Microsoft KB Archive/246435
Article ID: 246435
Article Last Modified on 8/28/2002
- Microsoft Site Server 3.0 Standard Edition
This article was previously published under Q246435
The Microsoft Site Server Report Writer program can generate statistics on Membership accounts using a given Web site. When using Site Server cookies to identify accounts making Web site requests the statistics may not appear as expected.
By default, Microsoft Site Server Personalization and Membership issues a unique cookie to all clients making requests to a Web site. Membership accounts also receive these cookies with a value that can be used to identify the account. By default, Site Server Usage Import tracks account usage on a Web site by obtaining these cookies from the Web server log files. However, the cookie values that identify membership accounts are only issued when an account first registers on a site or the browser goes to a page that specifically issues the cookies with the appropriate values (such as the sample Recps.asp file provided with Site Server). A browser may have incorrect cookies for a number of reasons, such as:
- The account is used from a browser that never registered the account and has never had the cookies specifically issued. Requests from this browser shows up as an unknown account in Report Writer.
- The cookies on the computer have been deleted for some reason. Again, requests from this browser shows up as an unknown account in Report Writer.
- More than one account has registered or had cookies reissued on this browser. All requests from this browser after the cookies are issued will show up as the account for which the cookies were issued, regardless of the account logged on.
NOTE: Internet Explorer gives different Windows logons their own set of cookies. Therefore, when logged on to Windows as one logon Internet Explorer will not overwrite another Windows logon's cookies.
If the issues listed earlier prove problematic in your environment, you may implement additional code to make sure the browser has the correct cookies for the account being used. For example, when using HTML Forms authentication on a site you may implement the following:
- The files Formslogin.asp and Verifpwd.asp provide the login functionality for HTML Forms authentication. If you do not have a copy of these in your Web site then you are using the default Formslogin.asp and Verifpwd.asp files from the _mem_bin virtual directory. If your Web site does have it's own copy of these files then proceed to step 4.
- Copy the default Formslogin.asp and Verifpwd.asp files to the root of your Web site. The default files physically reside in "\Microsoft Site Server\Bin\P&M\html". These file copies will now be used for the HTML Forms Authentication login form and authentication process for your site.
- Make sure the Formslogin.asp and Verifpwd.asp files do not require authentication (that is, the files have "Allow Anonymous" selected for their IIS security settings and their NTFS permissions allow access to the anonymous Internet access account, (by default named IUSR_computername)).
Modify the Verifpwd.asp for your site to reissue the cookies as appropriate. To do this, modify the last three lines of code that read:
Else Response.Redirect y End if
To read as follows:
Else Set oUser = Server.CreateObject("Membership.UserObjects") oUser.SetUserName(strUsername) x.IssueCookie "SITESERVER", "GUID=" & oUser.Get("GUID") x.IssueCookie "MEMUSER", oUser.Get("cn") Response.Redirect y End if
The site will reissue the relevant cookies to the browser every time an account is logged on with HTML Forms Authentication.
For additional information, see the following article or articles in the Microsoft Knowledge Base:
199362 How to Import User Data
Additional query words: cookie HTML Forms