Microsoft KB Archive/246435

= Report Writer Not Reporting Account Usage as Expected =

Article ID: 246435

Article Last Modified on 8/28/2002

-

APPLIES TO


 * Microsoft Site Server 3.0 Standard Edition

-



This article was previously published under Q246435



SUMMARY
The Microsoft Site Server Report Writer program can generate statistics on Membership accounts using a given Web site. When using Site Server cookies to identify accounts making Web site requests the statistics may not appear as expected.



MORE INFORMATION
By default, Microsoft Site Server Personalization and Membership issues a unique cookie to all clients making requests to a Web site. Membership accounts also receive these cookies with a value that can be used to identify the account. By default, Site Server Usage Import tracks account usage on a Web site by obtaining these cookies from the Web server log files. However, the cookie values that identify membership accounts are only issued when an account first registers on a site or the browser goes to a page that specifically issues the cookies with the appropriate values (such as the sample Recps.asp file provided with Site Server). A browser may have incorrect cookies for a number of reasons, such as:
 * The account is used from a browser that never registered the account and has never had the cookies specifically issued. Requests from this browser shows up as an unknown account in Report Writer.
 * The cookies on the computer have been deleted for some reason. Again, requests from this browser shows up as an unknown account in Report Writer.
 * More than one account has registered or had cookies reissued on this browser. All requests from this browser after the cookies are issued will show up as the account for which the cookies were issued, regardless of the account logged on.

NOTE: Internet Explorer gives different Windows logons their own set of cookies. Therefore, when logged on to Windows as one logon Internet Explorer will not overwrite another Windows logon's cookies.

If the issues listed earlier prove problematic in your environment, you may implement additional code to make sure the browser has the correct cookies for the account being used. For example, when using HTML Forms authentication on a site you may implement the following:

 The files Formslogin.asp and Verifpwd.asp provide the login functionality for HTML Forms authentication. If you do not have a copy of these in your Web site then you are using the default Formslogin.asp and Verifpwd.asp files from the _mem_bin virtual directory. If your Web site does have it's own copy of these files then proceed to step 4. Copy the default Formslogin.asp and Verifpwd.asp files to the root of your Web site. The default files physically reside in "\Microsoft Site Server\Bin\P&M\html". These file copies will now be used for the HTML Forms Authentication login form and authentication process for your site. Make sure the Formslogin.asp and Verifpwd.asp files do not require authentication (that is, the files have "Allow Anonymous" selected for their IIS security settings and their NTFS permissions allow access to the anonymous Internet access account, (by default named IUSR_computername)).  Modify the Verifpwd.asp for your site to reissue the cookies as appropriate. To do this, modify the last three lines of code that read:

Else Response.Redirect y End if To read as follows:

Else Set oUser = Server.CreateObject("Membership.UserObjects") oUser.SetUserName(strUsername) x.IssueCookie "SITESERVER", "GUID=" & oUser.Get("GUID") x.IssueCookie "MEMUSER", oUser.Get("cn") Response.Redirect y End if                       

The site will reissue the relevant cookies to the browser every time an account is logged on with HTML Forms Authentication.

