How to view SOAP XML messages to and from AD Webservices and Powershell

I am sure many of us are curious to see the XML messages communicated between the AD Powershell webservices client and a Windows server hosting AD Webservices whenever a powershell cmdlet gets executed. In this blog, I am providing information to view those messages by enabling Windows Communication Foundation (WCF) logging through ADWS configuration. For more in general on WCF configuring message logging, please see: https://msdn.microsoft.com/en-us/library/ms730064.aspx

1) Stop Active Directory Web services by typing “net stop adws” on a command prompt.

2) Save a copy of the original %systemroot%\windows\adws\Microsoft.ActiveDirectory.WebServices.exe.config file.

3) Now open the file %systemroot%\windows\adws\Microsoft.ActiveDirectory.WebServices.exe.config for editing.

4) Copy and paste the following lines after </appSettings> tag in the file above:

 

    <system.diagnostics>
      <sources>
        <source name="System.ServiceModel.MessageLogging">
          <listeners>
                   <add name="messages"
                   type="System.Diagnostics.XmlWriterTraceListener"
                   initializeData="c:\messages.svclog" />   <!-- Provide your desired path for log file here -->   
          </listeners>
       </source>
     </sources>
  </system.diagnostics> 

And the following lines just under <system.serviceModel> tag:

 

    <diagnostics>
     <messageLogging 
          logEntireMessage="true" 
          logMalformedMessages="true"
          logMessagesAtServiceLevel="true" 
          logMessagesAtTransportLevel="true"/>
    </diagnostics>

5)  Save and close the config file.

6)  Start the service using “net start adws” and make sure configuration file got loaded successfully by checking the ADWS event log ID 1100  “The configuration file for Active Directory Web Services has been loaded without errors.”

7) Open Active Directory Module for Windows Powershell and run any AD cmdlet.

8) Note that a file called c:\message.svclog got created which contains all the XML messages!

Message.svclog contains a sequence of XML fragments and is not a valid XML file. It is recommended that you use the Service Trace Viewer Tool (SvcTraceViewer.exe) to view the message log files in a more formatted manner. For more information on how to use this tool, see Using Service Trace Viewer for Viewing Correlated Traces and Troubleshooting.

For e.g. below is a Get-Transfer root dse request from AD powershell to ADWS:

And the Get-transfer response to the above request from ADWS:

This mechanism of logging messages comes very handy while debugging errors and exceptions. It is also useful to see the exact message sent to/from the ADWS in raw form, for ex: by looking at the request XML sent by Get-ADObject one can find out how Advanced Filters are converted to ldap filters. By setting appropriate message logging options it is possible to view malformed messages and faults. One can also view XML messages communication between Active Directory Administrative Center and ADWS through such logging. 

Enjoy!

Swasti Mishra

Developer – Active Directory Web Services team