Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-1906: How to turn debugging on for DirectSecure/Racoon ?

DirectSecure ,  

12 April,16 at 11:02 AM

Applies to: All versions of DirectSecure

Question:

How to turn debugging on for DirectSecure/Racoon?

Answer:

The adsec command enables you to get information about, as well as manage the IPsec configuration on a UNIX computer.

The basic syntax for adsec is:

adsec [--certs] [--debug [on | off]] [--disable] [--enable] [--flush [sa | sp | all]] [--ikeinfo] [--info] [--policy] [--reload] [--reset] [--sainfo] [--spinfo] [--status] [--support] [--version]

To run a debug,

As root, running "/usr/sbin/adsec --debug on or /usr/sbin/adsec -g" will turn on DirectSecure debug. Debugging information is sent to the /var/log/centrify-racoon.log file.
Turning on debugging with this parameter, sets racoon debugging to verbose and updates the /etc/sysconfig/centrify-racoon configuration file with changes to RACOON_OPTS.

Note: Sometimes, the /var/log/centrify-racoon.log file can be empty. Neither re-starting racoon or generating traffic will help. When you turn on debugging, adsec debug makes changes to /etc/rsyslog.conf ( if it exists ) instead of /etc/syslog.conf

If rsyslogd is running, the debug messages gets written into /var/log/messages otherwise none gets written into /var/log/centrify-racoon log.

Workaround:

1) Turn off debug: # /usr/sbin/adsec --debug off

2) Rename /etc/rsyslog.conf: # mv /etc/rsyslog.conf /etc/rsyslog.conf.bak

3) Turn on debug again:  # /usr/sbin/adsec --debug on

Now you should see logs growing in /var/log/centrify-racoon.log.

Related Articles

 articleKB-0062: How to Collect Debug Logs from a DirectControl Agent articleKB-3285: How to Collect Debug Logs from an OpenSSH Server articleKB-0446: How to Collect Debug Logs from a Samba Server articleKB-1384: Why are debug messages getting logged into /var/log/centrifydc_client.log even though adclient debugging is turned off. articleKB-0564: How to Collect Debug Logs from a DirectAudit Agent articleKB-6041: How to show current license type in use by adclient articleKB-6040: How to change the license type in use after adclient successful joined to the AD? articleKB-1483: How to enable debugging for Weblogic 10.3 Managed & Admin servers articleKB-0547: How to Collect Debug Logs from a DB2 server with the Centrify App Server Plug-in