Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

Archive for the ‘Tracing’ Category

(2014-02-05) Enabling Debug Tracing In ADFS v2.1 and v3.0

Posted by Jorge on 2014-02-05


This TechNet article and this WIKI page describe how to enable debug tracing for ADFS v2.0. For both ADFS v2.1 (ADFS 2012) and ADFS v3.0 (ADFS 2012 R2), the same procedure still applies, but it is slightly different.

The ADFS Tracing/Debug is named differently in both ADFS v2.1 (ADFS 2012) and ADFS v3.0 (ADFS 2012 R2). Its name is "AD FS Tracing/Debug". Therefore, to enable circular logging you need to issue the following command:

WEVTUTIL sl "AD FS Tracing/Debug" /l:5

The ADFS binaries are now located in C:\Windows\ADFS. Therefore, the service config file "Microsoft.IdentityServer.Servicehost.exe.config" can be found in that same folder.

When you open the file you will find a contents similar to the figure below.

image

Figure 1: The Sections In The File "Microsoft.IdentityServer.Servicehost.exe.config" For Enabling Debug Tracing. Currently Shown As Being DISABLED For Both WIF And WCF Tracing

To enable both WIF tracing and WCF tracing, the file contents must be configured as shown in the figure below.

image

Figure 2: The Sections In The File "Microsoft.IdentityServer.Servicehost.exe.config" For Enabling Debug Tracing. Currently Shown As Being ENABLED For Both WIF And WCF Tracing

After saving and closing the file "Microsoft.IdentityServer.Servicehost.exe.config", make sure to restart the ADFS service

After that configure the ADFS Tracing/Debug Log through the following steps:

  1. Open Event Viewer.
    • To open Event Viewer, press [CTRL]+[R], type EVENTVWR.MSC and hit enter
  2. On the View menu, click Show Analytic and Debug Logs.
  3. In the console tree, expand Applications and Services Logs, expand AD FS Tracing, and then click Debug.
  4. In the Actions pane, click Enable Log.

Tracing for AD FS is now enabled.

Remember to disable debug tracing after being done with troubleshooting!

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

Posted in Active Directory Federation Services (ADFS), Tracing | 4 Comments »

 
%d bloggers like this: