#Useful: http://support.microsoft.com/kb/262177
#Read the state of the Kerberos Loggin Registry Key
Get-ItemProperty -Path hklm:\\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters\ -Name LogLevel
#Turn on Kerberos Logging
Set-ItemProperty -Path hklm:\\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters\ -Name LogLevel -Value 1
#Turn Kerberos Logging off
#The KB Article said to turn it off so that performance was not adversely affected after the logging was obtained.
Set-ItemProperty -Path hklm:\\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters\ -Name LogLevel -Value 0
#Retrieve Event Log Entries related to Kerberos
Get-EventLog System | Where { $_.Source -eq "Kerberos" }
Friday, November 19, 2010
Kerberos Logging
I recently encountered a bug in a program that was using a Vb6 COM object to call the MAPI COM objects. There was very little information about what the problem was - no logging, nothing in the event log. The problem though, was a Kerberos authentication failure. I had to turn on Kerberos logging before I could see it. This powershell script is useful for doing that:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment