Export (0) Print
Expand All

Configure event logging on a federation server

Updated: September 13, 2007

Applies To: Windows Server 2003 R2

Servers that are running the Federation Service component of Active Directory Federation Services (ADFS) log ADFS Federation Service events in the Application event log. These events report information about the operation of the components of the local organization and the partner organizations that are covered by a trust policy.

When it is manually configured, ADFS also can log debug information. Debug logs are located in %systemdrive%\ADFS\logs. For more information about how to configure debug logging, see Configuring ADFS Servers for Troubleshooting (http://go.microsoft.com/fwlink/?LinkId=74970).

The following types of events are available and enabled by default in ADFS:

  • Error: Information about a significant problem of which the user should be aware, usually involving a loss of functionality or data.

  • Warning: Indicates a problem that is not immediately significant, but that may signify conditions that could cause future issues.

  • Info: Information about a significant, successful operation.

  • Success audit: Indicates an audited security event when an audited access attempt is successful; for example, a successful logon attempt.

  • Failure audit: Indicates a security event that occurs when an audited access attempt fails; for example, an inbound token was not valid.

  • Detailed success: A success audit event with detailed information about each token involved in the transaction, including claims information.

  • Detailed failure: A failure audit event with detailed information about each token involved in the transaction, including claims information.

You can select the levels that you want to enable and disable.

Audit object access must be turned on for success or failure to allow the Federation Service to log errors. For more information, see Audit object access (http://go.microsoft.com/fwlink/?LinkId=79749).

Administrative credentials

To complete this procedure, you must be a member of the Administrators group on the local computer.

To change the event types that are logged by ADFS

  1. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.

  2. Right-click the Trust Policy node, and then click Properties.

  3. Scroll to the Event Log tab.

  4. Under Event log level, click to select and deselect event log types, and then click OK.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

© 2015 Microsoft