If you are having LDAP authentication issues, it may be necessary to enable more verbose debug logging for LDAP.
To enable LDAP debug logging, do the following.
1. Log in to the Security Analytics appliance as root via SSH
2. Create a temp directory where the log files will be stored:
mkdir /home/ldap_logs 3. Make a backup of the ldap.conf file:
cp /etc/ldap.conf /etc/ldap.conf.bak 4. edit the /etc/ldap.conf file using a text editor such as vi
5. At the bottom of the file, add the following two lines:
debug 9 logdir /home/ldap_logs
6. Save the file.
7. Attempt to log in via LDAP and then confirm that there are logs in the /home/ldap_logs directory
8. Modify the /etc/ldap.conf file and remove the two lines (If you don't do this, it will generate many log files and potentially fill the filesystem)
9. Zip up the ldap_logs directory and be ready to send the log files to Blue Coat support for further analysis.
Imported Document ID: 000024497
Subscribing will provide email updates when this Article is updated. Login is required.