Simple PowerShell to change IIS log directory

I’ve got the question from a collegue to create a script to automatically change the IIS log directory for all websites in IIS. I’ve created this blog for reference purposes. This is a simple and small script but does the job for you. Run the following commands in PowerShell as administrator on the server which hosts IIS (you will need to run this on all servers in a SharePoint farm).

import-module webadministration
$logPath = Read-Host “Enter the log location (eg. D:\IISLogs). This directory will <strong>not</strong> be created if it doesn’t exist”
get-website | foreach {Set-ItemProperty "IIS:\Sites\$($" -name  -value $logPath}

Please leave a comment if you have any questions/remarks.


Publish IIS site with TMG pre-authentication

We wanted to enable Forms Based Authentication with AD for a SharePoint site and a standard IIS site with Forefront Threat Management Gateway. We had the issue that we already created the rule with no authentication and we did not receive a login screen for the default IIS site. We did not get the loginscreen from TMG until we changed the firewall rule.

The set-up pretty straightforward and only requires a small adjustment for a standard Firewall rule. I will show you step by step how I have set-up TMG pre-authentication for a basic site and this also applies for SharePoint.

I have created a basic IIS site with the wizard ‘Add Website…’


I then went to our TMG server and created a rule.


Click on ‘Publish Web Sites’


Fill in a name and click on ‘Next >’


Allow the rule and click on ‘Next >’


Publish a single Web site or load balancer and click on ‘Next >’


Our site is HTTPS, click on ‘Next >’


Fill in the site name and an IP address if TMG cannot resolve this, Click on ‘Next >’


Click on ‘Next >’


Fill in the information and click on ‘Next >’


Click on ‘New…’


Fill in the name for the listener and click on ‘Next >’


Select HTTPS and click on ‘Next >’


Select the network according to your situation and click on ‘Next >’


Select the certificate and click on ‘Next >’


Select ‘HTML Form Authentication’ and click on ‘Next >’


Fill in your domain name for SSO and click on ‘Next >’


Click on ‘Finish’


Click on ‘Next >’


Select ‘NTLM authentication’ and click on ‘Next >’


Make sure ‘All Authenticated Users’ has been added to the site. Note that you will see ‘All Users’ if you have not followed the steps above and used No Authentication for the web listener. You will have to change this setting to All authenticated users to be able to receive the login screen from TMG.


Click on ‘Finish’

Navigate to your site and you will now see the following login screen from TMG


Cannot display the webpage while creating a Web Application in SharePoint

I was creating my fifth Web Application in our SharePoint 2013 test environment when I received the following error during creation:

“Internet Explorer cannot display the webpage”


Microsoft has published an article related to this issue in SharePoint 2010

Cause (from Microsoft)

As more and more web applications are created, the time in which it takes to create a web application increases. As part of the creation process, IIS is reset and by default, the application pool allows 90 seconds for the connections to close off before forcibly shutting down. When the number of web applications grows above 10, 90 seconds is not enough time for the provisioning to finish.

Resolution (from Microsoft)

The solution to this is to allow the process a longer amount of time before it is forcibly shutdown.

  • On the server(s) hosting Central Admin, open IIS manager.
  • In the tree view, expand the server name and click on Application Pools.
  • Locate the SharePoint Central Administration v4 application pool. Right click on it and choose Advanced Settings.
  • In the Process Model section, set the Shutdown Time Limit to a greater value. As an example, 300.
  • Restart IIS.