This is supported on Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2. Apparently it might also work with a checked build of lsasrv.dll on Windows XP.
Steps to enable SPNego Logging:
Save the below text with .reg file extension and then execute the file to import its contents into registry. This would create lsass.log file under %windir%\system32 directory.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
“SPMInfoLevel”=dword:0000101F
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
“LogToFile”=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos]
“LogToFile”=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters]
“LogToFile”=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters]
“LogLevel”=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos]
“LogLevel”=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\]
“NegEventMask”=dword:0000000F
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters]
“LogLevel”=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos]
“LogLevel”=dword:00000001
I would recommend making a backup of those keys before hand, since you will want to turn off this logging after you have resolved your issue.
This is the first I have heard of this key “SPMInfoLevel”, and unfortunately searching around, the above post is the only reference I find for it. If anyone comes across more information on it, please post a comment.
This is supported on Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.
- spam
- offensive
- disagree
- off topic
Like