Microsoft Forefront UAG – Forefront UAG monitoring and debugging (Part 2)

If you would like to be notified when Marc Grote releases the next part in this article series please sign up to our ISAserver.org Real-Time Article Update Newsletter.

If you would like to read the first part in this article series please go to Microsoft Forefront UAG – Forefront UAG monitoring and debugging (Part 1).

Introduction

This is a two part article series. In the first article we talked about monitoring techniques in Forefront UAG to monitor user sessions, network traffic and many more. In this article will go deeper into Forefront UAG debugging and tracing capabilities.


Get your copy of the German language “Microsoft ISA Server 2006 – Das Handbuch”

Let’s begin

As a first step we will use the Forefront UAG Best Practice Analyzer to analyze the Forefront UAG installation against best practices from Microsoft. You can download the Forefront UAG Best Practice Analyzer from here. After the BPA scan has been completed you can see the results in the Forefront UAG BPA console to analyze the results against the builtin BPA help file or with corresponding Microsoft Technet articles.


Figure 1: UAG BPA

Forefront UAG tracing

Forefront UAG is a complex application and if the standard troubleshooting tools like the Forefront UAG Web Monitor, UAG Activation Monitor and the Forefront TMG live logging are not sufficient to find the cause of a problem you can use the builtin tracing functionalities of Forefront UAG or as the first step the Forefront TMG diagnostic logging utility as shown in the following screenshot.


Figure 2: TMG Diagnostic Logging

If the Forefront TMG Diagnostic logging is not sufficient to find the reason for a configuration problem with the Forefront UAG Server you are able to activate the Forefront UAG tracing feature which collects a large amount of data regarding the Forefront UAG configuration. The collected information of the UAG tracing utility are primarly designed to send this information to the Microsoft Customer Support Service (CSS) but if you are familiar with advanced Forefront UAG debugging it is possible to analyze the collected Forefront UAG trace data.

Forefront UAG provides tracing on both the Forefront UAG server, and on endpoint devices connecting to resources published via Forefront UAG. On the Forefront UAG server, tracing is available by default.

On endpoint devices connect to a Forefront UAG site or portal you must manually acivate the client-side tracing by installing the Forefront UAG client trace components.

On the Server side, default trace settings are in place:

  • Tracing level is enabled for all components, and set to a verbosity level of “Error”.
  • By default, trace results are saved to a binary file (Forefront_UAG.BIN) located in the directory C:\WINDOWS\debug\. This directory also contains the trace file for Forefront TMG so it is possible to use the trace utility for Forefront TMG also.
  • The file size is limited to 400 MB. When the size limit is reached, older trace messages are deleted, so that new trace messages can be added.
  • It is possible to create only one trace file at the same time.

The graphical configuration tool for Forefront UAG tracing is called UAG Relaese Bits Tracing and can be found in the following directory on the Forefront UAG Server:

C:\program files\Microsoft Forefront Unified Access Gateway\common\bin\tracing.

Start the Trace Utility (a command line version is also available) and you are able to configure tracing for the different Forefront UAG components as shown in the following screenshot.


Figure 3: Forefront UAG Release Bits Tracking

It is possible to disable circular logging for the UAG trace file, you can specify another storage location for the trace log files and it is possible to configure the creation of trace log backup files. By default one trace file will be saved as copy with the .BAK file extension.


Figure 4: Forefront UAG Release Bits Tracking

Because the UAG trace file is stored binary we must have a technology which converts the trace file into readable format. You must download the trace symbol files from the following website. Extract the files to a directory on the Forefront UAG Server. If you want to send the trace file in a binary format to CSS, the tracing symbols are not required. After the UAG trace files has been downloaded you can use the Trace command line tool or the Foreront UAG Release Bits Tracing utility to specify the path to the trace files as shown in the following screenshot.


Figure 5: Specify path to trace format files and specify output options

In the Forefront UAG Release Bits Tracking console click GO to start the trace process and after you reproduced possible problems with Forefront UAG click STOP to stop the tracing of files. You are able to store the trace results in text format or it is possible to display the results directly in a graphical viewer.

You can see a sample output of the trace utility in the following screenshot.


Figure 6: Forefront UAG Release Bits Tracking output file

The next screenshot shows the output of the Forefront UAG tracing with the graphical viewer.


Figure 7: Forefront UAG Release Bits Tracking – graphical viewer

Conclusion

In this article I tried to give you some helpful information how to debug a Forefront UAG installation / configuration if the traditional logging and monitoring capabilities of Forefront UAG are not sufficient.

Related links

If you would like to be notified when Marc Grote releases the next part in this article series please sign up to our ISAserver.org Real-Time Article Update Newsletter.

If you would like to read the first part in this article series please go to Microsoft Forefront UAG – Forefront UAG monitoring and debugging (Part 1).

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top