Viewing Windows diagnostics

The Centrify Agent for Windows provides logging and diagnostic services. If you have administrative access on a local computer, you can generate diagnostic information about the operation of the Centrify agent for Windows and view and save the current content of the log file from the agent configuration panel. For example, you can generate diagnostic information about user sessions, user roles, desktops, and elevated account access, as well as detailed information about auditing from the agent configuration panel.

There are three different types of diagnostics information available:

  • Centrify Audit & Monitoring Service provides the diagnostic information related to the auditing and monitoring service.

  • Centrify Identity Services Platform provides the diagnostic information related to Privileged Access Service, such as for MFA. This diagnostics tool runs the following tests:

    • Agent Service Connectivity Check: Checks to see if the agent is in service, and if the agent is running in a normal state. Also determines whether the agent is in a zone, or is configured to use zoneless mode.
    • Centrify Connector Connectivity Check: Determines whether all connectors in the network can be connected properly.

    • Centrify Identity Services Platform Certificate Validation Check: Checks whether the certificates (IWA and cloud) have been installed properly. Also determines whether the agent can be connected without a trusted certificate problem.
    • Centrify Identity Services Platform Connectivity Check: Determines whether a connection to the cloud tenant is functional. Checks for problems with DNS, the firewall, and proxy server settings.
    • MFA Configuration Check: Determines whether the local computer has been configured properly. If the computer is in a zone, the test also checks whether MFA complies with the configuration defined in the zone.
    • MFA Role and Permission Check: Verifies whether role permissions are set properly in the Privileged Access Service Admin Portal.
    • Offline MFA Provisioning Check: Determines if the computer has been configured with an offline MFA profile or not.
    • RADIUS Configuration Check: If RADIUS authentication is enabled, this check determines if the RADIUS settings are configured correctly or not.
    • RADIUS Connectivity Check: If RADIUS authentication is enabled, this check determines if the agent can connect to the RADIUS server or not.
  • Centrify Privilege Elevation Service provides the diagnostic information related to privilege management.

You can view these diagnostics tools either from the Windows system tray or from the agent configuration panel.

For more details, see the Administrator’s Guide for Windows.

To view diagnostics from the Windows system tray:

  1. Log on to a computer where the Centrify Agent for Windows is installed.
  2. In the Windows system tray, right-click the Centrify icon and click Troubleshooting, then select the service for which you want to view diagnostic information (your options may vary depending on what services are enabled on the computer):
    • Centrify Audit & Monitoring Service opens a dialog box with a text-based summary of diagnostic auditing and monitoring information.

    • Centrify Identity Services Platform runs a series of connectivity tests and lists out the results of each test.
    • Centrify Privilege Elevation Service opens a dialog box with a text-based summary of diagnostic privilege elevation information.

To generate diagnostics or view the log file from the agent configuration panel:

  1. Log on to a computer where the Centrify agent for Windows is installed.
  2. In the list of applications on the Windows Start menu, click Agent Configuration to open the agent configuration panel.
  3. Select the service for which you want to view information:
    • Centrify Audit & Monitoring Service opens a dialog box with a text-based summary of diagnostic auditing and monitoring information.

    • Centrify Identity Services Platform runs a series of connectivity tests and lists out the results of each test.
    • Centrify Privilege Elevation Service opens a dialog box with a text-based summary of diagnostic privilege elevation information.
  4. Click Settings.

  5. Click the Troubleshooting tab.

  6. Click Diagnostics to generate diagnostic information.

  7. Select the Diagnostic Information displayed, right-click, then select Copy to copy and paste the output to a file for further analysis.

  8. Click View Log to display the current log file for the local agent.

  9. Click Options to see or change the location of the log file or the level of detail recorded in the log file.