Solved

ISA Server report only shows a single ip address when used with terminal services. Need to show individual users.

Posted on 2007-04-07
8
290 Views
Last Modified: 2008-05-29
A customer of mine uses terminal services to provide Internet and file access to about a dozen users. The terminal services box is SBS 2003. The PDC is also a SBS box running ISA Server in proxy mode only (no firewall). They want to be able to provide website access reports for individual users. The problem is that the ISA reports only show 1 internal IP address (i.e. the Terminal services box). Is there a way to show individual users on these reports?
0
Comment
Question by:TrentSlater
  • 4
  • 4
8 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18871935
So you have two SBS systems running on the same infrastructure? OK, no problem there although ip addressing/dhcp etc can't be much fun for you.... :(
What version of ISA are you running?
0
 

Author Comment

by:TrentSlater
ID: 18872045
Sorry - the SBS 2003 box is the PDC, and the terminal server box is Server 2003 standard.
They are running ISA 2000
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 18872149
Thanks, that makes more sense. :) - If you have ISA (as part of the SBS Premium) you know that you can get ISA2004 as apart of SP1?  This is far superior although it wouldn't help in what you are trying to do.

If the connection is coming from the terminal services box then that is the IP that will be presented. Securenat clients cannot authenticate to ISA and you cannot install the ISA firewall client on the TS server. I assume you are running TS in application mode?

With ISA2004 you have the option to make all users authenticate ie it can prompt for credentials if you want to but many people see this as more of a hindrance than a help
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:TrentSlater
ID: 18872161
So is there no other way that they can report on the individual users web surfing?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18872235
I assume that if your users do not use the TS service but go directly out the SBS/ISA box then you get the correct stats & identification?

Can you give me some more info on the TS setup? You are using application mode? The app calls the Internet or the client directly?
When you look at the ISA logs, is it showing web access through anonymous? by ip? By service name?

Our problem is to get the ISA server to recognise the TS session login name rather than the ts server name as I am sure you already know.
0
 

Author Comment

by:TrentSlater
ID: 18873638
Keith

TS Setup - clients are all thin client workstations. They TS directly to the TS box (in APP mode) using the PDC for authentication. When I check the ISA logs, only the IP for the TS box is shown.

"Our problem is to get the ISA server to recognise the TS session login name rather than the ts server name as I am sure you already know." - this is exactly the problem !

All the client wants to do is check the "surfing habits" of a particular TS user. Sounds simple ;-)

Trent
0
 

Author Comment

by:TrentSlater
ID: 19512442
Keith

This problem has now advanced to another question.
Can you look at
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_22687724.html
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 19519535
Thanks Trent :)
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question