Denied Web Proxy User Appears as "Anonymous" in the Logs (313338)


The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2000
This article was previously published under Q313338

SYMPTOMS

When you are using an access policy that restricts access based on user groups, certain users may be denied access because of a particular rule, although the corresponding log entry may indicate that the user name is "Anonymous" instead of the actual user name.

This is likely to happen soon after there has been a change in membership of the user's account. For example, a user was recently removed from a user group that has Internet access. Such a user will be denied access, but the log entry may indicate the user ID is Anonymous.

RESOLUTION

To resolve this problem, obtain the latest service pack for ISA Server 2000. For additional information about how to obtain the latest ISA Server service pack, click the article number below to view the article in the Microsoft Knowledge Base:

313139 How to Obtain the latest Internet Security and Acceleration Server 2000 Service Pack

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

This problem was corrected in ISA Server 2000 SP1.

MORE INFORMATION

ISA Server 2000 Service Pack 1 corrects this problem, and the current logging behavior (as of December 2001) is:
  • Users that are authenticated and do have permissions to browse are logged correctly by their user name (as it did before).
  • Users that are authenticated but do not have permissions to browse are logged correctly by their user name.
  • Users that are not authenticated are logged as anonymous.
Modification Type:MajorLast Reviewed:7/21/2002
Keywords:kbenv kbISAServ2000sp1fix kbprb kbui KB313338
©2002 Microsoft Corporation. All rights reserved.