• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1333
  • Last Modified:

IIS 6 logging to UNC share - cannot get proper permissions

Hi there,
I have two load balanced IIS 6 servers and I need to combine their logs files.
According to MS, I should be able to write the log files to a remote UNC share but I keep getting the following error when trying to do so.

15001
Unable to create the log file for site W3SVC%2.
Ensure that the logging directory for the site is correct and this computer has write access to that directory.

Here's what MS says about this error:
"Event ID 15000, 15001, and 15003

These errors occur when the log file and directory do not have proper security settings. When the IIS logging configuration settings are changed, if the file and directory security settings are not correct (if the System and Administrators do not have full control), HTTP.sys writes event ID 15001 or event ID 15003 (if binary logging is enabled) to the Event Log. HTTP.sys writes an event ID 15000 to the event log if security settings change during operation, for example, if the file ACLs are altered manually."

My problem is that I gave the Adminsitrator Full Control to the UNC Share (by the way the two machines have the same Adminsitrator username and passsword - I do not use Active Directory) and this did not work. I also tried the IUSR_SPXXXX and IWAM_SPXXXX accounts, but same thing.

Can you tell me what Account needs control - and do I apply the permissions to just the Sharing or the NTFS security as well as Sharing permissions?
0
juliandormon
Asked:
juliandormon
  • 2
1 Solution
 
AndresMCommented:
You can configure IIS to write log file data to a remote share. In the remote share, IIS creates a unique directory for each Web site, for example W3SVCX, where X is a random number generated by IIS to represent the specific Web site. IIS also creates the log file with exclusive write access, so that multiple machines cannot write to the same log file.

Configuring IIS to Log Data on a Remote Share (IIS 6.0)
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/0b56f0c2-5043-48a6-9564-2de0cc29c81d.mspx?mfr=true
0
 
juliandormonAuthor Commented:
Thanks,
It doesn't seem to work, probably because the instructions call for a my services to be in the same domain, but I am not using AD.
Anyother suggestions, perhaps I can robocopy the log files before I to the remote server?
0
 
AndresMCommented:
By default IIS writes its logs on a per-daily-basis. You can create a script that runs daily to copy the log (of the day before) to a share and delete the log in IIS. Since you have two webservers you can also create a script (for ie VBScript) that mixes both IIS logs. Or use a third-pary tool to analyse the logs, the tool will mix the logs for you (for i.e. Webtrends).

Since the webservers and the fileserver are not part of a domain, may be you hava some trouble copying files from one server to the other; one simple workarround is create same user same password in all servers, and configure the copy script to run under that account.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now