Virtual Directory

Last Edited



Definition of Virtual Directory in The Network Encyclopedia.

What is Virtual Directory?

Virtual Directory is a directory that appears to Web browser users as a subdirectory of a Web site’s home directory but in fact might be located in a different folder, drive, or server. Virtual directories are supported by Internet Information Service (IIS) in Microsoft Windows Server Operating Systems.

Virtual Directory
Virtual Directory

For example, consider a user accessing a Web site by using the following Uniform Resource Locator (URL):

The directory otherstuff appears to the user to be a real subdirectory of the home directory, while in fact it could be a virtual directory that is mapped to a share on a different server on the Web provider’s network.

The advantage of using virtual directories is that content does not need to be stored only on the Web server – it can be distributed on other servers throughout the Web provider’s network. These servers can be located at secure, strategic locations for easy access by Web content developers. The disadvantage is a slight performance hit due to data being transmitted over the network.

Virtual Directory on IIS 7

In IIS 7, each application must have a virtual directory, known as the root virtual directory, and maps the application to the physical directory that contains the application’s content. However, an application can have more than one virtual directory. For example, you might use a virtual directory when you want your application to include images from another location in the file system, but you do not want to move the image files into the physical directory that is mapped to the application’s root virtual directory.

Virtual Directories Advantages

Virtual directories:

  • Enable faster deployment because users do not need to add and sync additional application-specific data sources
  • Leverage existing identity infrastructure and security investments to deploy new services
  • Deliver high availability of data sources
  • Provide application-specific views of identity data which can help avoid the need to develop a master enterprise schema
  • Allow a single view of identity data without violating internal or external regulations governing identity data
  • Act as identity firewalls by preventing denial-of-service attacks on the primary data-stores and providing further security on access to sensitive data
  • Can reflect changes made to authoritative sources in real-time
  • Present a unified virtual view of user information from multiple systems so that it appears to reside in a single system
  • Can secure all backend storage locations with a single security policy

Virtual Directories Disadvantages

  • The classical virtual directory based on proxy cannot modify underlying data structures or create new views based on the relationships of data from across multiple systems. So if an application requires a different structure, such as a flattened list of identities, or a deeper hierarchy for delegated administration, a virtual directory is limited.
  • Many virtual directories cannot correlate same-users across multiple diverse sources in the case of duplicate users
  • Virtual directories without advanced caching technologies cannot scale to heterogeneous, high-volume environments.

Why Virtual directories are used?

Examples of virtual directories usage:

  • Integrating multiple directory namespaces to create a central enterprise directory.
  • Supporting infrastructure integrations after mergers and acquisitions.
  • Centralizing identity storage across the infrastructure, making identity information available to applications through various protocols (including LDAP, JDBC, and web services).
  • Creating a single access point for web access management (WAM) tools.
  • Enabling web single sign-on (SSO) across varied sources or domains.
  • Supporting role-based, fine-grained authorization policies
  • Enabling authentication across different security domains using each domain’s specific credential checking method.
  • Improving secure access to information both inside and outside of the firewall.

How to create a new Virtual Directory

  1. Open Internet Information Services (IIS) Manager:
    • If you are using Windows Server 2012 or Windows Server 2012 R2:
      • On the taskbar, click Server Manager, click Tools, and then click Internet Information Services (IIS) Manager.
    • If you are using Windows 8 or Windows 8.1:
      • Hold down the Windows key, press the letter X, and then click Control Panel.
      • Click Administrative Tools, and then double-click Internet Information Services (IIS) Manager.
    • If you are using Windows Server 2008 or Windows Server 2008 R2:
      • On the taskbar, click Start, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
    • If you are using Windows Vista or Windows 7:
      • On the taskbar, click Start, and then click Control Panel.
      • Double-click Administrative Tools, and then double-click Internet Information Services (IIS) Manager.
  2. In the Connections pane, expand the server name, expand Sites, expand the Web site to which you want to add the virtual directory, and then click the application to which you want to add the virtual directory.
  3. In the Actions pane, click View Virtual Directories, and then click Add Virtual Directory…
  4. In the Add Virtual Directory dialog box, at a minimum enter information in the Alias: and Physical path: text boxes, and then click OK.
Creating a new Virtual Directory
Creating a new Virtual Directory