Forefront Security diagnostic tool
Applies to: Forefront Security for SharePoint
Topic Last Modified: 2007-12-07
To accurately diagnose a problem, support engineers typically need a variety of information about Forefront Security for SharePoint and the SharePoint server it is running on. This information consists of Forefront Security for SharePoint version information, third-party scan engine versions, the registry settings, and Forefront Security for SharePoint databases. Gathering this configuration information is a major effort that can hinder the troubleshooting process.
To make it easier for you to collect this information, the Forefront Security Diagnostic tool (FSCDiag) automates the process, assembling all the necessary data in one file that can then be uploaded to Microsoft. When you contact Microsoft support, you will be told where to upload the file. For more information about support, see SharePoint Troubleshooting.
The Forefront Security Diagnostic tool can collect any or all of the following information, based on your requests:
Forefront Security for SharePoint file versions (including scan engine file versions)
Forefront Security for SharePoint registry key
Forefront Security for SharePoint database (*.fdb) files
Forefront Security for SharePoint archive files
Forefront Security for SharePoint program log file
Windows Event log files
Dr. Watson log file
Forefront Security for SharePoint installation log file
The selected data is gathered and compressed into a single file to be uploaded to Microsoft.
Navigate to the Forefront Security for SharePoint installation folder and launch FSCDiag.exe. The tool runs in a command prompt window. You may also run the tool at a command prompt by navigating to the Microsoft Forefront Security\SharePoint installation folder and entering FSCDiag at a command prompt. FSCDiag normally runs in No Prompt mode, gathering all possible information.
If you want to selectively gather information, run the program in Prompt mode.To run the Forefront Security Diagnostic tool in Prompt mode
Invoke the program from a command prompt as follows:
You are then prompted for each item, as detailed in the next step.
Select the information to be included by answering each of the following screen prompts. Type "yes" or "no", pressing ENTER after each response.
Add Forefront file versions - Yes or No?
Add SharePoint versions - Yes or No?
Add Forefront registry key - Yes or No?
Add Forefront database files - Yes or No?
Add Forefront archive files - Yes or No?
Add Forefront program log - Yes or No?
Add Windows Event log - Yes or No?
Add Dr. Watson log - Yes or No?
Add User.dmp - Yes or No?
Add Forefront install log - Yes or No?
After you execute the command (or after the final prompt if you use Prompt mode), the tool gathers the requested information and compresses the results into a new file in the Log\Diagnostics folder (in the FSSP installation directory). The file name, constructed from the name of the server, the date, and the time, has the following format:
Format: ForefrontDiag-<server name>-<date>-<time>.zip
<date> has the format yyyymmdd
<time> has the format hh.mm.ss (where hh represents a 24-hour clock)
Example: C:\Program Files(x86)\Microsoft Forefront Security\SharePoint\Log\ Diagnostics\FSCDiag-Server1-20051210-17.50.27.zip
Upload the compressed file to Microsoft.