Enabling debug logging for SSO 6.0
search cancel

Enabling debug logging for SSO 6.0

book

Article ID: 324323

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

This article provides steps to enable debug logging for the vSphere 6.x SSO on the Windows operating system and for the vCenter Server Virtual Appliance (VCSA) for troubleshooting purposes.

Symptoms:
This article provides steps to enable debug logging for the vSphere 6.x SSO on the Windows operating system and for the vCenter Server Virtual Appliance (VCSA) for troubleshooting purposes.

Environment

VMware vCenter Server Appliance 6.0.x
VMware vCenter Server 6.0.x

Resolution

  • To enable debug for IDM, modify log4j.xml configuration file and sts as below:

    Change the log level values under various tags to value="DEBUG" in log4j.xml file.

    Notes:
     
    • The log4j.xml file can be found at below path:
       
      • For vCenter Server 6.0: C:\Program Files\VMware\vCenter Server\VMware Identity Services\log4j.xml.
      • For VCSA 6.0: /opt/vmware/share/config/log4j.xml.
         
    • Respective service restart is required after making changes in log4j files.
       
  • For other services like sts, sso-adminserver, lookupservice and websso, change the log4j.logger and log4j.rootLogger values to the desired log level.

    Notes:
     
    • For vCenter Server 6.0, refer the paths below:

      C:\ProgramData\VMware\vCenterServer\runtime\VMwareSTSService\webapps\sts\WEB-INF\classes\log4j.properties
      C:\ProgramData\VMware\vCenterServer\runtime\VMwareSTSService\webapps\sso-adminserver\WEB-INF\classes\log4j.properties
      C:\ProgramData\VMware\vCenterServer\runtime\VMwareSTSService\webapps\lookupservice\WEB-INF\classes\log4j.properties
      C:\ProgramData\VMware\vCenterServer\runtime\VMwareSTSService\webapps\websso\WEB-INF\classes\log4j.properties

       
    • For VCSA 6.0, refer the paths below:

      /usr/lib/vmware-sso/vmware-sts/webapps/sts/WEB-INF/classes/log4j.properties
      /usr/lib/vmware-sso/vmware-sts/webapps/sso-adminserver/WEB-INF/classes/log4j.properties
      /usr/lib/vmware-sso/vmware-sts/webapps/lookupservice/WEB-INF/classes/log4j.properties
      /usr/lib/vmware-sso/vmware-sts/webapps/websso/WEB-INF/classes/log4j.properties


Additional Information

Log Levels in vmdir

We can turn on verbose log for vmdir using vdcadmintool.

To do this, run vdcadmintool under c:\program files\vmware\vcenterserver\vmdird or /usr/lib/vmware-vmdir/bin/vdcadmintool.

==================

Please select:

0. exit

1. Test LDAP connectivity

2. Force start replication cycle

3. Reset account password

4. Set log level and mask

5. Set vmdir state

==================

4 Log level (ERROR|WARNING|INFO|VERBOSE|DEBUG): VERBOSE

Log mask : 0

To restore default log/mask, run the same tool and set level/mask to INFO/0.

 

Log config files and log locations:

Service

Log target

Location

Identity Manager

 

Config File: C:\Program Files\VMware\vCenter Server\VMware Identity Services\log4j.xml

LogFile: C:\ProgramData\Vmware\CIS\logs\sso\vmware-sts-idmd

Log File: C:\ProgramData\Vmware\CIS\logs\sso\vmware-sts-idmd-perf

CloudVM

/opt/vmware/share/config/log4j.xml

Log File: /var/log/vmware/sso/vmware-sts-idmd.log

Log File: /var/log/vmware/sso/vmware-sts-idmd-perf.log

Secure token Server

 

Config File: C:\ProgramData\Vmware\CIS\runtime\VMwareSTSService\webapps\sts\WEB-INF\classes\log4j.properties

Logfile location : C:\ProgramData\Vmware\CIS\runtime\VMwareSTSService\logs\vmware-identity-sts

Logfile location : C:\ProgramData\Vmware\CIS\runtime\VMwareSTSService\logs\vmware-identity-sts-perf

CloudVM

Config File: /usr/lib/vmware-sso/vmware-sts/webapps/sts/WEB-INF/classes/log4j.properties

Log location : /var/log/vmware/sso/vmware-identity-sts.log

Log location : /var/log/vmware/sso/vmware-identity-sts-perf.log

Admin Server

 

Config File: C:\ProgramData\Vmware\CIS\runtime\VMwareSTSService\webapps\sso-adminserver\WEB-INF\classes\log4j.properties

LogFile location : C:\ProgramData\Vmware\CIS\runtime\VMwareSTSService\logs\ssoAdminServer.log

 

CloudVM

Config File: /usr/lib/vmware-sso/vmware-sts/webapps/sso-adminserver/WEB-INF/classes/log4j.properties

Log location : /var/log/vmware/sso/ssoAdminServer.log

 

Lookup Service

 

Config File: C:\ProgramData\Vmware\CIS\runtime\VMwareSTSService\webapps\lookupservice\WEB-INF\classes\log4j.properties

Logfile location : C:\ProgramData\Vmware\CIS\runtime\VMwareSTSService\logs\lookupServer.log

 

CloudVM

Config File: /usr/lib/vmware-sso/vmware-sts/webapps/lookupservice/WEB-INF/classes/log4j.properties

Log location : /var/log/vmware/sso/lookupServer.log

 

Websso

 

Config File: C:\ProgramData\Vmware\CIS\runtime\VMwareSTSService\webapps\websso\WEB-INF\classes\log4j.properties

Logfile location : C:\ProgramData\Vmware\CIS\runtime\VMwareSTSService\logs\websso

 

CloudVM

Config File: /usr/lib/vmware-sso/vmware-sts/webapps/websso/WEB-INF/classes/log4j.properties

Log Location : /var/log/vmware/sso/websso.log