Logs & Settings Action Plan for Mobile Devices and PC Sign in with SkypeShield Credentials

Owned by Agat Support
Last updated: Nov 01, 2020
2 min read

1. Change Log level 

I. Change the LAC Log Level 

  1. Backup the Lync_Access_Control.xml file 
  2. Change the log severity level to debug and enable dumps: 
    • Change the <logging> tag in Lync_Access_Control.xml: 
      1. In <main> tag configure <severity>debug</severity> 
      2. In <dumps> tag change <enabled>true</enabled> 
  3. Save changes 

II. Change the DMZ Bastion and Authentication Extender Log Level 

  1. Backup the bastion.xml file 
  2. Change the log severity level to debug and enable dumps: 
    • Change the <logging> tag in bastion.xml: 
      1. In <main> tag configure <severity>debug</severity> 
      2. In <dumps> tag change <enabled>true</enabled> 
  3. Save changes 
III. Restart the Bastion Service 
  1. Open PowerShell 
  2. Execute: Restart-Service bastion 

IV. Change the SIP Filter Log Level 

  1. Backup the AgatSfbSipFilter.yaml file
  2. Change the log severity level to debug and enable dumps: 
      1. In log-level: tag configure Debug 
      2. In trace-sip: tag configure true 
  3. Save changes 

V. Restart the SIP Filter Service 

  1. Open PowerShell 
  2. execute: Restart-Service AgatSfbSipFilter

2. Replicate the issue 

3. Collect files 

I. Collect the log LAC_<poolname>_<date>.log and the Dumps folder from the relevant date  from DMZ Bastion 

II. Collect the log Bastion.<date>.log and the dumps folder from the relevant date from DMZ Bastion 

III. Collect the log Bastion.<date>.log and the dumps folder from the relevant date from Authentication Extender 

IV. Collect the log KCD.<poolname>.<date>.log and the AuthConsumer.<poolname>.<date>.log from the relevant date  from Authentication Extender 

V. Collect the Lync_Access_Control.xml  from DMZ Bastion 

VI. Collect the log lync.<date>.log and the trace.<date>.log from the relevant date 

VII. Collect the AgatSfbSipFilter.yaml file 

VIII. Export Access Portal Logs 

  1. Open the Access Portal WebUI 
  2. Browse to /admin/logfiles 
  3. Change the log level to DEBUG 
  4. Replicate the issue 
  5. Click on Export 

4. Revert Settings 

I. Revert back to the old Lync_Access_Control.xml 

II. Revert back to the old AgatSfbSipFilter.yaml 

III. Revert back to the old Bastion.xml 

IV. Restart the Bastion Service 

  1. Open PowerShell 
  2. Execute: Restart-Service bastion 

V. Restart the SIP Filter Service 

  1. Open PowerShell 
  2. execute: Restart-Service AgatSfbSipFilter

5. Send AGAT Software Support the collected logs 

The following files are expected to be delivered following this plan:
  1. Access Portal logs and settings
  2. LAC_<version>_<poolname>_<date>.log from the relevant time frame in Debug mode from DMZ Reverse Proxy
  3. LAC Traffic dumps from the relevant time frame from DMZ Reverse Proxy
  4. Lync_Access_Control.xml from DMZ Reverse Proxy
  5. Bastion_<version>_<date>.log  folder from the relevant date from DMZ Reverse Proxy
  6. Bastion Traffic  dumps folder from the relevant date from DMZ Reverse Proxy
  7. Bastion_<version>_<date>.log folder from the relevant date from Authentication Extender
  8. Bastion Traffic  dumps folder from the relevant date Authentication Extender
  9. KCD_<poolname>_<date>.log  from the relevant date  from Authentication Extender
  10. the AuthConsumer_<poolname>_<date>.log from the relevant date  from Authentication Extender
  11. sipfilter-<date>.log from the relevant date from the Edge
  12. trace-<date>.log from the relevant date from the Edge
  13. AgatSfbSipFilter.yaml from the Edge
  14. Skype for Business Client logs

Default file location could be found here.


Please include the following information:
a. Time frames of issue
b. Users involved (SIP Address, AD username, UPN, etc.)