Monitoring Forefront UAG DirectAccess clients and users with PowerShell in SP1
Updated: December 2, 2010
Applies To: Unified Access Gateway
You can monitor DirectAccess clients and users by using the Forefront UAG client and user monitoring cmdlet, a Windows PowerShell snap-in that provides information about current and historical client and user logons. Monitoring Forefront UAG DirectAccess clients and users can be analyzed on an on-demand basis, to get a feel for how your current Forefront UAG DirectAccess performance is impacted by the number of concurrent users and clients.
The following procedure describes how to monitor Forefront UAG DirectAccess clients and users.
Adding and using the UAGDAUserMonitoring snap-in
The snap-in is automatically installed on the Forefront UAG DirectAccess server. When you want to use the snap-in on a non-Forefront UAG DirectAccess server, you must first install the snap-in on the local computer, as follows:
On the Forefront UAG DirectAccess server, from Windows Explorer, navigate to \UAG installation directory\common\bin\da\monitoring, and copy DAUserMonitoringSnapIn.dll to your local computer.
On the local computer, on the taskbar, click Start, click Run, and type the command**: %windir%\Microsoft.NET\Framework64\v2.0.50727\installutil DAUserMonitoringSnapIn.dll**, and then press ENTER.
Note
In the above command, specify the full pathname of the DAUserMonitoringSnapIn.dll
To add and use the UAGDAUserMonitoring snap-in
On the taskbar, click Start, click All Programs, click Accessories, click Windows PowerShell, and then click Windows PowerShell.
From the Windows PowerShell command prompt, type Add-PSSnapin UAGDAUserMonitoring, and press ENTER.
Note
If you want to automatically add the snap-in to all Windows PowerShell sessions when they start, add the snap-in to your Windows PowerShell profile. For more information, see about_Profiles(https://go.microsoft.com/fwlink/?LinkId=164602).
To retrieve user and client session information, from the Windows PowerShell command prompt, type Get-DirectAccessUsers . See the following table for the available parameters.
Parameter Name Parameter Definition Value Example ShowHistory
Defines whether current or historical data is returned.
- False—Returns current DirectAccess sessions (default).
- True—Returns historical events.
Get-DirectAccessUsers –ShowHistory $True
StartTime
When ShowHistory is set to True, this parameter defines the start time for the query output.
Locale Time/Date format. (The default is 01/01/0001 12:00 AM.)
Get-DirectAccessUsers –ShowHistory $True –StartTime "7/7/2009 8:56:00 AM"
EndTime
When ShowHistory is set to True, this parameter defines the end time for the query output.
Locale Time/Date format. (The default is the current time.)
Get-DirectAccessUsers –ShowHistory $True –EndTime "7/7/2009 15:36:00 PM"
UserName
Used to filter specific users.
User name
Get-DirectAccessUsers –UserName Carlos
ClientName
Used to filter specific client computers.
Client computer name
Get-DirectAccessUsers –ClientName Carlos2008RTM
SessionID
Each session is recorded in SQL with a Session ID (GUID). This parameter is used to filter SQL events by the SessionID.
SessionID
Get-DirectAccessUsers –ShowHistory $true –SessionID 91c0262c-d876-4d5e-8418-969b864d38af
Note
Query results can be piped to a CSV file which can be read by using Microsoft Excel. For example Get-DirectAccessUsers | Export-Csv results.csv, exports the query result to results.csv.
- False—Returns current DirectAccess sessions (default).
To retrieve the health status of your Forefront UAG DirectAccess servers, from the Windows PowerShell command prompt, type Get-DirectAccessServices.
Historical event types include: StartSession, EndSession, UserameAdded, ClientNameAdded, CertAdded, MissingCert, MissingSC, MissingHealth, GainedCorpAccess, LostCorpAccess.