Description
This article explains how to collect the FSSO collector, DC agent logs and export the FSSO collector agent configuration.
Scope
FortiGate.
Solution
When the FSSO collector agent is installed on any member server or domain controller, the Logging level needs to be changed to 'Debug', and the size needs to be increased to 100MB (or more if the number of users is greater). Wait for some time or till the user authentication problem happens and then click on View Logs.
It will open with a notepad. Save this file and attach the FortiCare ticket.
OR
After changing the log level and set the required size, the log file will be available at C:\>Program files or Program(x64) \fortinet\FSAE\
CollectorAgent.txt
If the log size if reached (100MB) then share the CollectorAgent.log.bak file.
Note:
After resolving the FSSO authentication problem, reset the log size back to default value 10MB
To Enable the DC agent logs and share the same logs for further investigation:
To enable the DC agent logs and working mode should be configured in DC agent mode. It's possible to verify the same under Show Monitored DCs -> Select DC to Monitor -> Working Mode -> DC Agent Mode.
If the mode is configured in DC agent mode, then from following registry, it's possible to enable the DC agent logs
HKEY_LOCAL_MACHINE\SOFTWARE\Fortinet\FSAE\DCAgent -> edit -> enable Log
Set the value to 1 from 0.
Also, the location of the dcagent log file is visible from that location and the logs can be attached to the support ticket.
Note:
Once the FSSO authentication issue is resolved, disable the DC agent logging by changing the 'enable_log' option to 0
Exporting the FSSO configuration backup:
Config backup will be saved under C:\Program Files (x86)\Fortinet\FSAE -> saved_config.txt
These logs will help the TAC engineer further investigate FSSO authentication problems.