How to enable LDAP debug for troubleshooting authentication issues on Security Analytics (Solera)

book

Article ID: 168546

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

If you are having LDAP authentication issues, it may be necessary to enable more verbose debug logging for LDAP.  

Resolution

To enable LDAP debug logging, do the following.

1.  Log in to the Security Analytics appliance as root via SSH
2.  Create a temp directory where the log files will be stored:  mkdir /home/ldap_logs
3.  Make a backup of the ldap.conf file:  cp /etc/ldap.conf /etc/ldap.conf.bak
4.  edit the /etc/ldap.conf file using a text editor such as vi
5.  At the bottom of the file, add the following two lines:

debug 9
logdir /home/ldap_logs


6.  Save the file.
7.  Attempt to log in via LDAP and then confirm that there are logs in the /home/ldap_logs directory
8.  Modify the /etc/ldap.conf file and remove the two lines  (If you don't do this, it will generate many log files and potentially fill the filesystem)
9.  Zip up the ldap_logs directory and be ready to send the log files to Blue Coat support for further analysis.