Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-0547: How to Collect Debug Logs from a DB2 server with the Centrify App Server Plug-in

Centrify DirectControl ,   Centrify DirectControl Plugins ,  

5 October,16 at 05:26 PM

Question: 
 
How to enable DB2 diagnostic logs and get matching Centrify logs/config files? 
 
On the DB2 server running Centrify DB2 plugin, enable debugging for Centrify DirectControl and the DB2 logging
as shown below:

1) As root:
# /usr/share/centrifydc/bin/addebug on 
# /usr/share/centrifydc/bin/addebug clear
 
2) As  DB2 admin:
 
$ db2 update dbm config using diaglevel 4
$ db2 update dbm config using notifylevel 4
$ db2stop
$ db2start
 
This will now cause DB2 to print out all messages that the Centrify plugins tells it to print out. The messages will be
printed out to the DB2 log located at: <instanceHome>/sqllib/db2dump/db2diag.log. 
 
All plugin error messages contain the name of the plugin that they come from.
 
Please remember to revert back to diaglevel and notifylevel 3 after issue is reproduced.
 
3)  db2 get dbm config > /tmp/db2config.txt
 
4) Attempt db2 connect and let it fail. Note down the **exact error message**
 
5) Turn off addebug
# /usr/share/centrifydc/bin/addebug off
 
6) Collect user information:

If using an AD account, run
a) adquery user <AD username> -A > /tmp/adquery.txt
b) dzinfo <AD username> -A > /tmp/dzinfo.txt
 
If using a local account:
a) grep <local username>  /etc/passwd > /tmp/localuser
b) grep <local username> /etc/group > /tmp/group
 
7)  Tar up environment variables and log:
# adinfo -t
 
8) Email or ftp support the following files.
 
a) <instanceHome>/sqllib/db2dump/db2diag.log. 
b) error message from step 4
c) /tmp/db2config.txt
d) /tmp/adquery.txt
e) /tmp/dzinfo.txt
f) /tmp/localuser
g) /tmp/group
h)  /var/centrify/tmp/adinfo_support.tar.gz

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

 articleKB-1956: SQL30082N Security processing failed with reason "15" ("Processing Failure"). articleKB-0062: How to Collect Debug Logs from a DirectControl Agent articleKB-6191: Centrify DB2 plug-in compatibility with DB2 10.5.x version articleKB-0446: How to Collect Debug Logs from a Samba Server articleKB-2137: How to Collect Debug Logs from a Centrify NIS Server (adnisd) articleKB-3925: How to add Centrify parameter to a group policy articleKB-3285: How to Collect Debug Logs from an OpenSSH Server articleKB-6073: How to join the Linux/Unix Centrify Server to Active Directory with specific Computer Role? articleKB-7555: Unable to login as root after upgrade to Centrify Suite 2016 (CDC 5.3.0)