?
Solved

How to log OWA Access ? (to trackdown IP Address and connected mailbox)

Posted on 2008-11-04
4
Medium Priority
?
2,347 Views
Last Modified: 2012-05-05
To All Expert,

I'm just wondering and been looking around if there's anyway to get the IP address detail of OWA access (anyone who use OWA, their IP and username is logged) and probably write it down to SQL Server database or even just simple text file will do.

is this something that IIS 6.1 can do or should i do it in ASP 3.0 way ?

the reason I'm doing this is for company compliance policy to trackdown the OWA usage and making sure that certain username that accessing a particular IIS directory is logged properly.

Cheers.
0
Comment
Question by:jjoz
  • 2
  • 2
4 Comments
 
LVL 14

Expert Comment

by:top_rung
ID: 22883567
Go to the default website's log path which is typically...

C:\WINDOWS\system32\LogFiles\W3SVC1

and you should see an entry such as this...

2008-11-05 06:51:20 192.168.24.10 GET /exchange

There will be other entries as well.... You can test it by going from your home IP and then checking the logs and see all the entries logged with GET requests matching your IP.

I hope this helps.

0
 
LVL 1

Author Comment

by:jjoz
ID: 22883968

thanks for your reply Top_rung,
I can see it like the following attached file.

is it because my CAS is sitting behind proxy/firewall ?

if it yes, then there's no other way apart from parsing the file manually then.

2008-11-04 23:58:31 W3SVC1 <ExcServer IP> POST /owa/ev.owa oeh=1&ns=Notify&ev=Poll 443 - <PROXY SERVER IP> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1) 401 1 0
 
2008-11-04 23:58:31 W3SVC1 <ExcServer IP> POST /owa/ev.owa oeh=1&ns=Notify&ev=Poll&prfltncy=0&prfrpccnt=0&prfrpcltncy=0&prfldpcnt=0&prfldpltncy=0&prfavlcnt=0&prfavlltncy=0 443 DOAMIN.COM\Administrator <PROXY SERVER IP> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1) 200 0 0

Open in new window

0
 
LVL 14

Accepted Solution

by:
top_rung earned 2000 total points
ID: 22910232
Hey,

Sorry for the late response.  Yeah, it looks like you won't get the info there due to the proxy.  I presume you will need to get the information from the proxy logs - that is, look for whatever is destined for the exchange owa - you should see the source IP there (assuming you are logging that info).
0
 
LVL 1

Author Closing Comment

by:jjoz
ID: 31513423
easy to understand
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
MS Outlook undoubtedly is the most widely used email client.Its user-friendliness, cost effectiveness, and availability with Microsoft Office Suite make it the most popular email application.  Its compatibility with Microsoft applications like Exch…
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Suggested Courses
Course of the Month15 days, 21 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question