Chat now with support
Chat with Support

Defender 6.4 - Administration Guide

Getting started Managing Defender objects in Active Directory Configuring security tokens Securing VPN access Securing Web sites Securing Windows-based computers Defender Management Portal (Web interface) Securing PAM-enabled services Delegating Defender roles, tasks, and functions Automating administrative tasks Administrative templates Integration with Active Roles Push Notifications Appendices
Appendix A: Enabling diagnostic logging Appendix B: Troubleshooting common authentication issues Appendix C: Troubleshooting DIGIPASS token issues Appendix D: Defender classes and attributes in Active Directory Appendix E: Defender Event Log messages Appendix F: Defender Client SDK Appendix G: Defender Web Service API

VPN Integrator

To enable diagnostic logging for VPN Integrator

  1. On a computer where VPN Integrator is installed, go to the VPN Integrator installation directory.

    Normally, the path to the VPN Integrator installation directory is %ProgramFiles%\One Identity\Defender\VPN Integrator.

  2. Add the following lines to the pgwc.ini text file held in the VPN Integrator installation directory, replacing <logpath> with the path to the folder that will hold the VPN Integrator log files:

    trace level = 9

    trace filename = <logpath>

For example, with "trace filename = C:\pgvc_trace", the log files are held in the folder C:\pgvc_trace.

To disable diagnostic logging for VPN Integrator, remove these lines from the pgwc.ini file:

trace level = 9

trace filename = <logpath>

 

Web Service API

To enable diagnostic logging for Web Service API

  1. On a computer with Web Service API, go to the Web Service API installation directory.

    Normally, the path to the Web Service API installation directory is %ProgramFiles%\One Identity\Defender\Web Service API.

  2. Make the following changes to the DefenderAdminService.exe.config text file held in the Web Service API installation directory:
    • In the <log4net debug="false"> entry, set the value to "true": <log4net debug="true">
    • In the <level value="ERROR" /> entry, set the value to "DEBUG": <level value="DEBUG" />

You can find the log file DefenderWebServiceApi.txt in the Logs folder in the Web Service API installation directory. Normally, the path to the log file is %ProgramFiles%\One Identity\Defender\Web Service API\Logs\DefenderWebServiceApi.txt.

To disable diagnostic logging for Web Service API, set these values in the DefenderAdminService.exe.config file:

  • <log4net debug="false">
  • <level value="ERROR" />

Product information tool

The Product Information tool is a diagnostic tool that helps to gather product details. The tool is available at %ProgramFiles%\Common Files\One Identity\Defender.

To run the tool:

  • Go to the location %ProgramFiles%\Common Files\One Identity\Defender.
  • Double-click ProductInfo.exe.

    The details are generated as text files in the location
    %ProgramData% \One Identity\Defender\Diagnostics\ProductInfoLogs. The generated files are FileInfo[timestamp].txt and SystemInfo[timestamp].txt.

Appendix B: Troubleshooting common authentication issues

If users are experiencing problems authenticating via Defender, there are a number of possible causes, ranging from VPN issues through to individual token failures. To help identify the cause, the information below is useful to collect and send to One Identity Software Support, providing important contextual and diagnostic information.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating