juliandormon
asked on
IIS 6 logging to UNC share - cannot get proper permissions
Hi there,
I have two load balanced IIS 6 servers and I need to combine their logs files.
According to MS, I should be able to write the log files to a remote UNC share but I keep getting the following error when trying to do so.
15001
Unable to create the log file for site W3SVC%2.
Ensure that the logging directory for the site is correct and this computer has write access to that directory.
Here's what MS says about this error:
"Event ID 15000, 15001, and 15003
These errors occur when the log file and directory do not have proper security settings. When the IIS logging configuration settings are changed, if the file and directory security settings are not correct (if the System and Administrators do not have full control), HTTP.sys writes event ID 15001 or event ID 15003 (if binary logging is enabled) to the Event Log. HTTP.sys writes an event ID 15000 to the event log if security settings change during operation, for example, if the file ACLs are altered manually."
My problem is that I gave the Adminsitrator Full Control to the UNC Share (by the way the two machines have the same Adminsitrator username and passsword - I do not use Active Directory) and this did not work. I also tried the IUSR_SPXXXX and IWAM_SPXXXX accounts, but same thing.
Can you tell me what Account needs control - and do I apply the permissions to just the Sharing or the NTFS security as well as Sharing permissions?
I have two load balanced IIS 6 servers and I need to combine their logs files.
According to MS, I should be able to write the log files to a remote UNC share but I keep getting the following error when trying to do so.
15001
Unable to create the log file for site W3SVC%2.
Ensure that the logging directory for the site is correct and this computer has write access to that directory.
Here's what MS says about this error:
"Event ID 15000, 15001, and 15003
These errors occur when the log file and directory do not have proper security settings. When the IIS logging configuration settings are changed, if the file and directory security settings are not correct (if the System and Administrators do not have full control), HTTP.sys writes event ID 15001 or event ID 15003 (if binary logging is enabled) to the Event Log. HTTP.sys writes an event ID 15000 to the event log if security settings change during operation, for example, if the file ACLs are altered manually."
My problem is that I gave the Adminsitrator Full Control to the UNC Share (by the way the two machines have the same Adminsitrator username and passsword - I do not use Active Directory) and this did not work. I also tried the IUSR_SPXXXX and IWAM_SPXXXX accounts, but same thing.
Can you tell me what Account needs control - and do I apply the permissions to just the Sharing or the NTFS security as well as Sharing permissions?
ASKER
Thanks,
It doesn't seem to work, probably because the instructions call for a my services to be in the same domain, but I am not using AD.
Anyother suggestions, perhaps I can robocopy the log files before I to the remote server?
It doesn't seem to work, probably because the instructions call for a my services to be in the same domain, but I am not using AD.
Anyother suggestions, perhaps I can robocopy the log files before I to the remote server?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Configuring IIS to Log Data on a Remote Share (IIS 6.0)
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/0b56f0c2-5043-48a6-9564-2de0cc29c81d.mspx?mfr=true