Solved

Enable IIS Logging via GPO

Posted on 2016-07-14
4
72 Views
Last Modified: 2016-07-18
We are looking to centrally enable IIS logging on all of our web servers. We can manually enable via the below article. However, we would like a way to enable this across all of our web servers.

http://blogs.iis.net/webtopics/iis-7-5-how-to-enable-iis-configuration-auditing
0
Comment
Question by:GR JN
  • 2
4 Comments
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 41712598
If all servers are 2008 and above, then try below
Enter all servers in txt file one by one on each line
server1
server2

Then Try below
$Allservers = get-Content C:\servers.txt
foreach ($server in $Allservers)
{
$si = new-object System.Diagnostics.ProcessStartInfo
$si.fileName = “C:\Windows\System32\wevtutil.exe”
$si.Arguments= ‘ sl Microsoft-IIS-Configuration/Operational /e:true’
$si.windowStyle = [System.Diagnostics.ProcessWindowStyle]::Hidden
$process = [System.Diagnostics.Process]::Start($si)
write-host “Enabled Configuration Auditing"
}

Taken from below link
https://blogs.technet.microsoft.com/sateesh-arveti/2011/03/10/powershell-script-to-enable-iis-configuration-auditing/
0
 

Author Comment

by:GR JN
ID: 41713330
Is it possible to do this natively via GPO (ADM/X)?
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 41713346
This is not possible with GPO best of my knowledge unless somebody write custom admx file to do that
0
 
LVL 38

Expert Comment

by:Adam Brown
ID: 41713761
Because of how these logs are enabled, GPO configuration isn't completely possible. You can deploy registry settings that will functionally enable the auditing, but the logs themselves will not work when you do this. Manually enabling configuration audit logging is currently the only real way to accomplish this goal.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now