Wednesday, December 3, 2008

How to configure Active Directory diagnostic event logging in Windows

Active Directory records events to the Directory Services log of Event Viewer. You can use the information that is collected in the log to help you diagnose and resolve possible problems or monitor the activity of Active Directory-related events on your server. By default, Active Directory records only critical events and error events in the Directory Service log. To configure Active Directory to record other events, you must increase the logging level by editing the registry.

314980 How to configure Active Directory diagnostic event logging in Windows
http://support.microsoft.com/?id=314980 

Value Path: HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics
Each of the following REG_DWORD values under the Diagnostics subkey represent a type of event that can be written to the event log:
Value Names: 
1 Knowledge Consistency Checker
2 Security Events
3 ExDS Interface Events
4 MAPI Interface Events
5 Replication Events
6 Garbage Collection
7 Internal Configuration
8 Directory Access
9 Internal Processing
10 Performance Counters
11 Initialization/Termination
12 Service Control
13 Name Resolution
14 Backup
15 Field Engineering
16 LDAP Interface Events
17 Setup
18 Global Catalog
19 Inter-site Messaging
The following values are valid only on Windows Server 2003:
20 Group Caching
21 Linked-Value Replication
22 DS RPC Client
23 DS RPC Server
24 DS Schema
Value Type: REG_DWORD
Value Data: <0-5>
Output: Directory Services Event Log
  















Labels: