This configuration parameter defines the syslog facility to use for logging diagnostic messages. Diagnostic messages are intended to help you troubleshoot operations and trace all of the LDAP, Kerberos, NTLM and RPC messages that are generated for the following tasks:

  • adjoin operations
  • adleave operations
  • lookup object operations
  • authentication operations
  • log on operations
  • password change

This parameter enables you to specify a separate syslog facilities for logging diagnostic from the facility used to log general adclient messages, adclient auditing messages, and adnisd messages. This parameter’s value can be any valid syslog facility. For example, you can set this parameter to log messages to auth, authpriv, daemon, security, or localn facilities.

The default facility is auth. For example:

logger.facility.diag: auth

You should note that diagnostic messages are only logged if you enable logging with the addebug command. If the parameter is not defined in the configuration file, the messages are logged in the default facility or the facility defined for the logger.facility.adclient parameter.