Note: Enabling Likewise logging increases the space used in
/var/log/. This should be only used while diagnosing an issue to prevent out of space issues.
ESXi 6.x
Beginning in ESXi 6.x, the logging for Likewise agents are configured using the command-line.
To view the current Likewise agent logging settings:
- Log in to the host as root using the console or SSH.
- Start the lwsmd service by running this command:
/etc/init.d/lwsmd start
- Type this command to view the current log file location:
/usr/lib/vmware/likewise/bin/lwsm get-log
- Type this command to view the current logging level:
/usr/lib/vmware/likewise/bin/lwsm get-log-level
To configure the Likewise agent logging setting:
- Log in to the host as root using the console or SSH.
- Type this command to set the log file location:
/usr/lib/vmware/likewise/bin/lwsm set-log file /var/log/likewise.log
- Type this command to set the logging level:
/usr/lib/vmware/likewise/bin/lwsm set-log-level loglevel
Note: The default logging level is info.
These are the valid logging levels:
-
- always
- error
- warning
- info
- verbose
- debug
- trace
ESX/ESXi 4.1 and ESXi 5.x
netlogond daemon
The netlogond daemon is used to join the ESXi/ESX host to the domain. If it is not running, the host does not stay connected to the domain and the Authentication Service Settings revert to Local AuthenticationAttempts to re-connect to the domain restart the daemon.
To enable logging for the netlogond daemon:
- Open the /etc/init.d/netlogond file using a text editor.
- Locate the line:
ESXi 4.1:
PROG_ARGS="--start-as-daemon "
ESXi 5.x:
PROG_ARGS="--start-as-daemon--syslog "
- Change this line to:
PROG_ARGS="--start-as-daemon --logfile /var/log/netlogond.log --loglevel debug"
Note: For ESXi, if you have a scratch partition created as per Creating a persistent scratch location for ESXi 4.x and 5.x (1033696), modify the line to:
PROG_ARGS="--start-as-daemon --logfile /scratch/log/netlogond.log --loglevel debug "
Notes:
- The logfile can be any file and the loglevel can be error, warning, info, verbose or debug.
- In ESXi 5.x, you need to copy the file for editing to /tmp (for example, using the command cp /etc/init.d/netlogond/tmp), make the appropriate changes and then copy the file back to the original location.
- If the netlogond service is running when the /etc/init.d/netlogond file is modified, it needs to be restarted with the command /etc/init.d/netlogond restart.
lwiod daemon
The lwiod daemon is an SMB client driver. It is responsible for allowing communication between the ESXi/ESX host and the Active Directory domain controller.
To enable logging for the lwiod daemon:
- Open the /etc/init.d/lwiod file using the text editor.
- Locate the line:
ESXi 4.1:
PROG_ARGS="--start-as-daemon"
ESXi 5.x
PROG_ARGS="--start-as-daemon--syslog "
- Change this line to:
PROG_ARGS="--start-as-daemon --logfile /var/log/lwiod.log --loglevel trace"
Note: For ESXi, if you have a scratch partition created as per Creating a persistent scratch location for ESXi 4.x and 5.x (1033696), modify the line to:
PROG_ARGS="--start-as-daemon --logfile /scratch/log/lwiod.log --loglevel trace "
Notes:
- The logfile can be any file and the loglevel can be error, warning, info, verbose, trace or debug.
- In ESXi 5.x, you need to copy the file for editing to /tmp (for example, using the command cp /etc/init.d/netlogond/tmp), make the appropriate changes and then copy the file back to the original location.
Note: If the lwiod service is running when the /etc/init.d/lwiod file is modified, it needs to be restarted with the command /etc/init.d/lwiod restart.
lsassd daemon
The lsassd daemon allows one to select the Active Directory domain for users when creating permissions on ESXi/ESX. It is also responsible for some login behavior when Active Directory users log in to an ESXi/ESX host at the console or via SSH. If it is not running, no Active Directory users can log in to the system (via the vSphere Client, console or SSH) and only local users can be assigned permissions.
To enable logging for the lsassd daemon:
- Open this /etc/init.d/lsassd script file using a text editor.
-
Locate the line:
For ESXi 4.1:
PROG_ARGS="--start-as-daemon "
For ESXi 5.x:
PROG_ARGS="--start-as-daemon --syslog"
-
Change this line to:
For ESXi 4.1:
PROG_ARGS="--start-as-daemon --logfile /var/log/lsassd.log --loglevel trace "
For ESXi 5.x:
In ESXi 5.x, default directory for logging is /var/log/. If you reference /var/log/vmwar ethe log capture will NOT get the vmware directory and must either capture the file manually or just re-route it to the /var/logdirectory.
PROG_ARGS="--start-as-daemon --logfile /var/log/lsassd.log --loglevel trace"
-
Restart the daemons in this order:
/etc/init.d/netlogond restart
/etc/init.d/lwiod restart
/etc/init.d/lsassd restart
Notes:
- The logfile can be any file and the loglevel can be error, warning, info, verbose, trace or debug.
- In ESXi, if you have a scratch partition created as per Creating a persistent scratch location for ESXi 4.x and 5.x (1033696), modify the line to:
PROG_ARGS="--start-as-daemon --logfile /scratch/log/lsassd.log --loglevel trace "
- In ESXi 5.x, you need to copy the file for editing to /tmp (for example, using the command cp /etc/init.d/netlogond /tmp), make the appropriate changes, and then copy the file back to the original location.
Notes: