Select requests to be logged

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To select requests to be logged

  1. Open Internet Authentication Service.

  2. In the console tree, click Remote access logging.

  3. In the details pane, right-click Local File or SQL Server, and then click Properties.

  4. On the Settings tab, select one or more check boxes for recording authentication and accounting requests in the IAS log files:

    • To capture accounting requests and responses, select Accounting requests.

    • To capture authentication requests, Access-Accept messages, and Access-Reject messages, select Authentication requests.

    • To capture periodic status updates, such as interim accounting packets, select Periodic status.

Notes

  • To open Internet Authentication Service, click Start, click Control Panel, double-click Administrative Tools, and then double-click Internet Authentication Service.

  • It is recommended that you initially select Accounting requests and Authentication requests. You can change your selections as your requirements change.

  • To use SQL Server logging, you must have a computer running an XML-compliant version of SQL Server.

  • The Authentication requests option alerts you to both problems with transaction volume and unauthorized attempts to access resources.

  • Interim accounting messages, recorded when you select Periodic status, are sent by the access server only when:

    1. You have added and configured the Acct-Interim-Interval RADIUS accounting attribute on the Advanced tab of the appropriate remote access policy.

    2. The access server supports the Acct-Interim-Interval attribute and the sending of interim accounting messages.

  • Logging of client certificate validation failures is a secure channel (Schannel) event, and is not enabled on the IAS server by default. You can enable additional Schannel events (including logging of the client certificate validation failure) by changing the following registry key value from 1 (REG_DWORD type, data 0x00000001) to 3 (REG_DWORD type, data 0x00000003):

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\EventLogging

    Caution

    • Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Add RADIUS attributes to a remote access policy
Vendor-specific attribute overview
Event logging for IAS
SQL Server database logging