Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-0446: How to Collect Debug Logs from a Samba Server

Centrify DirectControl ,   Centrify DirectControl Plugins ,  

17 September,16 at 12:52 AM

Applies To: All versions of Centrify DirectControl-enabled Samba and stock Samba


Question:
What is the process to collect debug Logs from a Samba Server?

Answer:
Please do the following as root or sudo:

1. Login to the samba server and run where username is the Centrify user who is attempting access to the Samba server.

# adquery user -A <sambausername> > /tmp/adquery.txt
# smbclient -k -L <hostname> (this command will list Samba shares)

2. Using your favorite editor, edit the /etc/samba/smb.conf to include the following lines in the [globals] section as follows: 

[globals] 
...
log level = 10 
log file = /var/log/samba/smb.log 
max log size = 0 

3. Run below command after saving the changes to verify any syntax errors in smb.conf:

# testparm

4. Restart Samba to get it to pick up the smb.conf changes right away by running: 

# /etc/init.d/smb restart 

5.  Turn on debug:

# /usr/share/centrifydc/bin/addebug on 
# /usr/share/centrifydc/bin/addebug clear 

6.  For troubleshooting Samba issues from Windows,  you need a tool like Wireshark. If you do not have it, please download it from the below location. Note: wireshark is NOT a Centrify tool.

http://www.wireshark.org/download.html

7. Log out of Windows and login again or simply lock and unlock to get a new Kerberos ticket. Start a network capture using Wireshark. Attempt access to the share in question and let it fail and note down the username.

8. Run the following command:

# adinfo -t

9. Turn off debug on Centrify-enabled Samba server:

# /usr/share/centrifydc/bin/addebug off 

10. Send in the following by email or ftp:

a. /var/centrify/tmp/adinfo_support.tar.gz
b. tar of /var/log/samba/ 
c. /etc/samba/smb.conf 
d. /tmp/adquery.txt
e. network trace from Windows. Save it with an extension of pcap. 

11. Revert changes

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.