How to set Active Directory Verbose logging
Often times you may want to turn on Active Directory Verbose logging to troubleshoot Active Directory (AD) related issues. By default, Active Directory only logs critical and error events.
You must configure following registry key to set Active Directory Verbose logging
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics
Events that can be set:
Knowledge Consistency Checker (KCC)
Security Events
ExDS Interface Events
MAPI Interface Events
Replication Events
Garbage Collection
Internal Configuration
Directory Access
Internal Processing
Performance Counters
Initialization/Termination
Service Control
Name Resolution
Backup
Field Engineering
LDAP Interface Events
Setup
Global Catalog
Inter-site Messaging
Group Caching
Linked-Value Replication
DS RPC Client
DS RPC Server
DS Schema
Logging levels (from Microsoft Support):
• 0 (None): Only critical events and error events are logged at this level. This is the default setting for all entries, and it should be modified only if a problem occurs that you want to investigate.
• 1 (Minimal): Very high-level events are recorded in the event log at this setting. Events may include one message for each major task that is performed by the service. Use this setting to start an investigation when you do not know the location of the problem.
• 2 (Basic)
• 3 (Extensive): This level records more detailed information than the lower levels, such as steps that are performed to complete a task. Use this setting when you have narrowed the problem to a service or a group of categories.
• 4 (Verbose)
• 5 (Internal:): This level logs all events, including debug strings and configuration changes. A complete log of the service is recorded. Use this setting when you have traced the problem to a particular category of a small set of categories.
