Beruflich Dokumente
Kultur Dokumente
3. Likewise you can enable debug trace logging via netsh and this can be used to help provide
detailed information about the Network Policy Server operation when NAP policies are
configured: Netsh ras set tr * en
%windir%\Tracing\IASNAP.log
4. In addition this enabled a slew of other IAS/RAS related logs in the same folder (i.e.:
IASSAM.LOG, IPSEC etc ):
%windir%\Tracing\*.log
5. You also have Event Logs. These provide a lot of info about the operation of NAP and
connecting clients but is used primarily for auditing and troubleshooting connection attempts.
Depending upon your build they are either in the SYSTEM (B3) log and/or the security log (RC0).
There is also the Network Access Protection event log which you'd find on NAP clients.
6. On the client side we can enable NAP client Debug Tracing logs as well. This is enabled either
via netsh or via the NAP client Configuration snap-in. It's an ETL file which is generated only by
using logman… so you'll need to do a logman start QAgentRt -p {b0278a28-76f1-4e15-b1df-
14b209a12613} 0xFFFFFFFF 9 -o %systemroot%\tracing\nap\QAgentRt.etl –ets in order to turn
start .etl generation.
7. likewise we can also do WHSA tracing for NAP also… the trace GUID is 789e8f15-0cbf-4402-
b0ed-0e22f90fdc8d
14. locationservices.log
This log is used by other Configuration Manager features (for example, information about the
client's assigned site), but it also contains information specific to Network Access Protection when
the client is in remediation. It records the required remediation servers (management point,
software update point, and distribution points that host content required for compliance), which
are also sent in the client statement of health.
15. SMSSha.log
This is the main log file for the Configuration Manager Network Access Protection client, and it
contains a merged statement of health information from the two Configuration Manager
components: location services (LS) and the configuration compliance agent (CCA).
This log file also contains information about the interactions between the Configuration Manager
System Health Agent and the operating system NAP agent, and also between the Configuration
Manager System Health Agent and both the computer compliance agent and location services. It
provides information about whether the NAP agent successfully initialized, the statement of health
data, and the statement of health response.
16. CIAgent.log
This tracks the process of remediation and compliance. However, the software updates log file,
Updateshandler.log provides more informative details on installing the software updates required
for compliance.
17. SDMAgent.log
This log file is shared with the Configuration Manager feature desired configuration management,
and it also contains the tracking process of remediation and compliance. However, the software
updates log file, Updateshandler.log provides more informative details about installing the
software updates required for compliance.
18. On the server side for the System Health Validator point, you should first check the Windows
Application event log on the Windows Network Policy Server computer. This log will record any
failure categories and errors with the source being SMS_SYSTEM_HEALTH_VALIDATOR.
These are also raised as Configuration Manager status messages. Otherwise More detailed
logging information can be found in the Configuration Manager logs and the System Health
Validator point log files are located in %systemdrive%\SMSSHV\SMS_SHV\Logs.
19. Ccmperf.log
This log contains information about the initialization of the System Health Validator point performance
counters.
20. SmsSHV.log
This is the main log file for the System Health Validator point. It logs the basic operations of the
System Health Validator service, such as the initialization progress.
21. SmsSHVADCacheClient.log
This log file contains information about retrieving Configuration Manager health state references from
Active Directory Domain Services.
22. SmsSHVCacheStore.log
This log file contains information about the cache store used to hold the Configuration Manager
NAP health state references retrieved from Active Directory Domain Services, such as reading
from the store and purging entries from the local cache store file.
23. SmsSHVRegistrySettings.log
This log is used to record any dynamic changes to the System Health Validator component
configuration while the service is running.
24. SmsSHVQuarValidator.log
This log file records client statement of health information and processing operations. To obtain
full information, change the registry key LogLevel from 1 to 0 in the following location:
HKLM\SOFTWARE\Microsoft\SMSSHV\Logging\@GLOBAL
25. <InstallationPath>\Logs\SMSSHVSetup.log
This log file records the success or failure (with failure reason) of installing the System Health
Validator point.