Control enhanced event logging for Active Directory


Active Directory is complex. One can begin to have problems which are difficult
to diagnose. You can enable enhanced logging for many AD components and events:


  • Knowledge Consistency Checker
  • Inialization/Termination
  • Service Control
  • Name Resolution
  • Backup
  • LDAP Interface Events
  • Global Catalog
  • Inter-site Messaging
  • Security Events
  • ExDS Interface Events
  • MAPI Interface Events
  • Replication Events
  • Directory Access
The number of events and detailed written to the
log can be controlled. To enable verbose logging :

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\NTDS

Name: Diagnostics

Type: REG_DWORD
Set
Diagnostics=5 for maximum logging, Diagnostics=3 for medium logging,
Diagnostics=1 for minimal logging, and Diagnostics=0 for no verbose AD logging.
Be careful with the more verbose settings, they will consume resources but if
you have problems, this information can be invaluable. Reset to none or minimal
once the problem has been resolved to return to maximum performance levels.

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top