Chat now with support
Chat with Support

Password Manager 5.10.1 - How-to Guide

Overview Licensing Upgrading Secure Password Extension Password Policy Manager Configuration Reinitialization Reports Starling 2FA Customizations Troubleshooting

To enable logging for a stand-alone server

To enable logging for stand-alone (aka DMZ) instances hosting only the Self Service site, follow these steps:

Under HKEY_LOCAL_MACHINE\Software\One Identity\Password Manager, create the following string and DWORD (32-bit) values respectively:

  1. LogFolder and set the “Value data” to C:\ (You can specify any location/folder, but the folder needs to be created beforehand)
  2. LogLevel and set the “Value data” to All

Figure 18:  

To enable logging for the Secure Password Extension (SPE)

The following registry key will enable/disable logging for the SPE:

HKEY_LOCAL_MACHINE\SOFTWARE\One Identity\Password Manager\Logging

NOTE: If the keys Password Manager\Logging do not exist please create them.

Under Password Manager\Logging create the following strings:

  • LogFolder with a value of C:\
  • LogLevel with a value of All

Figure 19:  

Once you are done gathering the logs, either delete the two new string values or change LogLevel to a value of None. Failure to disable logging afterwards can result in the server’s hard drive becoming full and disrupting all services for the server.

The logfiles generated will be QPM_SPE.log and QPM_SPEnroll.log (for all versions).

To enable Password Policy Manager (PPM) logging:

If it does not already exist, create the following key in the local registry of one of the affected Domain Controllers (DCs):

HKEY_LOCAL_MACHINE\Software\One Identity\Password Manager\Logging

Under HKEY_LOCAL_MACHINE\Software\One Identity\Password Manager, create the following string and DWORD (32-bit) values respectively:

  1. LogFolder and set the “Value data” to C:\ (You can specify any location/folder, but the folder needs to be created beforehand)
  2. LogLevel and set the “Value data” to ffffffff (8 F’s in Hexadecimal)
  3. Restart the Domain Controller
  4. Reproduce the experienced issue
  5. Once you are done gathering the logs, either delete the two new string values or change LogLevel to a value of None. Failure to disable logging afterwards can result in the server’s hard drive becoming full and disrupting all services for the server.

The logfile generated will be QPM.PPMgr_XXXX-XX-XX.log

Common solutions

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating