How to get the Authentication scheme usage

Document ID : KB000045255
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

Is policy server trace logs the only way for me to be able to generate reports on the amount of usage of the authentication schemes in our environment ?

Environment:

  • Policy Server Version : r12.5 and above
  • OS Version : Any
  • Audit Database : Text based

Answer:

That is one option, but better option is to track this via audit logs.

If you are using text based audit logs , ensure that the registry key :

HKEY_LOCAL_MACHINE\Wow6432Node\Netegrity\SiteMinder\CurrentVersion\Reports\Enable Enhance Tracing

has value >=3.

In this case, Policy server logs an additional field call "AuthenticaitonMethod" which stores the name of the authentication scheme as below :

[Category][Event][Reason][Hostname][Time][AgentName][SessionId][UserName][DomainOid][RealmName][RealmOid][ClientIp][Resource][Action][AuthDirName][AuthDirServer][AuthDirNamespace][TransactionId][StatusMsg][DomainName][ImpersonatorName][ImpersonatorDirName][ObjName][ObjOid][FieldDesc][AssertionId][AssertionIssuerId][AssertionDestinationURL][AssertionStatusCode][AssertionNotOnBefore][AssertionNotOnOrAfter][AssertionSessionStartTime][AssertionSessionNotOnOrAfter][AssertionAuthContext][AssertionVersionId][AssertionClaims][ApplicationName][TenantName][AuthenticationMethod][DeviceHash][DeviceID][UserRefID]

[Az][AzAccept][][LODBL509VM016][27/Jul/2016:21:57:42 -0500][agent][mNP8ccEGWXxxu70qmPtSlgP5RK0=][Guest][03-04be6e5d-178e-4d9e-a335-4f4e805ddfb9][root][06-fb369daf-3947-4f02-b2c3-83f12f1fd8bb][fe80::45d1:dd8d:5f4d:d8b7][/][GET][][][][000080fe000000008dddd145b7d84d5f-1308-5799684a-0a3c-02ed18be][][wells][][][][][][][][][][][][][][][][][][][x509-authscheme][][][]

In case of ODBC auditing, this is tracked automatically.

Additional Information:

Content