IIS Log Analyzer

Download Log Parser 2.2 from the microsoft site. After the installation google is your friend

Example

Hits on a particular page by IP address

LogParser -i:IISW3C "SELECT c-ip, COUNT(*) As Hits FROM C:\WINDOWS\system32\LogFiles\temp\*.log WHERE EXTRACT_FILENAME(cs-uri-stem) = 'default.aspx' AND sc-status = '200' GROUP BY c-ip Order by Hits DESC" -o:DataGrid

Another great way to analyse log files is the tool: Log Parser Studio. With this tool you can easy query loggings with a GUI:

2016-08-25 15_49_33-How To_ Move Music from iPod to PC in 5 Easy Steps

 

Troubleshoot IIS hangs

I’ve created a batch file which find out what was hanging my .NET application.

:loop
CLS
time /t >>crappy_site_log.txt
%windir%\system32\inetsrv\appcmd list requests /elapsed:5000 >>crappy_site_log.txt
ping -n 4 127.0.0.1
GOTO loop

This command logs every request above the 5 seconds.

IIS-debug

This idea came from: https://www.leansentry.com/Guide/IIS-AspNet-Hangs

IIS 7 and 7.5 rotate all logging

  • start powershell
  • set-executionpolicy remotesigned
  • Create a script with notepad
get-childitem -Path C:\inetpub\logs\LogFiles -recurse |
where-object {$_.lastwritetime -lt (get-date).addDays(-90)} |
Foreach-Object { del $_.FullName }
  • Save the script @ c:\scripts\del_old_logs.ps1
  • start cmd
  • run: powershell.exe c:\scripts\del_old_logs.ps1  -noprofile -Noninteractive
  • If you get a “child” question press A
  • Start task scheduler
  • Schedule the task
  • program powershell
  • c:\scripts\del_old_logs.ps1  -noprofile -Noninteractive

Sheduled Task

  • Run the task wheter user is logged on or not
  • Highest privileges not needed

Install Thawte SSL Webserver or Wildcard (the Quick way)

After you successfully installed a web or wildcard SSL certificate you must follow some extra steps.

  • First download this zip with 2 SSL certificates
  • Extract the zip e.g. C:\install\ssl
  • Start > run > mmc > file> add/remove snap in > certificates > local computer >computer account > Intermediate Certification Authorities > right click certificates > import

Then disable the old certificate

  • Expand Trusted Root Certification Authorities > certificates
  • Locate this certificate:

Common Name – thawte Primary Root CA
Expiry Date – 17th July 2036
Thumbprint – 91 c6 d6 ee 3e 8a c8 63 84 e5 48 c2 99 29 5c 75 6c 81 7b 81

  • disable it completely

When the SSL not exist, please follow this steps:

  • Download this zip
  • Install it here: Trusted Root Certification Authorities > certificates
  • Disable the certificate

I used this website as source: http://www.ripley.za.net/howto/it_howto/ssl-web-server-or-wildcard-certificate-issued-after-june-26-2010-not-trusted-after-installation-on-microsoft-iis/

A revocation check could not be performed for the certificate

If this article helps you please consider a donation. I don’t like adds on my blog.

When you get the RDP error “a revocation check could not be performed for the certificate” on a windows 7 workstation after you installed an SSL from a certification, you must disable enablecredsspsupport support. You can do this in the RDP file you are using. Open the *.rdp file in notepad and add the following line:

enablecredsspsupport:i:0

If you are using TSWeb you can add this to the RemoteApp section.

You can check if the SSL work correctly when you click on the lock icon in the connection bar

You can also fix the problem itself by creating an SSL certificate trough the windows enterprise authority. Here are the steps:

Resolution
=======================

To recover from the CA failure, we tried the following procedures:

Procedure A: recover the CA. In this procedure, we tried the following steps:

1. setup a new Enterprise Root CA on a Windows Server 2008 Enterprise Edition box. The Steps of this procedure can be found at:

Install Active Directory Certificate Services
http://technet.microsoft.com/en-us/library/cc947821(WS.10).aspx

Refer:
Active Directory Certificate Services Step-by-Step Guide
http://technet.microsoft.com/en-us/library/cc772393(WS.10).aspx

2. Configure the CA’s CDP and AIA to publish the CRL and AIA to the Internet Address on your web server. We did this by creating a virtual directory mapping to the CA’s share “CertEnroll”. This can be done via the following step:

– Logon to the IIS Server which holds the Web Service in your network.
– Run Inetmgr to open the IIS management console.
– Under the default web site, we created a new Virtual Directory called “CertEnroll” and mapped it to the “CertEnroll” share on the CA. At the same time, we manually specific the account for this connection .
– Logon t o the CA and run “Certsrv.msc” to open the CA’s management console.

– Right click on the CA and select Properties.
– Switch to “Extensions” tab.
– In the Extension list, select “CDP” and then add a new CDP points to the Address we just created in the IIS and checked the option to add this extension to issued certificates.
– In the Extension list, select “AIA” and perform similar steps as we did for CDP.

Refer:
Configure CDP and AIA Extensions
http://technet.microsoft.com/en-us/library/cc776904(WS.10).aspx

Procedure B: Recover the TS Gateway Certificate. In this procedure, we tried the following steps:
1. Enable the SSL for the CA’s web enrollment page via the following steps:

– Open the MMC on the CA.

– Click File -> Add/Remove Snap-ins -> Certificates -> Computer -> Local Computer to load the local computer’s certificate store.
– Right on the Certificates | Personal | Certificates to request a new certificate from the new CA. Since we need to enable the SSL for the web site, we requested the Domain Controller

Certificate Template as this templates contains the “Server Authentication” in application policy.
–  Open the IIS Management console on the CA via “Inetmgr” command.
– Open the Web site hold the CA’s web enrollment.
– Click “Binding” and add a new binding for HTTPS and select the certificate we just requested.

2. Duplicate the Web Server certificate template.
– On the CA, run Certsrv.msc to open the CA’s management console.

– Right click on certificate templates and select Duplicate to duplicate it and name it “TS Gateway”.
– Mark the key as “exportable” for this template.

3. Request the certificate for the TS Gateway:
– Logon to the TS Gateway.

– Launch IE and access https://ca-name/certsrv.
– use the Advanced Request to request the “TS Gateway” certificate template and put the common name as the TS Gateway’s virtual name “safari-1.bbe.k12.mn.us”.
– Install the certificate.
– Open the User’s certificates store via the command “Certmgr.msc”.
– Right click the certificate we just requested and export it along with its private key to a PFX file.
– Launch IIS Management console via Inetmgr command.
– Right click on the Web site for TS Gateway and click “Server Certificates” to import the PFX file.
– Launch Server manager to open the TS Gateway’s console and then configure the new certificate we just requested for the TS Gatway.

Procedure C: recover the nodes in the TS Farm.
1. Request Certificates for the TS Farm nodes:

– Logon to the TS Farm nodes.

– Launch IE and access https://ca-name/certsrv.
– use the Advanced Request to request the “TS Gateway” certificate template and put the common name as the TS Farm virtual name “safari-1.bbe.priv”.
– Install the certificate.
– Open the User’s certificates store via the command “Certmgr.msc”.
– Right click the certificate we just requested and export it along with its private key to a PFX file.

2. Configure the Certificate for the TS nodes.
– Open the TS management console.

– Right click on the RDP interface to specify the new certificate for those nodes in the Properties page.

More Information
==================================

For clients, they can access the TS Gateway and would receive a warning indicating the certificate is not trusted. They can check the certificate chain by click “view certificate”. Meanwhile, they can also access the AIA directly  to download the Root CA’s certificate and install it on the client:http://domain-name/certenroll/Jaguar6.bbe.priv_bbe-ca.crt

If this article helps you please consider a donation. I don’t like adds on my blog.

WSS / Sharepoint Cannot access site from local server

You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or a later version

Solution : http://support.microsoft.com/kb/896861

Method 1: Specify host names (Preferred method if NTLM authentication is desired)

To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:

  1. Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
    281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
  2. Click Start, click Run, type regedit, and then click OK.
  3. In Registry Editor, locate and then click the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  4. Right-click MSV1_0, point to New, and then click Multi-String Value.
  5. Type BackConnectionHostNames, and then press ENTER.
  6. Right-click BackConnectionHostNames, and then click Modify.
  7. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
  8. Quit Registry Editor, and then restart the IISAdmin service.

or

Method 2: Disable the loopback check (less-recommended method)

The second method is to disable the loopback check by setting the DisableLoopbackCheck registry key.

To set the DisableLoopbackCheck registry key, follow these steps:

  1. Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
    281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
  2. Click Start, click Run, type regedit, and then click OK.
  3. In Registry Editor, locate and then click the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
  4. Right-click Lsa, point to New, and then click DWORD Value.
  5. Type DisableLoopbackCheck, and then press ENTER.
  6. Right-click DisableLoopbackCheck, and then click Modify.
  7. In the Value data box, type 1, and then click OK.
  8. Quit Registry Editor, and then restart your computer.