Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Enable IIS Logging via GPO

Posted on 2016-07-14
4
Medium Priority
?
249 Views
Last Modified: 2016-07-18
We are looking to centrally enable IIS logging on all of our web servers. We can manually enable via the below article. However, we would like a way to enable this across all of our web servers.

http://blogs.iis.net/webtopics/iis-7-5-how-to-enable-iis-configuration-auditing
0
Comment
Question by:GR JN
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 38

Accepted Solution

by:
Mahesh earned 2000 total points
ID: 41712598
If all servers are 2008 and above, then try below
Enter all servers in txt file one by one on each line
server1
server2

Then Try below
$Allservers = get-Content C:\servers.txt
foreach ($server in $Allservers)
{
$si = new-object System.Diagnostics.ProcessStartInfo
$si.fileName = “C:\Windows\System32\wevtutil.exe”
$si.Arguments= ‘ sl Microsoft-IIS-Configuration/Operational /e:true’
$si.windowStyle = [System.Diagnostics.ProcessWindowStyle]::Hidden
$process = [System.Diagnostics.Process]::Start($si)
write-host “Enabled Configuration Auditing"
}

Taken from below link
https://blogs.technet.microsoft.com/sateesh-arveti/2011/03/10/powershell-script-to-enable-iis-configuration-auditing/
0
 

Author Comment

by:GR JN
ID: 41713330
Is it possible to do this natively via GPO (ADM/X)?
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 41713346
This is not possible with GPO best of my knowledge unless somebody write custom admx file to do that
0
 
LVL 43

Expert Comment

by:Adam Brown
ID: 41713761
Because of how these logs are enabled, GPO configuration isn't completely possible. You can deploy registry settings that will functionally enable the auditing, but the logs themselves will not work when you do this. Manually enabling configuration audit logging is currently the only real way to accomplish this goal.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question