It's all about the answers!

Ask a question

LDAP monitoring/debug question


Sterling Ferguson-II (1.6k8279269) | asked Apr 18 '16, 9:51 a.m.
CLM 601

I was looking at this article:

https://jazz.net/wiki/bin/view/Deployment/WhyIsMyAuthenticationSlow

There is a section:

You can turn on LDAP query trace from the Jazz Team Server to see if any of the responses are delayed. The trace is contained under the LDAP section in the log4j.properties file, located in
..server/conf/jts/log4j.properties 
	
To enable it, remove the # side from the beginning of the log4j.logger line.
#Turn on query trace against the LDAP server 
#log4j.logger.com.ibm.team.repository.service.jts.internal.userregistry.ldap.LDAPUserRegistry=DEBUG 
	
OK,

So after that is done, it does not say what happens or what I should be doing...anyone know?

2 answers



permanent link
Donald Nong (14.5k414) | answered Apr 19 '16, 1:21 a.m.
The debug messages should be in jts.log. But whether it helps in the said issue is a different story. The section about enabling tracing in Tomcat is more important (if you are using Tomcat).

The only advantage of enabling LDAP tracing in JTS rather than in the application server, that I can think of, is you don't need to restart the server. You can enable it, reload the logging configuration in /jts/admin, try to do something related to the LDAP server, for example, add a user, and you should have something in the jts.log to look into. You can disable it without restarting the server as well. Note that unless JTS has exactly the same LDAP configuration as the application server (which is not true in many cases), it will not be appropriate to investigate the issue purely based on JTS itself.

permanent link
Guido Schneider (3.4k1486115) | answered Apr 18 '16, 2:44 p.m.
Hello Sterling,

as much as I know the logon process and the repository permission group evaluation is handled by WAS so I suggest to enable the tracing in WAS. It then creates a trace.log file with all the LDAP communication.

The JTS LDAP connection is from my point of view only used for the user synch.

regards
Guido

Your answer


Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.