Bulk Enable CAPI2 Logging

Enable & Disable CAPI2/Operational Logging

One of the biggest headaches to troubleshoot when working with customer deployments is certificates.

What is the CAPI2/Operational Log? CAPI2 stands for Cryptographic API. The CAPI2 log is located in event viewer under Application and Services Logs/Microsoft/CAPI2/Operational.

By default, Microsoft has this log disabled. This log will grow/overwrite itself extremely fast on a production server that relies on certificates.

During a recent Skype to Exchange troubleshooting effort Microsoft requested that we enable CAPI2 logging to identify why Exchange was throwing an error accepting Unified Messaging (UM) calls from a Skype Pool.

Due to the nature of this issue we had to enable CAPI2 logging on All production Exchange servers as we had no way to force Skype to connect to a specific server.

Below is an example of what you would see in a CAPI2 log once enabled

Note: I only turned this logging on my laptop for 15 seconds and already have over 300 events captured)

I had to enable CAPI2 logging on almost 50 servers, reproduce our failed connection attempt, then disable the logs before they overwrote themselves.

Below is the script I used to set the log size to 20MB as well as enable or disable the logs in bulk

Enable-CAPI2Loging.ps1

$Servers = @(Import-CSV -Path '.\servers.txt')

If ($Servers.count -like 0){
Write-Host 'No Servers Listed' 
Exit
}
Else{
Write-Host "Total Server Count: " -NoNewline
Write-Host $Servers.count
}

ForEach ($i in $Servers) {

    $Server = $i
    Write-Host 'Working on Server' $Server -BackgroundColor Yellow -ForegroundColor Black
    Invoke-Command -ComputerName $Server -ScriptBlock { 
	wevtutil sl Microsoft-Windows-CAPI2/Operational /ms:20000000
	wevtutil.exe sl Microsoft-Windows-CAPI2/Operational /e:true
    }
 }


Disable-CAPI2Logging.ps1

$Servers = @(Import-CSV -Path '.\servers.txt')

If ($Servers.count -like 0){
Write-Host 'No Servers Listed' 
Exit
}
Else{
Write-Host "Total Server Count: " -NoNewline
Write-Host $Servers.count
}

ForEach ($i in $Servers) {

    $Server = $i
    Write-Host 'Working on Server' $Server -BackgroundColor Yellow -ForegroundColor Black
    Invoke-Command -ComputerName $Server -ScriptBlock { 
	wevtutil.exe sl Microsoft-Windows-CAPI2/Operational /e:false
    }
 }

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.