Configuring logging for adnisd

By default, the adnisd process logs errors, warnings, and informational messages in the syslog and /var/log/messages files, along with other kernel and program messages. You might find it useful to log additional details about the operation of the adnisd process for troubleshooting purposes.

To enable logging for the Centrify Network Information Service:

  1. As root, set the logging level for the Centrify Network Information Service by modifying the log.adnisd parameter in the centrifydc.conf file.

    You might also want to suppress log messages from adclient to make it easier to collect and analyze the messages that are specific to adnisd operation. For example, set the log.adnisd parameter to DEBUG to log all adnisd operations, and the log parameter for adclient to INFO or WARN to limit messages generated by the adclient process:

    log: WARN
    log.adnisd: DEBUG

    If you only want to collect diagnostic information for netgroup processing, set the log.adnisd.netgroup parameter instead of the log.adnisd parameter. For example:

    log.adnisd.netgroup: DEBUG

  2. Set the syslog facility to use for logging adnisd operations using the logger.facility.adnisd configuration parameter. This parameter enables you to log adnisd messages using a different syslog facility than the facilities used for logging general adclient messages or adclient audit messages.

    This parameter value can be any valid syslog facility. For example, set this parameter to log messages to auth (default), authpriv, daemon, security, or local0-7 facilities. For example:

    logger.facility.adnisd: auth

For performance and security reasons, only enable DEBUG logging when necessary – for example, when requested to do so by CentrifySupport, or while diagnosing a problem.

Note:   Sensitive information may be written to this file. Evaluate the contents before giving others access to it.