FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Somashekara_Hanumant
Staff & Editor
Staff & Editor
Article Id 194889

Description


This article explains how to collect the FSSO collector, DC agent logs and export the FSSO collector agent configuration.

 

Scope

 

FortiGate.


Solution

 

When the FSSO collector agent is installed on any member server or domain controller, the Logging level needs to be changed to 'Debug', and the size needs to be increased to 100MB (or more if the number of users is greater). Wait for some time or till the user authentication problem happens and then click on View Logs.
It will open with a notepad. Save this file and attach the FortiCare ticket.
 
FSSO-1.png
 
OR
 
After changing the log level and set the required size, the log file will be available at C:\>Program files or Program(x64) \fortinet\FSAE\
CollectorAgent.txt
 
FSSO-2.png
 
If the log size if reached (100MB) then share the CollectorAgent.log.bak file.

 

 
Note:
After resolving the FSSO authentication problem, reset the log size back to default value 10MB
 
To Enable the DC agent logs and share the same logs for further investigation:
 
To enable the DC agent logs and working mode should be configured in DC agent mode. It's possible to verify the same under Show Monitored DCs ->  Select DC to Monitor -> Working Mode -> DC Agent Mode.
 
FSSO-3.png
 
If the mode is configured in DC agent mode, then from following registry, it's possible to enable the DC agent logs
 
HKEY_LOCAL_MACHINE\SOFTWARE\Fortinet\FSAE\DCAgent -> edit -> enable Log
Set the value to 1 from 0.
 
FSSO-4.png
 
Also, the location of the dcagent log file is visible from that location and the logs can be attached to the support ticket.

 

 
Note:
Once the FSSO authentication issue is resolved, disable the DC agent logging by changing the 'enable_log' option to 0
 
Exporting the FSSO configuration backup:
 
FSSO-5.png
 
Config backup will be saved under C:\Program Files (x86)\Fortinet\FSAE -> saved_config.txt
 
These logs will help the TAC engineer further investigate FSSO authentication problems.