FIM Service Tracing in FIM 2010 R2
While working on 2010 R2 the way of taking FIM Service Tracing is easy please follow the actions below to take one.
We will be working with C:\Program Files\Microsoft Forefront Identity Manager\2010\Service\Microsoft.ResourceManagement.Service.exe.config
Take a backup of the Microsoft.ResourceManagement.Service.exe.config file because if we make a small mistake the services won’t start.
Open the file and we will be doing 3 things in this file and once we have done those restart the FIM Service and we should have the files created in the location mentioned in the tracing.
1) Comment the following section.
<!-- Default Diagnostics configuration.-->
<!--
<system.diagnostics>
<switches>
<add name="System.Workflow LogToTraceListeners" value="1" />
<add name="System.Workflow.Runtime.Hosting" value="Verbose" />
<add name="System.Workflow.Runtime" value="Verbose" />
<add name="System.Workflow.Runtime.Tracking" value="Verbose" />
<add name="System.Workflow.Activities" value="Verbose" />
<add name="System.Workflow.Activities.Rules" value="Verbose" />
</switches>
<sources>
<source name="Microsoft.ResourceManagement" switchValue="Warning">
<listeners>
<add initializeData="Microsoft.ResourceManagement" type="System.Diagnostics.EventLogTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" name="ExceptionEventLogListener" traceOutputOptions="LogicalOperationStack, DateTime, Timestamp, Callstack">
<filter type="" />
</add>
</listeners>
</source>
<source name="Microsoft.ResourceManagement.EventTracingForWindowsTraceSource" switchValue="Verbose">
<listeners>
<add name="EventTracingForWindowsListener" type="System.Diagnostics.Eventing.EventProviderTraceListener, System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" initializeData="{C2751E84-AD11-4a18-9507-6CFE811D3506}" />
</listeners>
</source>
</sources>
</system.diagnostics>
-->
2) Uncomment the following Section :
Find the following section :
<!--
Full Diagnostics configuration.
Uncomment the following section and replace the default <system.diagnostics> configuration to
enable all trace sources and obtain all available traces for Microsoft.ResourceManagement.Service
-->
Then you would see a commented section after this which need to uncomment:
<!-- We will be removing the comment from this section.
<system.diagnostics>
<switches>
<add name="System.Workflow LogToTraceListeners" value="1" />
<add initializeData="c:\logs\Microsoft.ResourceManagement.Service_tracelog.svclog" \ Here I have created a folder by the name logs under c drive and given permission to everyone temporarily , and this file will be created in that folder.
type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelTraceListener" traceOutputOptions="LogicalOperationStack, DateTime, Timestamp, ProcessId, ThreadId, Callstack">
<filter type="" />
</add>
<add initializeData="c:\logs\Microsoft.ResourceManagement.Service_messages.svclog" \ Here I have created a folder by the name logs under c drive and given permission to everyone temporarily , and this file will be created in that folder.
type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelMessageLoggingListener" traceOutputOptions="LogicalOperationStack, DateTime, Timestamp, ProcessId, ThreadId, Callstack">
<filter type="" />
</add>
<add initializeData="c:\logs\Microsoft.ResourceManagement.Service_tracelog.txt" type="System.Diagnostics.TextWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" \ Same as above.
<trace autoflush="true" />
</system.diagnostics>
-->Remove this
Also we have a section like this :
<!-- Instructions for collecting ETW Traces
To collect ETW traces for Microsoft.ResourceManagement.Service. Run the following commands in the specified order from
an elevated command prompt.
1. To start a new etw trace session : logman start mysession -p {C2751E84-AD11-4a18-9507-6CFE811D3506} -o FIMETWtrace.etl -ets
2. To stop a running etw trace session : logman stop mysession -ets
To format the collected traces run any of the following commands (from an elevated command prompt) depending
on the required output format.
1. tracerpt FIMETWtrace.etl -o logdmp.xml -of XML -lr -summary logdmp.txt -report logrpt.xml
2. tracerpt FIMETWtrace.etl -o logdmp.evtx -of EVTX -lr -summary logdmp.txt -report logrpt.xml
3. tracerpt FIMETWtrace.etl -o logdmp.csv -of CSV -summary logdmp.txt -report logrpt.xml
-->
We need to just copy the above commands as and paste in the command prompt to take ETW traces.
For the SVC logs to be analysed we need the following tool : Microsoft Service Trace Viewer