Article ID: 936696 - Last Review: September 21, 2009 - Revision: 2.0

How to enable the metabase auditing feature in IIS 6.0 on a computer that is running Windows Server 2003 Service Pack 1

View products that this article applies to.
System TipThis article applies to a different operating system than the one you are using. Article content that may not be relevant to you is disabled.

On This Page

Expand all | Collapse all

INTRODUCTION

The new metabase auditing feature in Internet Information Services (IIS) 6.0 lets you audit changes that are made to the IIS metabase. The metabase auditing feature is available in IIS 6.0 on a computer that is running Microsoft Windows Server 2003 Service Pack 1 (SP1).

Note To enable the metabase auditing feature, you must have Windows Server 2003 SP1 or a later version of Windows Server 2003 installed on the computer. The metabase auditing feature is not available on a computer that is running a version of Windows Server 2003 that is earlier than Windows Server 2003 SP1.

This article describes how to enable the metabase auditing feature in IIS 6.0.
Back to the top

MORE INFORMATION

To enable the metabase auditing feature in IIS 6.0, follow these steps.
Back to the top

Step 1: Enable Group Policy auditing in Windows Server 2003 SP1

  1. Click Start, click Run, type Gpedit.msc, and then click OK.
  2. Under Local Computer Policy, expand Computer Configuration, and then expand Windows Settings.
  3. Expand Security Settings, expand Local Policies, and then click Audit Policy.
  4. In the details pane, double-click Audit object access.
  5. Click to select the Success check box, and then click to select the Failure check box.
  6. Click OK.
Back to the top

Step 2: Enable auditing in the IIS metabase

  1. Click Start, click Run, type cmd, and then click OK.
  2. Use the CD command to change to the System32 folder.
  3. Type the following command, and then press ENTER:
    Iiscnfg.vbs /EnableAudit /metabase path
    Note In this command, metabase path is the metabase path that you want to audit.

    For example, to enable auditing for all the IIS metabase, type the following command, and then press ENTER:
    Iiscnfg.vbs /EnableAudit / /r
    To enable auditing only on the root of a Web site that has a site ID of 1, type the following command, and then press ENTER:
    Iiscnfg.vbs /EnableAudit /w3svc/1/root
    Note For more information about how to use the Iiscnfg.vbs command to enable the metabase auditing feature, type Iiscnfg.vbs /enableaudit /? at the command prompt, and the press ENTER.
To disable metabase auditing, follow these steps:
  1. From the Start menu, open the command-line window.
  2. Type the following command to run the Iiscnfg.vbs script. Provide the path of the metabase location:
    cscript iiscnfg.vbs /disableAudit <path>
    For example, to disable metabase auditing at root level, type the following command:
    Iiscnfg.vbs /DisableAudit / /r
  3. Press ENTER.
Back to the top

REFERENCES

For more information about metabase auditing, visit one of the following Microsoft Web sites:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/b5ac0be1-24b5-4e13-9d61-485e28657f83.mspx?mfr=true (http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/b5ac0be1-24b5-4e13-9d61-485e28657f83.mspx?mfr=true)

http://technet.microsoft.com/en-us/library/cc778743(WS.10).aspx (http://technet.microsoft.com/en-us/library/cc778743(WS.10).aspx)
Back to the top
APPLIES TO
  • Microsoft Internet Information Services 6.0, when used with:
    • Microsoft Windows Server 2003 Service Pack 1
Back to the top
Keywords: 
kbaudit kbinfo kbhowto KB936696
Back to the top