Directory Services Debugging

Sunday, May 18 2008 - , , , ,

While trying to troubleshoot some application issues using SSL to connect to an ADLS/ADAM instance over LDAPS, I was curious if extended logging was available.  A quick post to the ActiveDir.org mailing list provided this nugget of Active Directory goodness for future reference.

 

I thought I would post it here for my own reference, and for others.

Directory Services Debug Logging Primer

 

Upon setting the EventLogging level to 7 for the sChannel provider I now get events logged such as:

Event Type:    Information
Event Source:    Schannel
Event Category:    None
Event ID:    36880
Date:        5/15/2008
Time:        1:28:53 PM
User:        N/A
Computer:    MYSERVER
Description:
An SSL server handshake completed successfully. The negotiated cryptographic parameters are as follows.

   Protocol: TLS (SSL 3.1)
   Cipher: RC4
   Cipher strength: 128
   MAC: MD5
   Exchange: RSA
   Exchange strength: 2048

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

 

Unfortunately I would have liked to see more detail during the SSL handshake be logged, but this was a big help.

Bookmark and Share

» Trackback URL to this Post

http://jeftek.com/trackback.ashx?id=112

» Trackbacks & Pingbacks

  1. Simple bind events don't record the calling Computer as the source, but record the ADDS-DC or the ADLDS instance name, so you cannot determine where the simple bind request came from. So if you are trying to track down where the calling machine is that

    #1 Logging the source IP of simple LDAP binds — May 22, 2008 10:02 PM

1 comment(s) so far

Post your comment

Comment