[Samba] samba log level: ldap log file remains empty
Kees van Vloten
keesvanvloten at gmail.com
Mon Nov 25 10:44:28 UTC 2024
Op 25-11-2024 om 11:35 schreef Rowland Penny via samba:
> On Mon, 25 Nov 2024 09:48:19 +0000
> "Hoefle, Marco \(Avnet Silica\) via samba" <samba at lists.samba.org>
> wrote:
>
>> Hello,
>> I have different services using ldap for user/passwd queries. I am
>> using the LDAP server integrated in the samba domain controller. For
>> debugging and login attempts I wanted to have all requests in a
>> separate log file. I am using the 2:4.19.5+dfsg-4ubuntu9 (standard
>> ubuntu 24.04 package) samba package.
>>
>>
>> This is the relevant samba dc config:
>>
>> server role = active directory domain controller
>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
>> drepl, winbindd, ntp_signd, kcc, dnsupdate workgroup = TRAUTES
>> idmap_ldb:use rfc2307 = yes
>> allow dns updates = nonsecure and secure
>> log level = 2
>> auth_json_audit:3@/var/log/samba/domain_join.log
>> ldap:10@/var/log/samba/ldap.log auth:5 passdb:5 rpc_srv:5 rpc_parse:5
>> dnsupdate:10@/var/log/samba/dnsupdate.log log file =
>> /var/log/samba/log.%m
>>
>> The domain join log file ( /var/log/samba/domain_join.log) is created
>> and works (I see each domain join approach). The LDAP queries are not
>> in the file. /var/log/samba/ldap.log is created but remains empty
>> even after a successful LDAP query.
>>
>> Generally, I cannot see any ldap requests in the other log files
>> either.
> Sorry, but this is because there is no 'ldap' debug class. If you read
> 'man smb.conf' under 'log level', you will find a full list of
> available debug classes. There is 'ldb' if you can use the ldb-tools
> instead (note: this may work with ldapsearch etc, but I haven't tried
> it.).
In 4.21 there is "ldapsrv" to log ldap queries.
- Kees.
>
> Rowland
>
More information about the samba
mailing list