Help with debugging

During the course of installing and maintaining Microsoft's Windows 2000, you may often find yourself wandering through the Event Viewer, looking for errors or some hint to help you understand a problem. The Event Viewer is a very useful tool for security checking too, but it isn't the only place to find helpful information. In fact, much more detailed information can often be found in log files in your Ssystemroot%Debug directory.

If you browse to this directory, you will likely find a number of files that can provide security-related information, but your list will vary depending on what services you've installed. Some popular files are listed below:

Netsetup.log shows what happened whenever you try to join domains.

Userenv.log shows user profile and Group Policy information.

PASSWD.log shows information about local accounts. This file can be interesting because it often shows automated changes to system accounts.

ipsecpa.log shows information about IPSec activity. More related key negotiation information can be found in Oakley.log as well.

Depending on what you have installed, you may also see several log files related to Active Directory. You may also have a number of these files but they may be empty, with a file size of zero bytes. If you are using a service heavily and still have a file size of zero bytes, you may need to enable debugging. You may have to search for individual instructions on how

Requires Free Membership to View

to do this for each log, but as an example, to enable logging for the Oakley.log file, you must delve into your system registry once again.

Navigate to the HKLMSYSTEMCurrentControlSetServicesPolicyAgent and then create a key called Oakley. Inside that key, create an entry named EnableLogging and give it a REG_DWORD value of 1. You'll need to restart your IPSec service (or simply reboot) for this to take effect.

Thomas Alexander Lancaster IV is a consultant and author with over ten years experience in the networking industry, focused on Internet infrastructure.

This was first published in June 2002

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.