To turn on LDAP client tracing, follow these steps:
- Create the following registry subkey:
In this subkey, <ProcessName> is the full name of the process that you want to trace, including its extension. For example: "ldp.exe." Inside this subkey, you can place an optional entry that is named "PID" and that has a DWORD value. If you set the value to a process ID, only the instance of the application that has this process ID will be traced.
If you don’t have such a registry subkey for at least one process, the trace file will not contain data.
- To start a tracing session, run the following command at a command prompt:
logman create trace "ds_ds" -ow -o c:\ds_ds.etl -p "Microsoft-Windows-LDAP-Client" 0x1a59afa3 0xff -nb 16 16 -bs 1024 -mode Circular -f bincirc -max 4096 -ets
In this command, "0x1a59afa3" is a trace flag. Such flags control what information gets recorded, and the verbosity of data. You can use individual flags or combine bit values to specify multiple flags simultaneously. For common tracing scenarios, the following flag combinations are useful:
- 0x1A59AFA3. Log settings that should get the information that you require most of the time.
- 0x18180380. Get information specifically on connection establishment problems.
- 0x1bddbf73. Verbose session information.
- Reproduce the behavior that you want to investigate.
- To stop the tracing session, run the following command:
logman stop "ds_ds" -ets
To view the trace as text, use the netsh tool to decode the ETL file as a .txt file, as follows:
netsh trace convert input=c:\ds_ds.etl output=LDAP_CLIENT-formatted.txt
For more information about netsh trace convert, see the netsh trace convert help. To do this, enter netsh trace convert /? at the command prompt.