I would like to exclude user IP field in IIS access logs for a ASP.NET service hosted on Azure. Is there a way to achieve this? I'm using WAD to collect logs into a blob storage.
You will want to run an elevated Azure role startup task (see http://blogs.msdn.com/b/avkashchauhan/archive/2011/03/17/using-startup-task-in-windows-azure-detailed-summary.aspx) and run the following command to remove ClientIP field from logs:
%windir%\system32\inetsrv\appcmd set config -section:sites -siteDefaults.logfile.logExtFileFlags:Date,Time,UserName,ServerIP,Method,UriStem,UriQuery,TimeTaken,HttpStatus,Win32Status,ServerPort,UserAgent,HttpSubStatus,Referer
In the above command line "ClientIp" is removed which should remove the user IP field from the logs.
To add to BilalAlam's answer (though this doesn't directly answer the question)
His example will change logging for all sites
appcmd set config -section:sites -siteDefaults.logfile.logExtFileFlags:Date,Time,UserName,ServerIP,Method,UriStem,UriQuery,TimeTaken,HttpStatus,Win32Status,ServerPort,UserAgent,HttpSubStatus,Referer
Here is how to change logging for a single site
appcmd.exe set config -section:sites -"[name='ExampleSite'].logfile.logExtFileFlags:Date,Time,UserName,ServerIP,Method,UriStem,UriQuery,TimeTaken,HttpStatus,Win32Status,BytesSent,BytesRecv,ServerPort,UserAgent,Cookie,HttpSubStatus,Referer"����
If you want to make the change at the application host config file (instead of the web.config file), add /commit:apphost to the end of the command
appcmd.exe set config -section:sites -"[name='ExampleSite'].logfile.logExtFileFlags:Date,Time,UserName,ServerIP,Method,UriStem,UriQuery,TimeTaken,HttpStatus,Win32Status,BytesSent,BytesRecv,ServerPort,UserAgent,Cookie,HttpSubStatus,Referer" /commit:apphost
Related
I have a Windows 2008 R2 server running IIS 7.5. I'd like to set up a virtual directory for my website to allow the download of video files from a file share on a server in another domain. I have a domain username and password that allows me to access this file share. However, when I try to setup the virtual directory in IIS, I get the following error message:
HTTP Error 500.19 - Internal Server Error
The requested page cannot be accessed because the related configuration data for the page is invalid.
Module: IIS Web Core
Notification: BeginRequest
Handler: Not yet determined
Error Code: 0x8007052e
Config Error: Cannot read configuration file
Config File: \\?\UNC\z27ar1cfvs004.abc.se\video$\web.config
Requested URL: http://localhost:8080/Video
Physical Path: \\z27ar1cfvs004.abc.se\video$
Logon Method: Not yet determined
Logon User: Not yet determined
Weirdly, I can hit Explore on my virtual directory and IIS will launch Explorer showing me the files.
For my site's authentication settings I have Basic and Windows authentication settings enabled.
Here are the things I've tried unsuccessfully:
Changing the Connect As... user for the site to use the domain user credentials
Changing the Connect As... user for the virtual directory to use the domain user credentials
Changing the Application Pool identity for the website to use the domain user account credentials
Creating a local user account on the IIS server with the same username/password as on the domain server, and trying all 3 steps above again but only specifying the username rather than domain\username
Changing the Managed Pipeline Mode: neither Integrated nor Classic makes any difference
I've Googled until my eyes have gone blurry and spent hours trying many recommended suggestions but all to no avail.
How can I solve this problem?
I have found a couple ways around this, depending on what your problem is:
Actually make a web.config file in the shared directory.
Make a <location path="video" inheritInChildApplications="false" /> element in your main web.config to specify that the virtual directory is not allowed to have web.config settings override its parent.
Set up a real directory in your website that does have a web.config in it, and use the URL Rewrite tool to make a set of rewrites to the actual content.
If you have written a custom HTTP Module that is enabled for the site, turn it off for that directory. For instance, if the module does not have to run on static files, add precondition="managedHandler" to its settings in web.config or applicationHost.config.
Is there a way to set a default user/password in web.config of a ASP.NET application only while it's running in localhost?
I've done some research and found some tags like "credentials" but I ended up with no results.
Thanks :D
If you take advantage of the publish option and the web.release.config file, you can have the credentials in the root config, and write a transform to remote it from the web config when published in release mode.
I'm setting up our server so we can install an ASP.Net web application on it.
I right clicked Sites in the IIS7 Manager and selected Add Virtual Directory and I clicked the Test Settings button, this messages is displayed:
The server is configured to use pass-through authentication with a built-in
account to access the specified physical path. However, IIS Manager cannot
verify whether the built-in account has access. Make sure that the application
pool identity has Read access to the physical path. If this server is joined to
a domain, and the application pool identity is NetworkService or LocalSystem,
verify that <domain>\<computer_name>$ has Read access to the physical path.
Then test these settings again.
The message does not tell us how to do any of these things.
The server I'm setting up has Windows7 Home Premium installed on it. The computer is set up with all defaults set and has a computer name such as MyComputer-PC (not the real name). There is no domain set up.
Can you tell us how to do what is described in the message?
1) Go to IIS, click on the IIS entry that holds your virtual directory. On the right click on Basic Setting to see which appliatino pool it's using.
2) Go to IIS, go to application Pools. Right click on your application pool and check the advance setting -> Identity property to find out which user it's using.
3) Go to the folder that your IIS Entry maps to, make sure that user is added to this directory. If you want to give it write permission, give it write. Otherwise, make give it read & execute is fine.
The message is pretty clear in what needs to be done. Go to the Application Pool section of IIS and open the advanced settings of the default Application pool. Check what username is specified in the Identity property.
Go to the location where you are physically storing your virtual directory and go to the folder properties -> Security. Ensure that the user has the appropriate access.
Basically, you can ignore this message if you don't plan to write files to your site directory.
This message means that IIS can't check if it's system windows account has enough permissions on your site folder.
I have a set of applications running in my IIS Server 7.0. I need to "Expire Web Content" of one of those applications through command line. Running appcmd.exe works, but it changes this configuration for all the applications in IIS. Is there a way to do this for a single application?
This is the command which I ran.
appcmd.exe set config /section:staticContent /clientCache.cacheControlMode:DisableCache
Thanks.
Use the following command, just replace "SITENAME" with your site id.
appcmd.exe set config "SITENAME" /section:staticContent /clientCache.cacheControlMode:DisableCache
I have an ASP.NET application that attempts to write files on the web server during runtime. In my development environment, this works. However, when I deploy it to the production server, and I execute the code, I receive an error that states:
"Access to the path 'C:\Inetpub\wwwroot\MyWebApp\DirToWriteTo\' is denied."
My production server is a Window Server 2003 machine. The web application is set to allow anonymous access via the IUSR_TEMPLATE account.
What am I doing wrong?
Thank you!
You need provide the grant permissions to NETWORK SERVICE user.
you can check this link:-
http://repeatgeek.com/technical/asp-net-access-to-path-is-denied/
The most likely problem is that your anonymous user does not have write access to the location.
What I would do is create a web.config entry for the location you want to write to and use that config key as your writable directory. This will allow you to have separate configuration for your production server and your development machine, if needed.
Next, just give write access to the directory defined in your configuration to the user IUSER_TEMPLATE, or as Thorarin said the Network Service, in which case you should set up identity impersonation in your Web.config so that you can specify the user (unless you configure the user through the app pool). That should fix the problem.
If you have Windows 2008 or above, try giving write permissions to IIS_IUSRS.
(Network Service has also worked for me in the past. From what I read here, it depends on the Server OS.)
In my case, Visual Studio 2015 changed an existing project's IIS AppPool user to the default of DefaultAppPool, which gave me permission errors, configuration errors, role provider errors, and null reference errors. After discovering this and changing it back to the application pool that the folder permissions were set to, things started working again.