Solved

IIS 6 logging to UNC share - cannot get proper permissions

Posted on 2006-11-24
3
1,286 Views
Last Modified: 2008-02-01
Hi there,
I have two load balanced IIS 6 servers and I need to combine their logs files.
According to MS, I should be able to write the log files to a remote UNC share but I keep getting the following error when trying to do so.

15001
Unable to create the log file for site W3SVC%2.
Ensure that the logging directory for the site is correct and this computer has write access to that directory.

Here's what MS says about this error:
"Event ID 15000, 15001, and 15003

These errors occur when the log file and directory do not have proper security settings. When the IIS logging configuration settings are changed, if the file and directory security settings are not correct (if the System and Administrators do not have full control), HTTP.sys writes event ID 15001 or event ID 15003 (if binary logging is enabled) to the Event Log. HTTP.sys writes an event ID 15000 to the event log if security settings change during operation, for example, if the file ACLs are altered manually."

My problem is that I gave the Adminsitrator Full Control to the UNC Share (by the way the two machines have the same Adminsitrator username and passsword - I do not use Active Directory) and this did not work. I also tried the IUSR_SPXXXX and IWAM_SPXXXX accounts, but same thing.

Can you tell me what Account needs control - and do I apply the permissions to just the Sharing or the NTFS security as well as Sharing permissions?
0
Comment
Question by:juliandormon
  • 2
3 Comments
 
LVL 10

Expert Comment

by:AndresM
ID: 18008139
You can configure IIS to write log file data to a remote share. In the remote share, IIS creates a unique directory for each Web site, for example W3SVCX, where X is a random number generated by IIS to represent the specific Web site. IIS also creates the log file with exclusive write access, so that multiple machines cannot write to the same log file.

Configuring IIS to Log Data on a Remote Share (IIS 6.0)
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/0b56f0c2-5043-48a6-9564-2de0cc29c81d.mspx?mfr=true
0
 

Author Comment

by:juliandormon
ID: 18008426
Thanks,
It doesn't seem to work, probably because the instructions call for a my services to be in the same domain, but I am not using AD.
Anyother suggestions, perhaps I can robocopy the log files before I to the remote server?
0
 
LVL 10

Accepted Solution

by:
AndresM earned 250 total points
ID: 18008624
By default IIS writes its logs on a per-daily-basis. You can create a script that runs daily to copy the log (of the day before) to a share and delete the log in IIS. Since you have two webservers you can also create a script (for ie VBScript) that mixes both IIS logs. Or use a third-pary tool to analyse the logs, the tool will mix the logs for you (for i.e. Webtrends).

Since the webservers and the fileserver are not part of a domain, may be you hava some trouble copying files from one server to the other; one simple workarround is create same user same password in all servers, and configure the copy script to run under that account.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cannot start WWW Service 2 47
Exchange 2013 and IIS Logs filling up Hard disk space 6 74
Why is my Splunk Web URL not working? 2 52
URL Redirect using IIS v8 4 24
What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now