[SDP3][77b3e8c1-baf1-4bdd-94ff-3640fd9d6665] ADLDS and ADAM Troubleshooter

Applies to: Microsoft Windows XP Service Pack 3Microsoft Windows Server 2003 Service Pack 2Windows Vista Service Pack 2


This diagnostic gathers Actove Directory Application Mode (ADAM) and Active Directory Lightweight Directory Services (ADLDS) information from the system.

More Information

The manifest requires administrative access to the computer hosting LDS and have the "Administrators" role for the LDS instances and naming contexts that should be analyzed.

Information Collected

ADLDS/ADAM Diagnostics Tool
DescriptionFile name
Per-instance DCDiag{ComputerName}_Instance_dcdiag.txt
Per-instance Registry keys{ComputerName}_Instance_reg.txt
Per-instance LDAP Query Policy{ComputerName}_Instance_LdapQueryPolicy.txt
Per-instance Repadmin showreps{ComputerName}_Instance_repadmin_showreps.txt
Per-instance Repadmin replsum{ComputerName}_Instance_repadmin_replsum.txt
Per-instance Per-partition ADAM Sync Config File{ComputerName}_Instance_Partition_AdamSyncConfigFile.txt
User-selected Synchronization Log File{ComputerName}_*.zip

Event Logs - General
DescriptionFile name
Application (.csv .evtx .txt)
System (.csv .evtx .txt)
Per-instance Event Log{ComputerName}_Instance_ADAM().*
Security (.csv .evtx .txt){ComputerName}_evt_Securty.*

Functional Levels and Group Membership Information
DescriptionFile name
Group Membership and Functional Levels information via 'net.exe localgroup' commands

General Information
DescriptionFile name
Basic System Information including machine name, service pack, computer model and processor name and speed

List of User Rights (privileges) using showpriv.exe tool
List of user SID, group memberships, and privileges via the 'Whoami /all' output
Resultant Set of Policy (RSoP) generated by gpresult.exe utility
System Information - MSInfo32 tool output

Netlogon Logs
DescriptionFile name
Netlogon.bak from \Windows\Debug
Netlogon.log from \Windows\Debug

NetSetup Log
DescriptionFile name
NetSetup Log file from \Windows\Debug

Port Usage Log
DescriptionFile name
TCP and UDP port statistics

Secure Channel Info
DescriptionFile name
Cached values for Secure Channel info from Netlogon such as Secure Channel Information, Secure Channel Info and General Domain Information
{ComputerName}_Secure Channels.txt

System Security Settings
DescriptionFile name
System Security Settings from secedit.exe utility output

Whoami Log
DescriptionFile name
Whoami /all output

Winlogon Log
DescriptionFile name
Winlogon Log file from windows\security\logs

In addition to collecting the information that is described earlier, this diagnostic package can detect one or more of the following symptoms:

  • Detect Windows XP End-of-Support
  • Check for ADLDS/ADAM issues
  • Event Logs Messages
  • Check for ephemeral port usage
  • Check for ephemeral port usage
  • Check for potentially risky audit failure settings (CrashOnAuditFail)
  • Check for a possible STOP error caused by audit failure
  • Check for USN Rollback
  • Check state of Intersite Messaging service.
  • Detect if IPv6 was disabled on a domain controller
  • Detect MaxConcurrentApi NTLM bottlenecks or delays
  • Detect Certificates with Weak RSA Keys
  • Trusted Root Certificate Authority List Size Problem


For more information about the Microsoft Automated Troubleshooting Services and about the Support Diagnostics Platform, please open the following Microsoft Knowledge Base article:

2598970 Information about Microsoft Automated Troubleshooting Services and Support Diagnostic Platform