Environment
App Control Server: All Supported Versions
Objective
How to collect logs for Active Directory console login errors
Resolution
- Confirm that the App Control domain service account has the permissions needed to access all Active Directory domains needed with this KB
- Login to the App Control Console using the local "admin" user
- Navigate to > https://ServerName/Support.php > go to the Diagnostics tab
-
| For App Control Server version 8.9.x and higher: |
- Select the "Snapshot Server Logs" button
- Set logging duration: 30 Minutes
- Debug Level: Verbose
- Reporter Log Level: Minimum(default)
- Script Debug Level: Verbose
- Active Directory Debug Level: Verbose
- Start Logging
-
| For App Control Server version 8.8.x and lower: |
- Select the "Snapshot Server Logs" button
- Set logging duration: 30 Minutes
- Debug Level: Verbose
- Reporter Log Level: Minimum(default)
- Script Debug Level: Verbose
- Start Logging
- Reproduce the login error several times
- Go back to the Support.php page and select "Stop Logging"
- On the Right side of the page > under Related Views > Select "Available Log Files".
- Save the following files that have today's date:
- AppControlAD-todays-date-time.log
- ServerLog-todays-date-time.bt9
- On the server navigate and copy these files:
\Program Files (x86)\Bit9\Parity Server\scripts\Adrules.xml
\Program Files (x86)\Bit9\Parity Server\scripts\Adrules.xsd <-- This file only exists in version 8.9+ -->
- Please make screenshots of the following console pages:
- Gear Icon > System Configuration > General Tab
- Support.php > Advanced Configuration tab
- Please zip and upload all collected data to CB Vault
Related Content
