You can monitor DirectAccess clients and users by using the Forefront UAG client and user monitoring cmdlet, a Windows PowerShell snap-in that provides information about current and historical client and user logons. Monitoring Forefront UAG DirectAccess clients and users can be analyzed on an on-demand basis, to get a feel for how your current Forefront UAG DirectAccess performance is impacted by the number of concurrent users and clients.

The following procedure describes how to monitor Forefront UAG DirectAccess clients and users.

Adding and using the UAGDAUserMonitoring snap-in

The snap-in is automatically installed on the Forefront UAG DirectAccess server. When you want to use the snap-in on a non-Forefront UAG DirectAccess server, you must first install the snap-in on the local computer, as follows:

  1. On the Forefront UAG DirectAccess server, from Windows Explorer, navigate to \UAG installation directory\common\bin\da\monitoring, and copy DAUserMonitoringSnapIn.dll to your local computer.

  2. On the local computer, on the taskbar, click Start, click Run, and type the command: %windir%\Microsoft.NET\Framework64\v2.0.50727\installutil DAUserMonitoringSnapIn.dll, and then press ENTER.

    Note:
    In the above command, specify the full pathname of the DAUserMonitoringSnapIn.dll

To add and use the UAGDAUserMonitoring snap-in

  1. On the taskbar, click Start, click All Programs, click Accessories, click Windows PowerShell, and then click Windows PowerShell.

  2. From the Windows PowerShell command prompt, type Add-PSSnapin UAGDAUserMonitoring, and press ENTER.

    Note:
    If you want to automatically add the snap-in to all Windows PowerShell sessions when they start, add the snap-in to your Windows PowerShell profile. For more information, see about_Profiles(http://go.microsoft.com/fwlink/?LinkId=164602).
  3. To retrieve user and client session information, from the Windows PowerShell command prompt, type Get-DirectAccessUsers . See the following table for the available parameters.

    Parameter Name Parameter Definition Value Example

    ShowHistory

    Defines whether current or historical data is returned.

    • False—Returns current DirectAccess sessions (default).

    • True—Returns historical events.

    Get-DirectAccessUsers –ShowHistory $True

    StartTime

    When ShowHistory is set to True, this parameter defines the start time for the query output.

    Locale Time/Date format. (The default is 01/01/0001 12:00 AM.)

    Get-DirectAccessUsers –ShowHistory $True –StartTime "7/7/2009 8:56:00 AM"

    EndTime

    When ShowHistory is set to True, this parameter defines the end time for the query output.

    Locale Time/Date format. (The default is the current time.)

    Get-DirectAccessUsers –ShowHistory $True –EndTime "7/7/2009 15:36:00 PM"

    UserName

    Used to filter specific users.

    User name

    Get-DirectAccessUsers –UserName Carlos

    ClientName

    Used to filter specific client computers.

    Client computer name

    Get-DirectAccessUsers –ClientName Carlos2008RTM

    SessionID

    Each session is recorded in SQL with a Session ID (GUID). This parameter is used to filter SQL events by the SessionID.

    SessionID

    Get-DirectAccessUsers –ShowHistory $true –SessionID 91c0262c-d876-4d5e-8418-969b864d38af

    Note:
    Query results can be piped to a CSV file which can be read by using Microsoft Excel. For example Get-DirectAccessUsers | Export-Csv results.csv, exports the query result to results.csv.
  4. To retrieve the health status of your Forefront UAG DirectAccess servers, from the Windows PowerShell command prompt, type Get-DirectAccessServices.

Historical event types include: StartSession, EndSession, UserameAdded, ClientNameAdded, CertAdded, MissingCert, MissingSC, MissingHealth, GainedCorpAccess, LostCorpAccess.