Recipe 15.2 Enabling Diagnostics Logging
15.2.1 Problem
You want to enable diagnostics
event
logging because the current level of logging is not providing enough
information to help pinpoint the problem you are troubleshooting.
15.2.2 Solution
15.2.2.1 Using a graphical user interface
Run regedit.exe from the command line or Start
Run. In the left pane, expand HKEY_LOCAL_MACHINE System
CurrentControlSet Services NTDS
Diagnostics. In the right pane, double-click on the diagnostics logging entry you
want to increase, and enter a number (0-5) based on how much you want
logged. Click OK.
15.2.2.2 Using a command-line interface
> reg add HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics /v[RETURN]
"<LoggingSetting>" /t REG_DWORD /d <0-5>
15.2.2.3 Using VBScript
' This code sets the specified diagnostics logging level
' ------ SCRIPT CONFIGURATION ------
strDC = "<DomainControllerName>" ' e.g. dc01
strLogSetting = "<LoggingSetting>" ' e.g. 1 Knowledge Consistency Checker
intFlag = <FlagValue> ' Flag value in decimal, e.g. 5
' ------ END CONFIGURATION ---------
const HKLM = &H80000002
strRegKey = "SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics"
set objReg = GetObject("winmgmts:\\" & strDC & "\root\default:StdRegProv")
objReg.SetDwordValue HKLM, strRegKey, "LogFlags", intFlag
WScript.Echo "Diagnostics logging for " & strLogSetting _
& " set to " & intFlag
15.2.3 Discussion
A useful way to troubleshoot specific problems you are encountering
with Active Directory is to increase the diagnostics logging level.
Diagnostics logging can be enabled by component. For example, if you
determine the Knowledge Consistency Checker (KCC) is not completing
every 15 minutes, you can enable diagnostics logging for the
"1 Knowledge Consistency Checker"
setting.
These settings are stored under
HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics.
By default, all settings are set to 0, which disables
diagnostic logging, but you can increase it by setting it to a number
from 1 through 5. As a general rule, a value of 1 is used for minimum
logging, 3 for medium logging, and 5 for maximum logging. It is a
good practice to ease your way up to 5 because some diagnostics
logging settings can generate a bunch of events in the event log,
which may make it difficult to read, along with increasing resource
utilization on the domain controller.
Here is the complete list of diagnostics logging settings for Windows
Server 2003. Note that settings 20-24 are not available on Windows
2000-based domain controllers.
1 Knowledge Consistency Checker
2 Security Events
3 ExDS Interface Events
4 MAPI Interface Events
5 Replication Events
6 Garbage Collection
7 Internal Configuration
8 Directory Access
9 Internal Processing
10 Performance Counters
11 Initialization/Termination
12 Service Control
13 Name Resolution
14 Backup
15 Field Engineering
16 LDAP Interface Events
17 Setup
18 Global Catalog
19 Inter-site Messaging
20 Group Caching
21 Linked-Value Replication
22 DS RPC Client
23 DS RPC Server
24 DS Schema
15.2.4 See Also
MS KB 220940 (How to Enable Diagnostic Event
Logging for Active Directory Services)
|