Logging

I was recently looking at ISA Server’s logging features, trying to see where we might have opportunities to improve in future versions. As part of this process, I installed SQL on my ISA Server firewall. And noticed the following phenomenon.

 

In general, when you configure ISA Server to log to a SQL server, ISA Server presents itself as domainname\machinename$. ISA Server always presents these credentials when asked to authenticate itself over the network. Furthermore, and happily, these credentials are considered valid when ISA Server is not located on the same computer as SQL.

 

However, when ISA Server and SQL are both installed on the same computer, ISA Server presents different credentials. Specifically, ISA Server identifies itself as NT AUTHORITY\NETWORK SERVICE. Sadly, these credentials are not what SQL Server expects--and so logging fails. Furthermore, you can’t configure SQL server to accept these credentials (at least I couldn’t figure out how to do it…if you know how to, please--enlighten me).

 

So what’s the workaround? Configure ISA Server to use SQL authentication.

 

Daphna P

ISA Server Sustained Engineering

Comments

  • Anonymous
    January 01, 2003
    Subscribe to this post's comments using RSS

  • Anonymous
    May 11, 2006
    The comment has been removed

  • Anonymous
    April 10, 2007
    I haven't gotten much done these days. So it goes. What can I say? I've just been letting everything pass me by. Basically not much going on lately, but it's not important. I've basically been doing nothing worth mentioning.