15.2. Enabling Diagnostics Logging
Problem
You want to enable diagnostics event logging because the current level of logging is not providing enough information to help pinpoint the problem you are troubleshooting.
Solution
Using a graphical user interface
Run
regedit.exe
from the command line or Start → Run.In the left pane, expand HKEY_LOCAL_MACHINE → System → CurrentControlSet → Services → NTDS → Diagnostics.
In the right pane, double-click on the diagnostics logging entry you want to increase, and enter a number (0-5) based on how much you want logged.
Click OK.
Using a command-line interface
> reg add HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics /v[RETURN] "<LoggingSetting
>" /t REG_DWORD /d <0-5
>
Using VBScript
' This code sets the specified diagnostics logging level ' ------ SCRIPT CONFIGURATION ------ strDC = "<DomainControllerName
>" ' e.g. dc01 strLogSetting = "<LoggingSetting
>" ' e.g. 1 Knowledge Consistency Checker intFlag = <FlagValue
>' Flag value in decimal, e.g. 5 ' ------ END CONFIGURATION --------- const HKLM = &H80000002 strRegKey = "SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics" set objReg = GetObject("winmgmts:\\" & strDC & "\root\default:StdRegProv") objReg.SetDwordValue HKLM, strRegKey, "LogFlags", intFlag WScript.Echo "Diagnostics logging for " & strLogSetting _ & " set to " & intFlag
Discussion
A useful way to troubleshoot specific problems you are encountering with Active Directory is to increase the diagnostics logging level. Diagnostics logging ...
Get Active Directory Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.