Directory Services Debugging

While trying to troubleshoot some application issues using SSL to connect to an ADLS/ADAM instance over LDAPS, I was curious if extended logging was available.  A quick post to the ActiveDir.org mailing list provided this nugget of Active Directory goodness for future reference.

 

I thought I would post it here for my own reference, and for others.

Directory Services Debug Logging Primer

 

Upon setting the EventLogging level to 7 for the sChannel provider I now get events logged such as:

Event Type:    Information
Event Source:    Schannel
Event Category:    None
Event ID:    36880
Date:        5/15/2008
Time:        1:28:53 PM
User:        N/A
Computer:    MYSERVER
Description:
An SSL server handshake completed successfully. The negotiated cryptographic parameters are as follows.

   Protocol: TLS (SSL 3.1)
   Cipher: RC4
   Cipher strength: 128
   MAC: MD5
   Exchange: RSA
   Exchange strength: 2048

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

 

Unfortunately I would have liked to see more detail during the SSL handshake be logged, but this was a big help.

Comments on this entry are closed.

  • http://jeftek.com/229/logging-the-source-ip-of-simple-ldap-binds// Logging the source I

    RE: Directory Services Debugging

    Simple bind events don't record the calling Computer as the source, but record the ADDS-DC or the ADLDS instance name, so you cannot determine where the simple bind request came from. So if you are trying to track down where the calling machine is that

  • http://jeftek.com/229/logging-the-source-ip-of-simple-ldap-binds// Logging the source I

    RE: Directory Services Debugging
    Simple bind events don't record the calling Computer as the source, but record the ADDS-DC or the ADLDS instance name, so you cannot determine where the simple bind request came from. So if you are trying to track down where the calling machine is that

  • Pingback: Logging the source IP of simple LDAP binds | JefTek.com()

%d bloggers like this: