Environment
Novell Open Enterprise Server 2 (OES 2) Linux
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 1
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 2
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Novell eDirectory 8.8 for Linux
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 1
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 2
Novell Open Enterprise Server 2 (OES 2) Linux Support Pack 3
Novell eDirectory 8.8 for Linux
Situation
If you need to take an LDAP trace to troubleshoot authentication issues etc, here is a basic guide to set it up and take the trace:
Resolution
1. In ConsoleOne, iManager or terminal window on a linux server edit the LDAP server properties of the server you want to trace.
ConsoleOne:
a. Open the properties of the LDAP server object.
b. Go to the Screen Options tab.
c. Check every check box except for "Packet Dump or Decoding", apply changes.
d. Go back to the General tab and click "Refresh NLDAP Server Now"
iManager:
a. Expand LDAP
b. Select LDAP Options
c. Click View LDAP Servers Tab
d. Select the server the trace will be taken on.
e. Go to the Tracing Tab
f. Check every check box except for "Packet Dump or Decoding", apply changes.
g. Go to Information tab and click the Refresh button.
Terminal window on a linux server running eDirectory you want to trace LDAP on.
a. Execute the following command: ldapconfig set "LDAP Screen Level=all"
2. Open a Putty session to the server or a terminal window if on the server.
3. Expand the window a bit so you will be able to see all of the ndstrace options in the following steps:
a. Go to /var/opt/novell/eDirectory/log and rename or delete ndstrace.log if it exists.
b. namconfig get (save this output to a text file to send to engineer)
c. date (make note of the time on the server before running the trace)
d. load ndstrace by typing ndstrace at the prompt.
Enter the following commands at the ndstrace prompt in the following order (pressing enter after each)
1. set ndstrace =nodebug
2. ndstrace (at this point none of the debug options should be blue)
3. ndstrace +time +tags +ldap (at his point only time, tags, and ldap should be blue)
4. ndstrace fmax=6000000 (at the top of the ndstrace screen you should now see File Size: 0 (MAX: 6000000) *note* you can set size to what you want but usually 6MB is adequate.
5. ndstrace on
6. rcndsd restart (this reloads eDirectory, so user services may be interrupted)
7. Reproduce the problem
8. ndstrace off
4. Grab the ndstrace.log (var/opt/novell/eDirectory/log), text output of namconfig get, and the time recorded before the trace for evaluation, along with any other pertinent information such as UserID and Workstation IP used in the test.
ConsoleOne:
a. Open the properties of the LDAP server object.
b. Go to the Screen Options tab.
c. Check every check box except for "Packet Dump or Decoding", apply changes.
d. Go back to the General tab and click "Refresh NLDAP Server Now"
iManager:
a. Expand LDAP
b. Select LDAP Options
c. Click View LDAP Servers Tab
d. Select the server the trace will be taken on.
e. Go to the Tracing Tab
f. Check every check box except for "Packet Dump or Decoding", apply changes.
g. Go to Information tab and click the Refresh button.
Terminal window on a linux server running eDirectory you want to trace LDAP on.
a. Execute the following command: ldapconfig set "LDAP Screen Level=all"
2. Open a Putty session to the server or a terminal window if on the server.
3. Expand the window a bit so you will be able to see all of the ndstrace options in the following steps:
a. Go to /var/opt/novell/eDirectory/log and rename or delete ndstrace.log if it exists.
b. namconfig get (save this output to a text file to send to engineer)
c. date (make note of the time on the server before running the trace)
d. load ndstrace by typing ndstrace at the prompt.
Enter the following commands at the ndstrace prompt in the following order (pressing enter after each)
1. set ndstrace =nodebug
2. ndstrace (at this point none of the debug options should be blue)
3. ndstrace +time +tags +ldap (at his point only time, tags, and ldap should be blue)
4. ndstrace fmax=6000000 (at the top of the ndstrace screen you should now see File Size: 0 (MAX: 6000000) *note* you can set size to what you want but usually 6MB is adequate.
5. ndstrace on
6. rcndsd restart (this reloads eDirectory, so user services may be interrupted)
7. Reproduce the problem
8. ndstrace off
4. Grab the ndstrace.log (var/opt/novell/eDirectory/log), text output of namconfig get, and the time recorded before the trace for evaluation, along with any other pertinent information such as UserID and Workstation IP used in the test.