How to start SiteMinder SMPS trace without using SM console.

To enable smtrace without using smconsole the following SiteMinder registry keys need to be changed:

1. HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig\TraceConfig
2. HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig\TraceConfig1
3. HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig\TraceOutput

In a normal situation, TraceConfig and TraceConfig1 are identical. For example, C:\siteminder\policyserver\config\smtracedefault.txt

Generally, these three registry values are equivalent to elements in the Profiler tab of the SM Management Console as follows:

1. HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig\TraceConfig -> Enable Profiling check box
2. HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig\TraceConfig1 -> Configuration file
3. HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig\TraceOutput -> Output to File

Both TraceConfig and TraceConfig1 need to have the same values. If they are not identical, unexpected behavior may occur.

TraceOutput registry refers to the physical file path of the trace output file. For example, C:\siteminder\policyserver\logs\smtracedefault.log

After all three registry values have been set, the smtrace will start immediately logging to the specified output file.

To stop the trace, empty out the HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig\TraceConfig

Optionally, the smpolicysrv -starttrace and smpolicysrv -stoptrace commands can be used to start and stop tracing from a command prompt.

The trace log will start to generate when you have those keys populated and run smpolicysrv -starttrace. To disable it temporarily, run smpolicysrv -stoptrace to stop logging.

If the registry keys were not populated, and smpolicysrv -starttrace or smpolicysrv -stoptrace are run, the command being issued will be seen in smps log (ex: "Server starttrace command received"). This is just a message saying that the command was issued and does not guarantee that it will work.