Chat now with support
Chat with Support

Please note, you may experience access issues between 6am - 7am Eastern time on Saturday, May 28 2022 due to planned maintenance

Defender 5.11 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

Appendices

Appendix A: Enabling diagnostic logging

To gather additional information on various Defender components, you can enable diagnostic logging for each component.

To enable the logging for some Defender components, you need to edit the Registry.

Caution: The following sections instruct you to modify the Registry. Note that incorrectly modifying the Registry may severely damage the system. Therefore, you should make the changes carefully. It is highly advisable to create a backup of the Registry before making changes to Registry data.

Administration Console

To enable diagnostic logging for Administration Console

  • On a computer where Administration Console is installed, use Registry Editor to create the following value in the HKLM\SOFTWARE\PassGo Technologies\Defender\Defender AD MMC registry key:

    Value type: REG_DWORD

    Value name: Diagnostics

    Value data: 1

The path to the log file is %ProgramData%\One Identity\Defender\Diagnostics\defender_ade_mmc.txt.

To disable diagnostic logging for Administration Console, delete the Diagnostics value from the Defender AD MMC registry key, or set the value data to 0.

Defender Core Token Operations SDK (DTSDK)

To troubleshoot issues that may occur with token operations, you need to enable diagnostic logging for the DTSDK component which is installed as a part of various Defender components.

To enable diagnostic logging for DTSDK

  • On a computer where DTSDK is installed, use Registry Editor to create the following value in the HKLM\SOFTWARE\PassGo Technologies\Defender registry key:

    Value type: REG_DWORD

    Value name: DTSDK Diagnostics

    Value data: 1

The path to the log file is %ProgramData%\One Identity\Defender\Diagnostics\dtsdk.txt.

To disable diagnostic logging for DTSDK, delete the DTSDK Diagnostics value from the Defender registry key, or set the value data to 0.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating