locked
No MFA User Portal Logs RRS feed

  • Question

  • I have successfully deployed AD FS and the MFA server. The user portal was deployed on another server in the DMZ. Everything works well. However, there are no user portal logs. All other logs are present. Since the user portal is located on another server I've also checked there. Again, no logs. The portal communicates with the MFA server and users register successfully. Any ideas?
    Tuesday, December 8, 2015 5:35 PM

Answers

  • On the User Portal web server, try creating a string registry key at HKLM\Software\Wow6432Node\Positive Networks\PhoneFactor called "InstallPath". Enter a path to where you want the log to be stored on your server. The path should include a trailing "/". Ensure that path exists on your server. A "Logs" folder will be created at that path. You also need to ensure that the identity of your MultiFactorAuthUserPortal application pool has permissions to write to that folder. When the User Portal is installed on a separate server from the MFA Server, the application pool identity is typically ApplicationPoolIdentity. To give that identity write/modify permissions on your folder, do the following:


    1. Right-click on the Logs folder (or folder above that which you create) and click Properties
    2. Go to the Security tab
    3. Click Edit and then click Add
    4. Click the Locations button and select the local machine
    5. For the object name, enter “IIS AppPool\MultiFactorAuthUserPortal ”
    6. Give that user Modify permissions

    Friday, December 11, 2015 12:54 AM

All replies

  • Hi David,

    Did you configure the user portal settings in the Azure Multi-Factor Authentication Server? If yes, the log files are located at: C:\Program Files\Multi-Factor Authentication Server\Logs.

    Reference link - https://azure.microsoft.com/en-in/documentation/articles/multi-factor-authentication-get-started-portal/#configure-the-user-portal-settings-in-the-azure-multi-factor-authentication-server

    Hope that helps!

    Best Regards

    Sadiqh Ahmed

    ________________________________________________________________________________________________________________

    If a post answers your question, please click Mark As Answer on that post and Vote as Helpful.

    Wednesday, December 9, 2015 7:21 AM
  • Yes. And the portal is functional. All the other logs are there just no user portal logs.
    Wednesday, December 9, 2015 1:59 PM
  • On the User Portal web server, try creating a string registry key at HKLM\Software\Wow6432Node\Positive Networks\PhoneFactor called "InstallPath". Enter a path to where you want the log to be stored on your server. The path should include a trailing "/". Ensure that path exists on your server. A "Logs" folder will be created at that path. You also need to ensure that the identity of your MultiFactorAuthUserPortal application pool has permissions to write to that folder. When the User Portal is installed on a separate server from the MFA Server, the application pool identity is typically ApplicationPoolIdentity. To give that identity write/modify permissions on your folder, do the following:


    1. Right-click on the Logs folder (or folder above that which you create) and click Properties
    2. Go to the Security tab
    3. Click Edit and then click Add
    4. Click the Locations button and select the local machine
    5. For the object name, enter “IIS AppPool\MultiFactorAuthUserPortal ”
    6. Give that user Modify permissions

    Friday, December 11, 2015 12:54 AM