Tracing LDAP in Vista

So, lest you think I dislike Vista - here is one cool dealy wheely thingy in Vista. LDAP tracing ( finally without using crazy evt logs or checked builds )

Here it is:

 And since I am always afraid links change , I've pasted  the main parts here:

To turn on LDAP client tracing, create the following registry key:


ProcessName is the full name of the process that you want to trace, including its extension (for example, "Svchost.exe"). Inside this key, you can place an optional value of type DWORD that is named PID. If this optional value is set to a process ID, only the instance of the application with this process ID will be traced.

To start a tracing session, execute the following command:

C:\>tracelog.exe -start <sessionname> -guid #<guid for ldap tracing provider> -f <filename> -flag <traceFlags>

sessionname is an arbitrary identifier that is used to label the tracing session (you will need to refer to this session name later when you stop the tracing session). The GUID for the LDAP tracing provider is "099614a5-5dd7-4788-8bc9-e29f43db28fc". filename specifies the logfile to which events will be written. traceFlags should be one or more of the following values:


I havent tried it out yet ( no time ) but if you give it a spin, let me know if its useful. Ill play with it later and update this post.




Comments (0)

Skip to main content