run the unpack.bat file from the command line.

The unpack.bat file is located on the remote computer in the root directory of the application. This file is used to unpack security settings on your site. Review Windows accounts with Business Desk permissions before you package a site.

When unpacking a site using Commerce Server Site Packager, Windows accounts with Business Desk permissions are unpacked as well.

For example, you have Commerce Server installed on one computer and you add local groups and accounts. If you pack the site and then unpack it on a different computer, the accounts will also be unpacked. When you open Business Desk, the permissions will be there.

  • Immediately after you install your site, and any time you make major configuration changes to your Commerce Server deployment, it is recommended that you back up your Administration database with a different name.

You can use this backup to roll back any changes that are made later.

  • If you unpack a site onto the IIS Administrative Web site, the site and Business Desk will not function due to IIS administration security limitations.

Tips for Using Site Packager

  • Do not run Site Packager on a production site.

    If Site Packager is run on a production site, the site might not respond properly to clients.

  • To include custom tables and the data they contain in a package file, see Using the GenericPup Object.

  • Do not run more than one instance of Site Packager on a computer at a time.

  • To install more than one Business Desk application on an existing site with a different IIS application name, you must rename the HTML Application (HTA) files and create new Business Desk icon shortcuts before installation.

If you do not rename the files, the HTA files will replace the files that were based on the original site, as well as the Business Desk icons.

  • To unpack a site onto an Internet Information Services (IIS) 5.0 or later Web site other than the default, use the Custom mode of Site Packager.
  • If you unpack the Direct Mailer resource after you unpack a Commerce Server Business Desk application and install the Business Desk client, you must restart IIS on the Web server hosting the Business Desk application in order for the addition of Direct Mailer to be detected.

Business Desk clients must reconnect to the application. For instructions about restarting IIS, see Restarting IIS and Commerce Server Services.

  • If you package a Commerce Server application whose IIS virtual directory contains child IIS applications, Site Packager will package the folders and files of the child applications.

If you do not want the folders and files of the child applications included in the package, you will have to delete them after you unpack the parent Commerce Server application.

  • Site Packager does not package files in child virtual directories of the IIS application.

If you need to package files in child virtual directories, move the folders and files to child physical folders of the root folder of the IIS application before packaging your site.

  • Before you can package a site that has applications (for example, Retail and RetailBusinessDesk) on separate Web servers, you must add one of the Web servers to the other application.

For example, if Retail is installed on Computer A and RetailBizDesk is on Computer B, you can run Site Packager on Computer B to add it as a Web server for Retail. Then you can package the site from Computer B. (Conversely, you could add Computer A to RetailBizDesk, and package the site there.) For more information, see Adding a Web Server to an Application.

  • If you specify an Organizational Unit (OU) containing pure Unicode characters in Site Packager, the OU is registered in Active Directory with nonsensical characters.

This is a limitation on passing Unicode strings to the Run method of the WScript.Shell object. This is a limitation of the Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows NT, and Microsoft Windows 2000 platforms. This issue will be corrected in Microsoft Windows Server 2003. Users who do not want to upgrade their platforms can upgrade the script engines in Windows to V5.6. The upgrade will be available for free download from Windows Server 2003 when that product is released.

Copyright © 2005 Microsoft Corporation.
All rights reserved.