Академический Документы
Профессиональный Документы
Культура Документы
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/Content/e...
Authentication > About Single Sign-On (SSO) > Use Telnet to Debug the SSO Agent
To debug your SSO Agent, you can use Telnet to connect to the SSO Agent on TCP port 4114 and run commands to review information in the connection cache. You can also enable advanced debug options. A list of the commands you can use in Telnet is available in the Telnet Help and in the subsequent Telnet Commands List section.
We recommend that you only use these commands with direction from a WatchGuard support representative.
To connect to your SSO Agent with Telnet, you must use a user account that is defined in the SSO Agent Configuration Tool User Management settings. For more information, see Configure the SSO Agent. Before you begin, make sure that the Telnet Client is installed and enabled on your computer.
4. To see a list of commands, type help and press Enter on your keyboard.
The list of common commands appears.
For more information about the commands you can use in Telnet, see the Telnet Commands List.
1 de 4
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/Content/e...
When you enable debug logging for the SSO Agent, debug log messages for the SSO Clients connected to the SSO Agent are also generated and sent to separate log files. After the debug log messages have been sent to the log files, you can view them to troubleshoot any issues. For the SSO Agent: 1. Go to the debug log file directory: \Program Files\Watch uard\Watch uard Authentication ate!a" 2. Open the debug log file: !agsr#c$log For the SSO Client: 1. Go to the debug log file directory: \Program Files\Watch uard\Watch uard Authentication %lient 2. Open a debug log file: !gssoclient&logfile$log or !gssoclient&errorfile$log Make sure to disable debug logging when you are finished. 1. In the Telnet window, type set debug off. 2. Press Enter on your keyboard.
get domain
2 de 4
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/Content/e...
Description Permanently sets the domain filter to ON. Permanently sets the domain filter to OFF.
Changes the user information in the debug log files to a Set artificial user user name you select. This enables you to clearly track information (for debugging). user information when you review debug log messages. Sets debug logging on the SSO Agent to ON. This setting sends debug log messages to the log file, which provides detailed information for troubleshooting. Save debug messages to a file in the same location as the .exe. Log file location: SSO Agent \Program Files\WatchGuard\WatchGuard Authentication Gateway\wagsrvc.log SSO Client \Program Files\WatchGuard\WatchGuard Authentication Client\wgssoclient_logfile.log and wgssoclient_errorfile.log
set debug on
set debug verbose set debug off flush <ip> flush all list list config list user list eventlogmonitors get log <IP>
Includes additional log messages in the debug log files. Sets debug logging on the SSO Agent to OFF.
Clear cache of <ip> address. Clear cache of all <ip> addresses. Return list of all IP in cache with expiration. Return list of all monitoring domain configurations. Return list of all registered users. Return list of all registered Event Log Monitors. Get SSO Client logs and dmp files (if have) in zip format. Same as "get log <IP>', but support multiple ip, full path of txt required and one ip each line in the txt file. eg: get log %'\m" test\ips$t(t. Terminate the connection.
Deletes all authentication information about the specified IP address from the SSO Agent cache. Deletes all authentication information currently available on the SSO Agent. Shows a list of all authentication information currently available on the SSO Agent. Shows a list of all domains the SSO Agent is connected to. Shows a list of all user accounts included in the SSO Agent configuration. Shows a list of all instances of the Event Log Monitor and the version of each instance. Download the SSO Client log files and DMP files in a ZIP file from the specified IP address. Download the SSO Client log files and DMP files in a ZIP file from each IP address specified in the TXT file. In the TXT file, each SSO Client IP address must be on a separate line and the full path to the log and dmp files for each SSO Client must be specified. Closes the Telnet connection to the SSO Agent.
quit
See Also
Configure the SSO Agent
3 de 4
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/Content/e...
Install the WatchGuard Single Sign-On (SSO) Agent Install the WatchGuard Single Sign-On (SSO) Client Install the WatchGuard SSO Exchange Monitor About Single Sign-On (SSO) Give Us Feedback Get Support All Product Documentation Knowledge Base
2014 WatchGuard Technologies, Inc. All rights reserved. WatchGuard, the WatchGuard logo, WatchGuard Dimension, Firebox, Core, Fireware, and LiveSecurity are registered trademarks or trademarks of WatchGuard Technologies in the United States and/or other countries.
4 de 4