Bug ID 805417: Unable to enable LDAP system auth profile debug logging

Last Modified: Dec 13, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 15.0.0, 15.0.1, 15.1.0

Opened: Jul 15, 2019
Severity: 2-Critical

Symptoms

Beginning in version 14.1.0, LDAP debugging must be performed on nslcd logs and not pam_ldap logs; however, it is not possible to enable debug logging on nslcd via the configuration file.

Impact

LDAP system authentication 'debug' parameter does not provide sufficient levels of debug logs, but here is no impact to normal system operation.

Conditions

This would be encountered only if you (or F5 Support) wanted to do troubleshooting of LDAP connections by enabling debug logging.

Workaround

To enable debug logging and have the system post log messages to the SSH/console window, start the nslcd process with -d option: systemctl stop nslcd nslcd -d Note: The -d setting does not persist, so each time you want to log debug output, you must complete this procedure. When done, restart nslcd: systemctl start nslcd

Fix Information

None

Behavior Change