Microsoft ISA Server 2000 logging report issues

pts.
Tags:
Microsoft Windows
Security
Security products
Servers
Windows 2000 Server
I'm having a problem configuring our ISA 2000 server to show user names in the weekly reports that we generate. I have completed the following steps, but to no avail: -Configure the log files to record user information -Configure all machines on the internal network as Web Proxy and Firewall clients -Remove all anonymous access Site and Content and/or Protocol Rules -Disable the HTTP Redirector These suggestions were all found at: http://www.isaserver.org/tutorials/userinfo.html. The ISA firewall client was installed on all of our approximately 40 workstations via a log in script. They are configured to connect to our ISA server via the IP address specified. The weird thing is 3 or 4 of the users are logging correctly, but the rest show only IP addresses. I cannot for the life of me figure out what is causing this. Any help is great appreciated.

Answer Wiki

Thanks. We'll let you know when a new response is added.

I had a similar problem and the only way I found to resolve it was to remove ANY rules that involved anonymous access. Once I did that it seemed to work OK.

Discuss This Question: 5  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Ghigbee
    The 3rd rule that you listed appears to be an anonymous rule. I would change that to authenticated users or Domain Users for the group if you need it to apply to everyone. See if that takes care of the problem. The issue is that anonymous rules get applied before rules the other rules.
    0 pointsBadges:
    report
  • Mathewmc
    What does your authentication library look like?
    0 pointsBadges:
    report
  • Waynebk
    I have changed the Proxy rule to apply to Accounts:Everyone. Is there any difference between Accounts:Everyone and Accounts:Users? (i.e. domain users)...I understand this might be unanswerable since it's probably just the way our AD is setup. As far as the authentication library, could you please clarify this? I cannot seem to find anything that references to authentication library. I did make one other change: Under the firewall server properties, incoming web requests, I chose the option to Ask unauthenticated users for identification. Is this necessary? Thanks for the help :) Wayne
    0 pointsBadges:
    report
  • Csmmis
    I can answer part of your question. Accounts: Everyone is literally anyone who manages to access your system. Accounts: Users is limited to those who are authenticated users on your system. Hope this helps.
    0 pointsBadges:
    report
  • Waynebk
    Thanks so much for the help on this issue. I generated a report today and everything is working fine now. Several IP addresses are still coming up, but the majority is now reporting user names. Thanks, Wayne
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following