How to take an ExTRA trace of Exchange setup

This blog post is mainly for us Exchange support engineers but I like to surface things externally because it's easier to search and link to. This blog post is heavily inspired by https://blogs.technet.com/b/mikelag/archive/2008/08/22/how-to-enable-store-pfd-tracing-upon-reboot.aspx.

With Exchange 2007 and onwards, debug code tracing is logged to the ETW provider GUID 79BB49E6-2A2C-46E4-9167-FA122525D540. When you install Exchange, this ETW provider is registered formally and the GUI ExTRA application works. However, we can still manually do capture an ExTRA trace even if Exchange is not installed; the most common use would be setup issues.

1. Launch an administrative command prompt.
2. Create the c:\tracing folder.
3. Create the trace:
   1. logman create trace ExchangeDebugTraces -p {79bb49e6-2a2c-46e4-9167-fa122525d540} -nb 128 256 -bs 128 -o c:\tracing\ExchangeDebugTraces
4. Create the trace configuration file at C:\EnabledTraces.Config and put in what you need. Its content will look something like this:
   1. TraceLevels:Debug,Warning,Error,Fatal,Info,Performance,Function,Pfd
      ADProvider:Connection,ConnectionDetails,GetConnection,ADFind,DirectoryException
      Setup:Trace
      TopologyService:SuitabilityVerifier
      FilteredTracing:No
      InMemoryTracing:No
5. Start the trace:
   1. logman start ExchangeDebugTraces
6. Reproduce the issue.
7. Stop the trace:
   1. logman stop ExchangeDebugTraces
8. Parse the trace ETLs with extrace.exe. Remember to use the proper version of Microsoft.Exchange.Diagnostics.dll for proper parsing.

Cheers,

Matt