Steps to Turn on Directory time and query logging
search cancel

Steps to Turn on Directory time and query logging

book

Article ID: 48955

calendar_today

Updated On:

Products

CA Directory CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER CA Service Management - Service Desk Manager CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) Workload Automation Agent CA Process Automation Base

Issue/Introduction

This document shows you step by step how to turn on Directory time and query logging, which is helpful in troubleshooting connections problems

 

Environment

Release:
Component: ETEIAM

Resolution

Steps to Turn on Directory time and query logging Windows

The CA Directory is commonly setup as a router/dxlink to connect to multiple LDAP or AD's as a remote user store. So if you want to capture the specific problem details of that connection you will need to enable logging on the CA Directory router and then restart the Directory router dsa.

Then recreate the problem to capture the details of the problem to see what CA directory is doing at the time of the issue.

One very helpful method to troubleshoot login delays is to use the time and query log level on the CA Directory router/dxlink connection to a remote LDAP/AD. Below we show how to turn this on for troubleshooting login or search delays against the remote LDAP or AD.

This CA Directory logging can be changed in the
../dxserver/config/logging/default.dxc file by changing the line
set trace = error;
Change to
set trace = time,query;

See below EXAMPLE:
# DSA trace log - Used for debugging
set trace-log = "logs/$s_trace.log";
set trace = time,query;

 

Optionally you could create a log to store each specific log type by adding these lines as well.
set time-log = "logs/$s_time.log";
set query-log = "logs/$s_query.log";

 

Once this is set in the file the CA Directory router service needs to be restarted or re-initialized to take effect. You can use the command below to have Directory re-read its configuration files and start the logging set.

dxserver init all

Once the servicer are restarted or reinitialized you will find that there are 2 new log files in the log folder

Router_time_date.log
Router_query_Date.log

 

Note: If you are on Unix you will first need to su to the dsa user (or Directory service user defined in your install).

su - dsa

Before testing the problem please note the time and recreate the problem.

Once the problem happens capture the logs in the folder below with the current date.
C:\Program Files\CA\Directory\dxserver\logs

Then remember to turn off the time and query logging with the steps below so you do not fill up all the disk space.

This trace logging can be changed in the
../dxserver/config/logging/default.dxc file by changing the line
set trace = time,query;
Change to
set trace = error;

See below EXAMPLE:
# DSA trace log - Used for debugging
set trace-log = "logs/$s_trace.log";
set trace = error;

 

Once this is set in the file the Directory service needs to be re-initialized or restarted again to take effect.
You can use the command below to have Directory re-read its configuration files and reset the logging to default error level.

dxserver init all

Note: If you are on Unix you will first need to su to the dsa user (or Directory service user defined in your install).

su - dsa

Powered by Wolken Software