System Center Mobile Device Manager (MDM) has many distributed features and components. Therefore, it is helpful to know which tools are available for you in certain circumstances. These tools can help you find and isolate the cause of an issue.
Dependencies
MDM includes the following dependencies that enable it to run:
- Windows Server 2003
- Internet Information Services (IIS)
- Active Directory
- Microsoft SQL Server 2005
- Windows Server Update Services (WSUS)
- .NET Framework 2.0
- Microsoft Management Console (MMC)
This troubleshooting guide does not address issues for the previous products listed. This guide provides information about underlying platform components to the extent that these components affect MDM functions. Issues with any of the prerequisite software and hardware are beyond the scope of this troubleshooting guide. For more information about how to troubleshoot any of these components, see the product documentation that accompanies these products or services.
MDM Troubleshooting Tools
The following lists the various tools and applications that you can use to troubleshoot MDM.
|
Tool |
Description |
||||||||||||||||
|
Event Viewer |
This application logs the Application, system, and security events. Use Event Viewer to obtain information and details when specific issues occur. |
||||||||||||||||
|
Tracing with MDM Shell cmdlets Perform trace logging with the help of a Microsoft representative. A Microsoft representative has the resources to analyze the trace logs. Some MDM tracing may collect information from MDM Active Directory objects. We recommend that you write the .etl trace logs to a secured area of the disk. To run the cmdlets on computers that are running MDM, but do not have the PowerShell console installed, such as MDM Enrollment Server and MDM Gateway Server, install Windows PowerShell 1.0 and MDM Administrator Tools. When you install MDM Administrator Tools, MDM Shell will also install. For more information about Windows Preprocessor (WPP) tracing, see WPP Software Tracing at this Microsoft Web site: |
WPP software tracing produces log files that you can analyze for debugging and troubleshooting issues. To enable WPP tracing:
The trace logs have an .etl extension and are located in the \Program Files\Microsoft System Center Mobile Device Manager\Logs folder on MDM Shell. To disable tracing:
You do not have to restart the computer or any services after you enable or disable tracing. |
||||||||||||||||
|
Tracing with Logman.exe Logman.exe is a standard tool found in the \Windows\System32 directory. Users must have Write permissions on the trace folder to run Logman commands successfully. |
When Windows Event Logs are insufficient for troubleshooting a problem, you can start WPP tracing for the virtual private network (VPN) server to obtain detailed trace logs. To enable kernel-mode tracing on the network driver interface specification input method (NDIS IM) driver:
To enable user-mode tracing on the NT service for VPN:
The Logman tool generates an *.etl file in the trace folder that contains unformatted trace information. You must send this file to Microsoft. |
||||||||||||||||
|
Services MMC |
Use the Services MMC snap-in to start, stop, and verify that certain services are running. To open Services MMC, on the Startmenu, choose Run, and then type services.msc. |
||||||||||||||||
|
MDM Console |
Use MDM Console for status information, for example, for the last time that a device connected applications that installed on a device. Use MDM Software Distribution Console for status on device package installations. Use MDM Shell to run cmdlets that retrieve data or set configurations. |
||||||||||||||||
|
Active Directory Service Interfaces MMC |
ADSIEdit.msc is a low-level editor for Active Directory that provides a graphical user interface (GUI) to view and change Active Directory. This tool is useful to add, delete, and move objects in a directory service. For more information about this tool, see ADSIEdit Overview at this Microsoft Web site: |
||||||||||||||||
|
Report Viewer For more information about Report Viewer, see Microsoft Report Viewer Redistributable 2005 at this Microsoft Web site: |
The Report Viewer tool collects data from Active Directory and the SCMDM databases. It uploads the data to a reporting database for comprehensive and detailed reporting capabilities. |
||||||||||||||||
|
MDM Client Tools |
The client troubleshooting tools and steps differ depending on
whether the device is trying to enroll, has enrolled, or cannot
connect to the VPN server or the Device Management Server. For more
information, see MDM Resource Kit Tools at this Microsoft Web page:
|
||||||||||||||||
MDM Log Files
The following lists the various log files that you can check for troubleshooting MDM.
|
Log file |
Description |
|
SCMDMsetup.log |
The SCMDMsetup.log file contains information that is collected from MDM component .msi installation logs. However, it does not contain verbose installer data, and does not report return values for the different custom actions. You can obtain the return values and more comprehensive information from the .msi logs for each MDM component installation. By default, SCMDMsetup.log is located in the Temp directory. |
|
Windows Installer version 3.1 .msi logs |
If you run Setup from the MDM splash screen, the .msi logs have friendly names. For example, DM.log, Enrollment.log, and AdminTools.log. If you run Setup at a command prompt, no logging is performed unless you use the /Lor /L*vparameters. You can specify the log name by adding /Land a log file name to the command line. Search for Return value 3and examine the section before the return value. This section has the custom action that failed. By default, SCMDMsetup.log is located in the Temp directory. |
|
Verbose Windows Installer log |
To find the source of an error, generate and analyze a verbose log file. You can use the WILogUtl.exe tool from the Windows Installer SDK. You can enable logging with a Windows Installer logging policy, or by appending /L*v <path of log name.log>to the MSIExec command line. |
|
Application event log |
Windows Installer records installation information, such as successful and failed operations, in this event log. |
|
MDM event log |
As you install MDM system components, an MDM Event Viewer node is created that provides information on application and installation errors. After you run Setup for each MDM component, a summary page provides details on installation specifics. This includes service failures and other complications or issues. |
|
VPNGateway.log |
MDM Setup logs do not record the installation of MDM Gateway Server or other MSI-based installations for prerequisites. However, MDM Gateway Server Setup creates the VPNGateway.log file on the computer that is running MDM Gateway Server. By default, VPNGateway.log is located in the Temp directory. |
MDM Troubleshooting Tips
The following tips will help you isolate, identify, and resolve issues common toMDM:
- Check the MSI log, and server Application Event log, to
pinpoint the source of the issue.
- Make sure that the software and hardware requirements on the
SQL Server computer are met; see the MDM Deployment Guide.
- Make sure that the SQL Server computer is in the same domain as
the MDM servers.
- Verify that the account being used has access with Windows
Integrated Authentication. Make sure you add the MDM Universal
Groups to the SQL Server logins.
- Verify that the SQL Server computer can be reached by FQDN and
IP address from MDM Enrollment Server.
- If this installation is a new one, verify that the database and
sqlinstance names are blank in the Dependencies SCP.
- Review any errors in the MSI log file.
- Verify that a record for that server does not already exist in
the Servers table in the Administration Services database.