traceoptions (Active Directory Access)

Syntax

Hierarchy Level

Description

CAUTION:

Enabling tracing can adversely impact scale and performance and may increase security risk. We strongly recommend using the trace, tracing, or traceoptions commands only under the guidance of a JTAC support engineer. After collecting the debug information, immediately disable tracing to minimize risk and restore normal system performance.

Define Active Directory trace options for the integrated user firewall feature.

Options

file filename

Name of the file to receive the output of the tracing operation. Enclose the name within quotation marks. All files are placed in the directory /var/log.

flag

Trace the operation or operations to perform on the integrated user firewall. To specify more than one trace operation, include multiple flag statements.

active-directory-authentication	Trace the building of and modifications to the Active Directory authentication table.
all	Trace everything.
configuration	Trace configuration events.
db	Trace the database.
ip-user-mapping	Trace the ip-user-mapping module.
ip-user-probe	Trace PC client probing.
ipc	Trace communication events with the Packet Forwarding Engine.
user-group-mapping	Trace the process of getting user-to-group-mapping.
wmic	Trace the Windows Management Instrumentation Client process.

level

Level of trace operation to perform.

all	Match all levels.
error	Match error conditions.
info	Match informational messages.
notice	Match conditions that should be handled specially.
verbose	Match verbose messages.
warning	Match warning messages.

no-remote-trace

Disallow tracing from a remote device.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 12.1X47-D10.

ON THIS PAGE