HTTP Symbol Stores

In order to make a symbol store accessible over the Internet, you must configure both the directories containing the symbol files and Internet Information Services (IIS).

Configuring the Directories

Begin by selecting the directory you will use as your symbol store. In our examples, we call this directory c:\symstore and the name of the server on the network is \SymMachineName. Permissions must be set so that users can access the site and you must add the security groups that must access the symbol content over the network. The amount of security to enable varies from environment to environment. For some installations, this group is “Everyone”.

1. 1.Open Windows Explorer.
2. 2.Expand My Computer.
3. 3.Expand the C drive.
4. 4.Right-click c:\symstore and choose Sharing and Security.
5. 5.Check Share this folder.
6. 6.Click Permissions.
7. 7.To ensure that the desired security groups have read access, add them under Group or user names and check the Allow box in the Read row.
8. 8.To exit Permissions, click OK.
9. 9.To exit Symstore Properties, click OK.

The symbol store can now be used for debugging by another computer with a symbol path of srv*\\SymMachineName\symstore, or it can be further configured for use with authentication or with SymProxy.

For details on how to populate your symbol store, see SymStore.

Configuring IIS

Internet Information Services (IIS) must be configured to serve the symbols by creating a virtual directory and configuring MIME types. After this has been done, the authentication method may be chosen.

1. 1.From Administrative Tools open Internet Information Services (IIS) Manager.
2. 2.Expand Web Sites.
3. 3.Right-click Default Web Site or the name of the site being used.
4. 4.Select New Virtual Director....
5. 5.Click Next on the Welcome screen.
6. 6.Type Symbols for Alias and click Next.
7. 7.For the Path enter c:\SymStore and click Next.
8. 8.Uncheck Run scripts (recommended).
9. 9.Check Browse (optional).
10. 10. To complete the virtual directory wizard, click Next and Finish.

1. 1.Right-click the Symbols virtual directory and choose Properties.
2. 2.Select HTTP Headers.
3. 3.Click MIME Types.
4. 4.Click New.
5. 5.For Extension, type *.
6. 6.For MIME type, type application/octet-stream.
7. 7.To exit the MIME Types dialog box, click OK.
8. 8.To exit Symbols Properties, click OK.

At this point, IIS is now ready to serve the files in your symbol store using anonymous authentication. It is also possible to configure IIS to use Integrated Windows Authentication (IWA) so that clients such as WinDbg can automatically authenticate against IIS without prompting the end-user for credetials. However, SymSrv does not currently support Kerberos authentication when connecting to IIS, so Kerberos must be removed as an option.

1. 1.From Administrative Tools, open Internet Information Services (IIS) Manager.
2. 2.Right-click the Symbols virtual directory and select Properties.
3. 3.Click the Directory Security tab.
4. 4.Under Authentication and access control click Edit.
5. 5.Verify that only Integrated Windows Authentication is checked.
6. 6.Verify that Enable anonymous acceess is unchecked.
7. 7.To exit the Authentication Methods dialog box, click OK.
8. 8.To exit Symbols Properties, click OK.

To remove the option for Kerberos authentication, the Web site identifier is needed. If you are not using the default Web site (which is site "1"), you must determine the correct Web site identifier by highlighting the Web Sites folder and looking at the identifier listed in the right-hand panel for the appropriate Web site. Replace "1" in these directions with the correct identifier number.

1. 1.Open a Command Prompt window
2. 2.Navigate to the directory c:\inetpub\AdminScripts.
3. 3.Type the following, including the quotation marks:

   cscript adsutil.vbs set W3SVC/1/root/Symbols/NtAuthenticationProviders "NTLM"
   

IIS is now ready to serve files from the symbol store.