Windows Server – Log all Active Directory LDAP query

| yagmoth555

Hi

I wanted to share a small tip if you need to log all LDAP’s query sent to your ADDS’s server.

You can easilly find the correct registry to change there:

You need to set at 5 the key Field Engineering there: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics

and you need to set to 1 those two keys:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Expensive Search Results Threshold

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Inefficient Search Results Threshold

For more detail you can find it some documentations there, Creating More Efficient Microsoft Active Directory-Enabled Applications

 

Thanks everyone

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s