The FSC diagnostic tool

 

Applies to: Forefront Security for Exchange Server

To accurately diagnose a problem, support engineers typically need a variety of information about Forefront Security for Exchange Server (FSE) and the Exchange server on which it is running. This information consists of FSE version information, third-party scan engine versions, registry settings, and FSE databases. Gathering this configuration information is a major effort that can hinder the troubleshooting process.

To make it easier for you to collect this information, the Forefront Security Diagnostic tool (FSCDiag) automates the process, assembling all the necessary data in one file that can then be uploaded to Microsoft. When you contact Microsoft Help and Support, you are told where to upload the file.

Information collected

The Forefront Security Diagnostic tool can collect any or all of the following information, based on your requests:

  • FSE file versions

  • Exchange file versions

  • FSE registry key

  • FSE database files

  • FSE archive files

  • FSE program log file

  • Windows event log files

  • Dr. Watson log file

  • User.dmp file

  • FSE installation log file

  • FSE hotfix installation log file

  • Exchange agents.config file

Running the Forefront Security diagnostic tool

You can run the Forefront Security Diagnostic tool in no prompt mode (the default), gathering all possible information. You can also run the tool in interactive mode or console mode. When running in interactive mode, you are prompted for every option. When running in console mode, you can use command-line switches to specify which information you want gathered. After running the tool, the selected data is gathered and compressed into a single file to be uploaded to Microsoft.

Note

Console mode is only available if you have installed SP1 rollup 3 or higher.

To run the Forefront Security Diagnostic tool

  1. Run the program in no prompt mode, interactive mode, or console mode.

    To run the program in no prompt mode: Navigate to the Forefront Security for Exchange Server installation folder (default: C:\Program Files(x86)\Microsoft Forefront Security\Exchange Server) and launch FSCDiag.exe. The program runs in a command prompt window. You can also run the program at a command prompt by navigating to the Microsoft Forefront Security\Exchange Server installation folder and typing:

    FSCDiag

    To run the program in interactive mode: At a command prompt, navigate to the Microsoft Forefront Security\Exchange Server installation folder and type:

    FSCDiag /i

    You are prompted for each item. Type Yes or No, pressing ENTER after each response.

    To run the program in console mode: At a command prompt, navigate to the Microsoft Forefront Security\Exchange Server installation folder and type:

    FSCDiag /c /switch1 /switch2 /switch3

    You must specify /c, which signifies that you are running the tool in console mode. You can specify as many switches as needed. An example of the syntax used to collect only the Forefront file versions and the Forefront registry keys is:

    FSCDiag.exe /c /ver Forefront /reg Forefront

    To view the possible switch combinations that you can use, type FSCDiag /? before running the program.

  2. After you execute the program, the tool gathers the requested information and compresses the results into a new file that is located in the Log\Diagnostics\ folder under the FSE installation directory. The file name, constructed from the name of the server, date, and time, has the following format:

    Format: ForefrontDiag-<server name>-<date>-<time>.zip

    <date> has the format yyyymmdd

    <time> has the format hh.mm.ss (where hh represents a 24-hour clock)

    Example: C:\Program Files(x86)\Microsoft Forefront Security\Exchange Server\Log\Diagnostics\ForefrontDiag-Server1-20051210-17.50.27.zip

  3. Contact Microsoft Help and Support to find out where to upload the compressed file.

  4. Upload the compressed file to Microsoft.