How to Configure Internet Explorer 11 Enterprise Mode Logging
In a previous Ask the Admin, I showed you how to configure Enterprise Mode for Internet Explorer 11 on Windows 7 SP1 and Windows 8.1 Update. Today, I’m going to show you how configure a web server to capture Enterprise Mode logs.
Install Internet Information Services (IIS)
Internet Explorer (IE) Enterprise Mode doesn’t use the Windows Event Log, but instead sends messages to an Active Server Pages (ASP) web page, which can be read in the web server’s log files. The quickest way to set up IIS on Windows Server 2012 R2 is to run the following PowerShell command as a local administrator:
install-windowsfeature -name web-server, web-asp –includemanagementtools
The cmdlet installs IIS 8.5 on Windows Server 2012 R2 with all the default features, management tools, and ASP components.
Configure Internet Information Services
Once the installation has completed, follow the instructions below to set up an ASP page that will listen for messages from your IE Enterprise Mode clients. In the example below, we’ll configure the website to use a non-standard port to make it easier to separate Enterprise Mode log traffic.
- Open Server Manager from the Start screen or icon on the desktop taskbar.
- In Server Manager, open Internet Information Services (IIS) Manager from the Tools menu.
- In the left pane of IIS Manager, expand the local server, Sites and click Default Web Site.
- On the right in the Actions pane, click Bindings under Edit Site.
- In the Site Bindings dialog, select the http binding and click Edit… on the right.
- In the Edit Site Binding dialog, type 81 in the Port field and click OK.
- Click Close in the Site Bindings dialog.
- In the central pane, double click the Logging icon.
- Click Select Fields in the Log File section.
- In the W3C Logging Fields dialog, make sure that only Date, Client IP, User Name, and URI Query are checked, and then click OK.
- In the Actions pane on the right, click Apply.
To check that the webserver is working, open Internet Explorer on the server and type http://localhost:81/ in the address bar. You should see the default IIS welcome page in IE. To test connectivity from a remote machine, replace localhost with the name of the server.
Create the ASP Page
Now that IIS is configured, let’s put the ASP page into the root of our webserver. The root of the default website is c:\inetpub\wwwroot. In the wwwroot folder, save a text file called EmIE.asp containing the code shown below:
<% Response.AppendToLog(" ;" + Request.Form("URL") + " ;" + Request.Form("EnterpriseMode")); %>
Create a Group Policy Object
The Let users turn on and use Enterprise Mode from the Tools menu policy setting can be enabled to allow users to manually toggle Enterprise Mode on and off. The logging URL in the Options section is the .asp web page that listens for POST messages that we created in the previous steps. If you just want to enable the toggle option in IE, leave the logging field blank.
- In the Group Policy Management Editor window for your Group Policy Object, expand Computer Configuration > Policies > Administrative Templates > Windows Components
- In the left pane, click Internet Explorer.
- In the right pane, scroll down the list of policy settings and double click Let users turn on and use Enterprise Mode from the Tools menu.
- In the Let users turn on and use Enterprise Mode from the Tools menu policy setting window, check Enabled.
- In the Options section, type the URL for the ASP page created in the previous steps, for example http://contosodc1:81/emIE.asp on my server, and then click OK.
- Close the Group Policy Management Editor window.
Link the GPO to a site, domain or Organizational Unit (OU) in the Group Policy Management Console (GPMC) as required.
View the IIS Logs
Assuming the default logging location hasn’t been changed, you’ll find the IIS log files in c:\inetpub\logs\logfiles\w3svc1 on the web server.
Note that logs can take a few minutes to be updated, so be patient if you don’t see any new entries immediately.