Overview#
Often we find ourselves digging through a Ndstrace Log Searches log files looking for that proverbial needle.We found these Ndstrace Log Searches that seem to work pretty well in assisting.
LDAP Entry Operations#
- add Request - grep for "add: dn '
- modify Request - grep for "modify: dn '
- delete Request - grep for "delete: dn '
- modifyDNRequest - grep for "DoModifyDN: dn ' (Why is this one not all lower case?)
- add Request - grep for "add: dn (cn=jwilleke,ou=people,dc=example,dc=com)'
modify Request Attribute Operations#
- add - grep for "add: <attribute-Name>'
- delete - grep for "delete: <attribute-Name>'
- replace - grep for "replace: <attribute-Name>'
searchRequest#
- grep for "Search Request:' - The lines following this will be the full request.
- find specific attribute being searched for - grep for 'attribute: <attribute-Name>'
- find specific LDAP SearchFilter - grep for 'filter: <(specificFilter)>'
LDAP Result Codes#
To find generic LDAP Result Codes which are not LDAP_SUCCESS grep for 'NDS error:'These can be more specific to find only the desired NDS error by using:
- LDAP_INVALID_CREDENTIALS - ' Sending operation result 49'
- LDAP_NO_SUCH_OBJECT - ' Sending operation result 32'
- and so on.
Bind Request specific LDAP Result Codes#
- LDAP_INVALID_CREDENTIALS - ' Sending operation result 49'
- LDAP_INVALID_CREDENTIALS - ' bad password'
- LDAP_INVALID_CREDENTIALS - ' failed authentication' - All other bind errors
- grep for "password expired' - Results where the password was expired