RE: Auditing logins via w3svc
From: Jeff Qiu (jefffqiu@online.microsoft.com)
Date: 12/19/02
- Next message: jake: "local vs. domain"
- Previous message: kb: "file ownership?"
- In reply to: Sandy Wood: "RE: Auditing logins via w3svc"
- Next in thread: Sandy Wood: "RE: Auditing logins via w3svc"
- Reply: Sandy Wood: "RE: Auditing logins via w3svc"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: jefffqiu@online.microsoft.com (Jeff Qiu) Date: Thu, 19 Dec 2002 01:47:25 GMT
Hi Sandy,
I am glad to do some further research for you.
Please post a complete error log that has the W3SVC source from the system
log for our further research.
Regards,
Jeff Qiu
jefffqiu@online.microsoft.com
Online Support Professional
Microsoft Corporation
This posting is provided Ħ°AS ISĦħ with no warranties, and confers no
rights.
--------------------
>Content-Class: urn:content-classes:message
>From: "Sandy Wood" <sandy.wood@da.ocgov.com>
>Sender: "Sandy Wood" <sandy.wood@da.ocgov.com>
>References: <04eb01c2a5f2$91d99660$89f82ecf@TK2MSFTNGXA01>
<xNz7IYmpCHA.2580@cpmsftngxa09>
>Subject: RE: Auditing logins via w3svc
>Date: Wed, 18 Dec 2002 08:35:57 -0800
>microsoft.public.win2000.security
>
>My question isn't so much about iis, as about auditing
>login attempts and where should we look and why. I'll
>head over to iis, but wouldn't this newsgroup be able to
>answer at least part of my issue?
>>-----Original Message-----
>>Hi Sandy,
>>
>>Based on my research, this error source W3SVC is related
>to the IIS. To
>>better audit that kind of failure, you may need to go
>deeper into the IIS
>>console and Snap-Ins.
>>
>>Please post this question in the
>microsoft.public.inetserver.iis newsgroup.
>>That newsgroup is primarily for issues involving all IIS
>related issues.
>>We recommend posting appropriately so you will get the
>most qualified pool
>>of respondents, and so other partners who regularly read
>the newsgroups can
>>either share their knowledge or learn from your
>interaction with us.
>>
>>Regards,
>>
>>Jeff Qiu
>>jefffqiu@online.microsoft.com
>>Online Support Professional
>>Microsoft Corporation
>>
>>This posting is provided Ħ°AS ISĦħ with no warranties,
>and confers no
>>rights.
>>
>>--------------------
>>>Content-Class: urn:content-classes:message
>>>From: "Sandy Wood" <sandy.wood@da.ocgov.com>
>>>Sender: "Sandy Wood" <sandy.wood@da.ocgov.com>
>>>Subject: Auditing logins via w3svc
>>>Date: Tue, 17 Dec 2002 09:34:36 -0800
>>>microsoft.public.win2000.security
>>>
>>>I've been trying to get a handle on auditing failed and
>>>successful logins to our web site that has Int. NT
>>>security. I've enabled auditing in secpol.msc and looks
>>>like the Security log is filling up nicely. My question
>>>is that I also see failed attempts at login in the
>System
>>>log under the W3SVC source. What's the best way to make
>>>sure I catch and audit all the attempts and why aren't
>>>they all covered just under the Security Log?
>>>
>>
>>.
>>
>
- Next message: jake: "local vs. domain"
- Previous message: kb: "file ownership?"
- In reply to: Sandy Wood: "RE: Auditing logins via w3svc"
- Next in thread: Sandy Wood: "RE: Auditing logins via w3svc"
- Reply: Sandy Wood: "RE: Auditing logins via w3svc"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
