Description:
How to start SiteMinder smps trace without using SM console
Solution:
You can enable smtrace without using smconsole by changing some SiteMinder registry keys as following:
In normal situation, you will see TraceConfig and TraceConfig1 are identical, for example: C:\siteminder\policyserver\config\smtracedefault.txt
Generally, these three registry values are equivalent to elements in Profiler tab of SM console as follow:
Both TraceConfig and TraceConfig1 need to have same values. If they are not identical, some unexpected behaviors might occur.
TraceOutput registry refer to the physical file path of trace output file for example:
C:\siteminder\policyserver\logs\smtracedefault.log
After all three registry values have been set, the smtrace will start immediately logging to the specified output file.
To stop smtrace, customer can empty out the HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig\TraceConfig
Optionally, customer can use "smpolicysrv -starttrace" and "smpolicysrv -stoptrace" to start and stop tracing.
The trace log will start to generate when you have those keys populated and run "smpolicysrv -starttrace".
If you decide to disable temporarily, you can run "smpolicysrv -stoptrace" to stop logging.
If you did not populate the keys, and if you run "smpolicysrv -starttrace" or "smpolicysrv -stoptrace", you will still see the command being issued in smps log (ex: Server 'starttrace' command received).
But it is just a message saying that the command was issued and does not guarantee that it will work.
trace steps for Linux platform