Zedan IT Blog

IT definitions, discussions and more

ISA Logging only shows IP address for SecureNAT clients

I have installed TMG Client and configure it to not automatically configure the web browsers so that users can move between networks easily, then I realized that when monitoring TMG real time logs the URL field only shows the IP address for entries created by those computers with the client installed, and if the client is configured to configure the web browser, the log contain the URL domain name with no problem.

After searching on the internet I noticed that it is the normal behavior of the TMG and ISA as well that to log the hostname clients must be configured as a web proxy (adding the proxy address in the browser settings).

While doing more search I found that there is a fix from microsoft for that specifit issue and described in the KB article:  980723

http://support.microsoft.com/kb/980723

You can copy the script, save it as a vbs file the execute it in the command prompt with the cscript command.

Please note that when copy the script and try to execute it , an error will appear,  that is because the script you copy is actually two scripts for enabling the hotfix and disabling it.   The before you execute it you should delete the lower part of the script which beging with a text saying:  “Save the file as a Microsoft Visual Basic script ………….

Below is the specific part of the script that you can copy and execute it directly.

Const SE_VPS_GUID = "{143F5698-103B-12D4-FF34-1F34767DEabc}" Const SE_VPS_NAME = "LogDomainNameForFWC" Const SE_VPS_VALUE = true
Sub SetValue()
    ' Create the root object.     Dim root  ' The FPCLib.FPC root object     Set root = CreateObject("FPC.Root")
    'Declare the other objects that are needed.     Dim array       ' An FPCArray object     Dim VendorSets  ' An FPCVendorParametersSets collection     Dim VendorSet   ' An FPCVendorParametersSet object
    ' Get references to the array object     ' and the network rules collection.     Set array = root.GetContainingArray     Set VendorSets = array.VendorParametersSets
    On Error Resume Next     Set VendorSet = VendorSets.Item( SE_VPS_GUID )
    If Err.Number <> 0 Then         Err.Clear
        ' Add the item         Set VendorSet = VendorSets.Add( SE_VPS_GUID )         CheckError         WScript.Echo "New VendorSet added... " & VendorSet.Name
    Else         WScript.Echo "Existing VendorSet found... value- " &  VendorSet.Value(SE_VPS_NAME)     End If
    if VendorSet.Value(SE_VPS_NAME) <> SE_VPS_VALUE Then
        Err.Clear         VendorSet.Value(SE_VPS_NAME) = SE_VPS_VALUE
        If Err.Number <> 0 Then             CheckError         Else             VendorSets.Save false, true             CheckError
            If Err.Number = 0 Then                 WScript.Echo "Done with " & SE_VPS_NAME & ", saved!"             End If         End If     Else         WScript.Echo "Done with " & SE_VPS_NAME & ", no change!"     End If
End Sub
Sub CheckError()
    If Err.Number <> 0 Then         WScript.Echo "An error occurred: 0x" & Hex(Err.Number) & " " & Err.Description         Err.Clear     End If
End Sub
SetValue
 

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s