How to Capture a Verbose Log for CLM or FIM CM

How to Capture a Verbose Log for CLM or FIM CM

PURPOSE

The purpose of this document is to walk you through the steps to enable verbose logging for Certificate Lifecycle Manager 2007 or FIM 2010 Certificate Manager.  Verbose logging can be very beneficial when troubleshooting a CLM or FIMCM problem.

HOW TO CAPTURE VERBOSE LOGGING

  1. Create a folder off of the root of drive C called Temp.  (C:\Temp)
  2. Open a Windows Explorer window and navigate to %programfiles%\Microsoft Forefront Identity Manager\2010\Certificate Management\web (CLM 2007: %programfiles%\Microsoft Certificate Lifecycle Manager\web)
  3. Open web.config (XML Configuration File) in some sort of XML Editor
    *NOTE* XML Editor could be Notepad, Wordpad, Visual Studio, or some other XML editor
  4. Search for “Clm.TraceFile”
  5. You should land on this line         <add key="Clm.TraceFile" value="c:\temp\clm.txt" />
    *NOTE* If you do not have a C:\Temp, then you will need to create the folder
  6. Look for TRACE SWITCHES
  7. You should see a section for <switches>
  8. Replace all of the values in the <switches> section from 0 to 4 and then save the file (Verbose Logging Disabled)(Verbose Logging Enabled)
  9. Execute an IISRESET
    1. Open a Command Prompt as Run As Administrator
    2. At the prompt type: IISRESET
  10. Reproduce the issue being experienced
  11. Go back to the web.config file and change the values from 4 back to 0 to disable verbose logging
  12. Execute an IISRESET
  13. Navigate to the C:\Temp folder
    *NOTE* You cannot move this file without stopping IIS.  You can copy the file.
  14. Notice your clm.txt file is there and ready to review.

BEFORE – Verbose is not enabled

<switches>
          <add name="Microsoft.Clm.Security.Principal" value="0" />
          <add name="Microsoft.Clm.Security.Principal.Logon" value="0" />
          <add name="Microsoft.Clm.Security.Authorization" value="0" />
          <add name="Microsoft.Clm.Security.Authorization.Ldap" value="0" />
          <add name="Microsoft.Clm.DS" value="0" />
          <add name="Microsoft.Clm.Web" value="0" />
          <add name="Microsoft.Clm.Web.Authentication" value="0" />
          <add name="Microsoft.Clm.Web.Authentication.Config" value="0" />
          <add name="Microsoft.Clm.BusinessLayer" value="0" />
          <add name="Microsoft.Clm.BusinessLayer.Authz" value="0" />
          <add name="Microsoft.Clm.BusinessLayer.SD" value="0" />
          <add name="Microsoft.Clm.BusinessLayer.Principal" value="0" />
          <add name="Microsoft.Clm.BusinessLayer.SmartCard" value="0" />          
          <add name="Microsoft.Clm.BusinessLayer.Skg" value="0" />
          <add name="Microsoft.Clm.BusinessLayer.Events" value="0" />            
          <add name="Microsoft.Clm.BusinessLayer.Encryption" value="0" />            
          <add name="Microsoft.Clm.BusinessLayer.Caching" value="0" />            
          <add name="Microsoft.Clm.NotificationSinks" value="0" />   
          <add name="Microsoft.Clm.Common" value="0" />          
          <add name="Microsoft.Clm.DataAccess" value="0" />
          <add name="Microsoft.Clm.DataAccess.Ldap" value="0" />
</switches>
AFTER – Verbose is enabled

 

<switches>
          <add name="Microsoft.Clm.Security.Principal" value="4" />
          <add name="Microsoft.Clm.Security.Principal.Logon" value="4" />
          <add name="Microsoft.Clm.Security.Authorization" value="4" />
          <add name="Microsoft.Clm.Security.Authorization.Ldap" value="4" />
          <add name="Microsoft.Clm.DS" value="4" />
          <add name="Microsoft.Clm.Web" value="4" />
          <add name="Microsoft.Clm.Web.Authentication" value="4" />
          <add name="Microsoft.Clm.Web.Authentication.Config" value="4" />
          <add name="Microsoft.Clm.BusinessLayer" value="4" />
          <add name="Microsoft.Clm.BusinessLayer.Authz" value="4" />
          <add name="Microsoft.Clm.BusinessLayer.SD" value="4" />
          <add name="Microsoft.Clm.BusinessLayer.Principal" value="4" />
          <add name="Microsoft.Clm.BusinessLayer.SmartCard" value="4" />          
          <add name="Microsoft.Clm.BusinessLayer.Skg" value="4" />
          <add name="Microsoft.Clm.BusinessLayer.Events" value="4" />            
          <add name="Microsoft.Clm.BusinessLayer.Encryption" value="4" />            
          <add name="Microsoft.Clm.BusinessLayer.Caching" value="4" />            
          <add name="Microsoft.Clm.NotificationSinks" value="4" />   
          <add name="Microsoft.Clm.Common" value="4" />          
          <add name="Microsoft.Clm.DataAccess" value="4" />
          <add name="Microsoft.Clm.DataAccess.Ldap" value="4" />
</switches>

 

 

 

Leave a Comment
  • Please add 2 and 3 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Sort by: Published Date | Most Recent | Most Useful
Comments
  • Ed Price - MSFT edited Revision 5. Comment: Title and font

  • Tim Macaulay edited Revision 4. Comment: updated the web.config folder location to have the CLM 2007 location as well

  • Thomas Vuylsteke edited Revision 1. Comment: whitespace issue

  • Thomas Vuylsteke edited Original. Comment: Reformatted switches

Page 1 of 1 (4 items)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • Thomas Vuylsteke edited Original. Comment: Reformatted switches

  • Thomas Vuylsteke edited Revision 1. Comment: whitespace issue

  • Tim Macaulay edited Revision 4. Comment: updated the web.config folder location to have the CLM 2007 location as well

  • Ed Price - MSFT edited Revision 5. Comment: Title and font

Page 1 of 1 (4 items)