Sometimes we end up clueless while troubleshooting AD related issues. Event log doesn’t say anything and there are no error/warning messages on DC or at client side. To troubleshoot this kind of problems, increasing the Active directory diagnostic logging levels is very helpful. There are 5 levels(0-none, 1-minimal, 2-basic, 3-extensive, 4-verbose, 5-internal) of logging for each of below category and they writes the detailed events to “Directory Services” log of event viewer.
1 Knowledge Consistency Checker (KCC)
2 Security Events
3 ExDS Interface Events
4 MAPI Interface Events
5 Replication Events
6 Garbage Collection
7 Internal Configuration
8 Directory Access
9 Internal Processing
10 Performance Counters
11 Initialization/Termination
12 Service Control
13 Name Resolution
14 Backup
15 Field Engineering
16 LDAP Interface Events
17 Setup
18 Global Catalog
19 Inter-site Messaging
New to Windows Server 2003:
20 Group Caching
21 Linked-Value Replication
22 DS RPC Client
23 DS RPC Server
24 DS Schema
You can refer to http://support.microsoft.com/kb/314980 for more details on how to enable this logging.
Happy Learning..
Sitaram Pamarthi