PingOne for Enterprise

Configure logging in AD Connect without IIS

Steps

  1. In a text editor, open the <install directory>\AuthenticationAgent\log4net.config file.

  2. In the <root> section, add the following file appender:

    <root>
  <level value="INFO"/>
  <appender-ref ref="eventlog"/>
  <appender-ref ref="file"/>
</root>

  3. Optional: To configure the log file parameters, add the following code to the <appender> file section.

    <rollingStyle value="Size" />
<maxSizeRollBackups value="0" />
<maximumFileSize value="100MB" />
<staticLogFileName value="true" />

    If you’re using a log file temporarily to gather data, you can ignore this step. If you plan to use log files on a long-term basis, this step limits the size of the log file to prevent overusing resources.

    Example:

    Below is an example of how the <appender> file section will appear after you add the code in step 3.

    <appender name="file" type="log4net.Appender.FileAppender">
  <file value="c:\tmp\watchdog.log"/>
  <appendToFile value="true"/>
  <rollingStyle value="Size" />
  <maxSizeRollBackups value="0" />
  <maximumFileSize value="100MB" />
  <staticLogFileName value="true" />
  <layout type="log4net.Layout.PatternLayout">
    <conversionPattern value="%date %-5level %logger [%property{NDC}] - %message%newline"/>
  </layout>
</appender>

  4. Optional: To enable verbose logging, in the <root> section, change the <level value> value from INFO to DEBUG.

    Example:

    <root>
    <level value="DEBUG"/>
    <appender-ref ref="eventlog"/>
  </root>

    Verbose logging can help troubleshoot authentication issues, such as user authentication failures. Verbose logging adds logs showing which domain controller is being used for the lookup, what LDAP filters are being used to find users, and whether a user was found or their password didn’t match.

  5. Save and close the file.