Thursday, April 28, 2011

Enable FIM 2010 and PCNS logging

 

Diagnostics and maintenance

Whenever a password change operation completes, the history is saved in the FIM Synchronisation Service database in SQL Server. Because a large number of password change operations can increase the size of the database, it is recommended that you save and clear the password change history on a regular basis to limit performance issues on the server running SQL Server. For information about clearing the password change history, see the FIM Developer Reference.

Both FIM and the PCNS use the Application log to record activity and failure events. For learning about password synchronisation, it is recommended that you set the logging level to high and monitor the Application log closely during the initial configuration and rollout of password synchronisation.

For FIM, there are four logging levels that are controlled by adding the FeaturePwdSyncLogLevel (REG_DWORD) entry to the following registry subkey:

      HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\FIMSynchronizationServices\Logging

  • 0 = Minimal Logging
  • 1 = Normal logging (default)
  • 2 = High logging
  • 3 = Verbose logging

For PCNS, there are four logging levels that are controlled by adding the EventLogLevel (REG_DWORD) entry to the following registry subkey:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\PCNSSVC\Parameters

  • 0 = Minimal Logging
  • 1 = Normal logging (default)
  • 2 = High logging
  • 3 = Verbose logging

Does not always seem to work without a reboot.

 

Hat-tip: http://certsrv.ru/fim2010.en/html/9537ebeb-80bb-4389-9538-1b65302b70eb.htm

No comments:

Blog Archive