Sunday, November 22, 2009

How to Enable NETLOGON Logging

When you troubleshoot authentication problems, analyzing the Netlogon service log files can be useful.

Public URL: 109626 Enabling debug logging for the Net Logon service

http://support.microsoft.com/?id=109626

Value Path: HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\ParametersValue Name: DBFlagValue Type: REG_SZValue Data: 0x2080FFFF (hex)
Note: As an alternate method, you can set the dbflag without using the registry. To do this run the following command from a command prompt:
nltest /dbflag:0x2080ffff
After you finish debugging, you can run the "nltest /dbflag:0x0" (without the quotation marks) command from a command prompt to reset the debug flag to 0.
Output: %systemroot%\debug\netlogon.log