Iasparse Remarks
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
IASParse Remarks
IAS Logs
IAS records the authentication and accounting information that it receives in a log file, which can be in either of two formats:
IAS Format In the Microsoft® Windows® NT version 4.0 version of IAS, the log was formatted using a method by which attributes were logged as attribute-value pairs. This formatting is supported in IAS in Windows 2000, and the logs that use this format are referred to as IAS-formatted log files.
ODBC-Compatible Format The ODBC-compatible format (Open Database Connectivity format) for log files is available starting in Windows 2000. Unlike IAS-formatted log files, ODBC-compatible log files present the data in a standard sequence and using a structure that is identical, regardless of the network access server (NAS) sending the data. This consistent sequence and structure helps simplify accounting and authentication record-keeping. Data can be easily exported to an ODBC database, which supports filtering and analysis by a variety of third-party programs.
The user interface of IAS allows the user to choose the format of the log file. This format can also be changed dynamically, which can produce intermixed records of both formats in the log file. Thus there is a need for a tool that can understand the format of the records logged into the log file dynamically, parse it, and produce an output that helps the user to understand the information logged into the file.
IAS uses the information in the file %windir%\system32\ias\dnary.mdb to find out the ODBC log sequence and also whether to log a particular attribute while logging in IAS format. The tool also reads the information from the same file before parsing the log file. Hence, hard coding these values inside the tool is eliminated.
IAS can also send the output to a pipe instead of a file. IASParse uses this feature to read the input from the pipe and send the output directly to the screen. In effect, this causes the tool to dynamically display the parsed output. This feature can be enabled by choosing the -p option. For this functionality to work, the user must configure the IAS to output to a pipe. This can be done by setting the log file directory from the IAS snap-in to \\.\pipe.
See Also
Concepts
Iasparse Overview
Iasparse Syntax
Iasparse Examples
Alphabetical List of Tools
Bindiff Overview