Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. How to enable the metabase auditing feature in IIS 6.0 on a computer that is running Windows Server 2003 Service Pack 1

How to enable the metabase auditing feature in IIS 6.0 on a computer that is running Windows Server 2003 Service Pack 1

View products that this article applies to.

INTRODUCTION

The new metabase auditing feature in Internet Information Services (IIS) 6.0 lets you audit changes that are made to the IIS metabase. The metabase auditing feature is available in IIS 6.0 on a computer that is running Microsoft Windows Server 2003 Service Pack 1 (SP1). When metabase auditing is enabled, the Security log on the server show events that apply to the IIS configuration changes that are made.

Note To enable the metabase auditing feature, you must have Windows Server 2003 SP1 or a later version of Windows Server 2003 installed on the computer. The metabase auditing feature is not available on a computer that is running a version of the program that is earlier than Windows Server 2003 SP1.

This article describes how to enable the metabase auditing feature in IIS 6.0.

↑ Back to the top

More Information

To enable the metabase auditing feature in IIS 6.0, follow these steps.

Step 1: Enable Group Policy auditing in Windows Server 2003 SP1

  1. Click Start, click Run, type Gpedit.msc, and then click OK.
  2. Under Local Computer Policy, expand Computer Configuration, and then expand Windows Settings.
  3. Expand Security Settings, expand Local Policies, and then click Audit Policy.
  4. In the details pane, double-click Audit object access.
  5. Click to select the Success check box, and then click to select the Failure check box.
  6. Click OK.

Step 2: Enable auditing in the IIS metabase

  1. Click Start, click Run, type cmd, and then click OK.
  2. At the command prompt, type CD System 32.
  3. Type the following command, and then press Enter:
    Iiscnfg.vbs /EnableAudit /<metabase path>
    Note In this command, <metabase path> represents the metabase path that you want to audit. 

    For example, to enable auditing for all the IIS metabase, type the following command, and then press Enter:
    Iiscnfg.vbs /EnableAudit / /r
     To enable auditing only on the root of a website that has a site ID of 1, type the following command, and then press Enter:
    Iiscnfg.vbs /EnableAudit /w3svc/1/root
    Note For more information about how to use the Iiscnfg.vbs command to enable the metabase auditing feature, type Iiscnfg.vbs /enableaudit /? at the command prompt, and then press Enter.
To disable metabase auditing, follow these steps:

  1. Click Start, click Run, type cmd, and then click OK
  2. At the command prompt, type the following command to run the Iiscnfg.vbs script: 
    cscript iiscnfg.vbs /disableAudit <path>
    Note In this command, <path> represents the path of the metabase location. For example, to disable metabase auditing at root level, type the following command:
    Iiscnfg.vbs /DisableAudit //r
  3. Press Enter.

↑ Back to the top

Keywords: kbentirenet, kbaudit, kbinfo, kbhowto, kb

↑ Back to the top

Article Info
Article ID : 936696
Revision : 1
Created on : 1/7/2017
Published on : 12/21/2012
Exists online : False
Views : 573