Previous Topic: How to Record Events to the SyslogNext Topic: How to Enable Assertion Attribute Logging on UNIX or Linux Operating Environments


How to Enable Assertion Attribute Logging on Windows Operating Environments

You can record information about the assertion attributes to the audit logs. Use these logs for a security audit, or during an investigation. The type of event determines the information that is recorded in the log. The following events are recorded when you enable assertion‑attribute logging:

The logging of assertion attributes is disabled by default. Enable assertion‑attribute logging on your Policy Server.

The following graphic describes how to enable assertion attribute logging:

This diagram describes the workflow for enabling assertion attribute logging on the Windows operating environment

Follow these steps:

  1. Open the Windows registry editor.
  2. Change the value of the registry key.
  3. Restart your Policy Server with the following steps:
    1. Stop your Policy Server.
    2. Start your Policy Server.
Open the Windows Registry Editor

Change this setting by opening the Windows registry editor on the system hosting your Policy Server.

Follow these steps:

  1. Click Start, Run.
  2. Type the following text in the Open: Field.
    regedit
    
  3. Click OK.

    The Windows registry editor opens.

Change the Value of the Registry Key

The following registry key controls attribute assertion logging:

Enable Enhance Tracing

Indicates whether attribute assertions are recorded in the audit logs. A value of 2 enables logging. A value of 3 enables logging and records the authentication method of the user. A value of 4 enables logging for Enhanced Session Assurance with DeviceDNA™

Limits: 0, 2, 3, 4

Default: 0 (logging disabled)

Follow these steps:

  1. In the registry editor, expand the following item:
    HKEY_LOCAL_MACHINE
    
  2. Click Software, Netegrity, SiteMinder, Currentversion, Reports.
  3. Locate the following registry key:
    Enable Enhance Tracing
    
  4. Right-click the key, and then pick Modify.
  5. Do one of the following tasks:
  6. Click OK.
  7. Close the registry editor.

    The value of the Enable Enhance Tracing registry key is changed.

Stop a Windows Policy Server

Stop your Policy Server before continuing. Stopping a Policy Server has the following results:

Follow these steps:
  1. Log in to the Policy Server host system.

    Note: Use an account with administrator privileges.

  2. Click Start, Programs, SiteMinder, SiteMinder Policy Server Management Console.
  3. Click the Stop button.
  4. Click OK.

    The Policy Server stops and the console closes.

Start a Windows Policy Server

Start the Policy Server. Starting Policy Server has the following results:

Follow these steps:

  1. Click Start, Programs, SiteMinder, SiteMinder Policy Server Management Console.

    The console opens with the Status tab selected.

  2. Click the Start buttons.
  3. Click OK.

    The Policy Server starts.