IIS6 logging to an other Server in a Workgroup?

Posted on 2004-11-17
Last Modified: 2010-04-19
In our new Webfarm that Im working on we currently have the following.

1 Windows 2003 Standard Server setup with a share called Weblogs

3x Windows 2003 Web Servers in a NLB cluster.

What I want to be able to do is dump the logs onto the log server but with the servrs not being in a domain im having problems with accessing the share on the log server.

Originally I created an account on all 4 servers that was identical and gave that full access to the share on the log server, then on the servers I added a startup script in gpedit to launch the following batch file at startup.

@echo off
net use \\server_name\share_name /USER:Test test /PERSISTENT:YES

This does not work though, so how else could I do this? Could I run IIS Service using this account that is identical on all the servers and the log server so that it will have access? or is it not recommended to change the account the IIS service run's with?

Any idea's would be greating appreciated.

King regards.

Darren Bolton
Systems Administrator
Question by:DarrenBolton
    LVL 1

    Expert Comment

    alternatively you could give the account IIS runs with access to the share ;\

    you could just schedule a job to copy the files over nightly or something also, and run it as whatever user you want, without modifying IIS at all

    Author Comment

    Disk space is an issue thats why im wanting the log to another server, i won't be able to grant the account that IIS is running under because the servers arn't in a domain
    LVL 4

    Expert Comment

    IIS can't log to anything but it's local hard drive.

    Explains very briefly that you can't, but there is a doc out there that explains fully why I just can't find it at the moment.

    We ran into this issue and we are currently hosting 8 Web Servers.  To work around this we've scheduled a batch file to copy the logs once a week to a network share then delete the logs out of the directory.  You lose approx 1 minute tops of log file information, but it's the cleanest way of doing it.
    LVL 1

    Expert Comment

    Darren - as dmox and I said, schedule a copy(move) of the log files nightly(or as often as you want)

    LVL 34

    Accepted Solution

    With IIS 6 this is very easy to do.

    (IIS 5 doesn't support remote logging, IIS 6 does....)

    On the target machine you will need to create a Null share:

    Create a new share, for example, public.

    Make sure Everyone has Full Control in the NTFS permissions for the target directory.

    From the Start menu, click Run.

    In the Open box, type Regedit.exe, and click OK.

    Navigate to and double-click the following key in the registry:
       Note that NullSessionShares is a REG_MULTI_SZ value.

    On a new line in the NullSessionShares key, type the name of the share that you want to access with a null session, for example, public.

    Navigate to and click the following key in the registry:

    From the Edit menu, point to Add, click DWORD Value and then add the following registry value:
       Name: RestrictAnonymous
       Type: REG_DWORD
       Data: 0

    Quit Registry Editor.

    Restart the server.

    Finally, point the logging directory for the site to the new Nul session share via UNC path.

    You should be set to go.....

    Dave Dietz

    Author Comment

    I've tried the method that you have given me and it does not appear to work, when I try and connect to the share I get "Bad username or password"

    Author Comment

    Finally got it working!

    Had to enable the "Let Everyone Permissions apply to anonymous users" for it to work.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
    I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
    Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now