This section describes the kinds of debug data you need to provide based on the problem you are experiencing.
This section contains the following tasks:
To Collect Required Debug Data for Any Directory Editor Problem
To Collect Required Debug Data for Directory Editor Installation Problems
To Collect Required Debug Data for Directory Editor Startup Problems
To Collect Required Debug Data for Directory Editor Login Problems
To Collect Required Debug Data for Directory Editor Graphical User Interface Problems
All problems described in this technical note need basic information collected about when the problem occurred and about the system having the problem. Use this task to collect that basic information.
Note the time or times the problem occurred.
Note the name of the application server in which you run Directory Editor.
Note the exact version of the application server in which you run Directory Editor.
Note the exact version of the Java Virtual Machine which you use to run Directory Editor.
Note the operating system version.
uname -a
uname -r
cat /etc/redhat-release
C:\Program Files\Common files\Microsoft Shared\MSInfo\msinfo32.exe /report C:\report.txt
Note the patch level.
showrev -p
swlist
rpm -qa
Already provided in C:\report.txt.
Note the Directory Editor version and build number.
The build number is available only for Directory Editor 1.
To determine the build number, hover your mouse cursor over the Version string at the top of the Directory Editor page. Either a tooltip appears showing the build number, or the browser displays the build number as a message in the status bar at the bottom of the browser window.
Alternatively, you can view the source of the Directory Editor web page and search for Build number.
Collect Directory Editor configuration files.
application-root/WEB-INF/classes/init.xml
application-root/WEB-INF/classes/log4j.properties
application-root/WEB-INF/startup.properties
This procedure describes what data to collect when you cannot complete Directory Editor installation.
Collect the security policy file for your application server.
app-server-root/domains/domain-name/config/server.policy
tomcat-root/conf/catalina.policy
Collect error logs for your application server.
For example, if you run Directory Editor in the first domain and instance of Sun Java System Application Server, collect app-server-root/domains/domain1/server1/logs/server.log.
Collect Directory Server access, errors, and audit logs.
Collect logs from both the Directory Editor Configuration Directory Server and also Managed Directory Servers. By default, you find these logs in the following locations:
server-root/slapd-serverID/logs/access
server-root/slapd-serverID/logs/errors
server-root/slapd-serverID/logs/audit (if enabled)
If these log files are not in the default locations, examine the Directory Server configuration file, server-root/slapd-/serverID/config/dse.ldif, to find the paths to the logs. The paths are specified as the values of attributes nsslapd-accesslog, nsslapd-errorlog, and nsslapd-auditlog.
When using Sun Java System Application Server 7 or 8, collect the server description file.
For example, app-server-root/domains/domain1/server1/config/server.xml.
This section describes what data to collect when you cannot start Directory Editor.
Collect information about the port used for your application server.
netstat -an | grep app-server-port
netstat -an
Collect error logs for your application server.
For example, if you run Directory Editor in the first domain and instance of Sun Java System Application Server, collect app-server-root/domains/domain1/server1/logs/server.log.
Collect logs from both the Directory Editor Configuration Directory Server and also Managed Directory Servers.
By default, you find these logs in the following locations:
server-root/slapd-serverID/logs/access
server-root/slapd-serverID/logs/errors
server-root/slapd-serverID/logs/audit (if enabled)
If these log files are not in the default locations, examine the Directory Server configuration file, server-root/slapd-/serverID/config/dse.ldif, to find the paths to the logs. The paths are specified as the values of attributes nsslapd-accesslog, nsslapd-errorlog, and nsslapd-auditlog.
Collect the de-startup-problem-services.ldif file generated by the ldapsearch command.
Be sure to include the -B option, which retrieves binary attribute values as they are stored in the directory.
server-root/shared/bin/ldapsearch -h hostname -p port -D "cn=Directory Manager" -w password -B -b "ou=1.0,ou=DML,ou=services,dc-root" "(objectclass=*)" > /tmp/de-startup-problem-services.ldif
server-root\shared\bin\ldapsearch.exe -h hostname -p port -D "cn=Directory Manager" -w password -B -b "ou=1.0,ou=DML,ou=services,dc-root" "(objectclass=*)" > C:\de-startup-problem-services.ldif
Here, dc-root means the domain controller suffix for the configuration directory used in your environment, such as dc=example,dc=com.
This section describes what data to collect when you cannot login to Directory Editor.
Take a screen shot of the login screen.
The screen shot should show the error message that results when you try to login.
Note the result of an attempt to login to Directory Editor as cn=Directory Manager.
The cn=Directory Manager user might be able to login although other users cannot.
Collect the user-prob.ldif file generated by the ldapsearch command.
server-root/shared/bin/ldapsearch -h hostname -p port -D "cn=Directory Manager" -w password -b "base-dn" "(uid=userID)" > /tmp/user-prob.ldif
server-root\shared\bin\ldapsearch.exe -h hostname -p port -D "cn=Directory Manager" -w password -b "base-dn" "(uid=userID)" > C:\user-prob.ldif
Here, base-dn means the DN of the suffix used in your environment to store user entries, such as ou=people,dc=example,dc=com.
Collect the error logs for your application server.
For example, if you run Directory Editor in the first domain and instance of Sun Java System Application Server, collect app-server-root/domains/domain1/server1/logs/server.log.
Collect logs from both the Directory Editor Configuration Directory Server and also Managed Directory Servers.
By default, you find these logs in the following locations:
server-root/slapd-serverID/logs/access
server-root/slapd-serverID/logs/errors
server-root/slapd-serverID/logs/audit (if enabled)
If these log files are not in the default locations, examine the Directory Server configuration file, server-root/slapd-serverID/config/dse.ldif, to find the paths to the logs. The paths are specified as the values of attributes nsslapd-accesslog, nsslapd-errorlog, and nsslapd-auditlog.
Collect the de-login-problem-services.ldif file generated by the ldapsearch command for both the Configuration Directory Server and the Managed Directory Servers.
Be sure to include the -B option, which retrieves binary attribute values as they are stored in the directory.
server-root/shared/bin/ldapsearch -h hostname -p port -D "cn=Directory Manager" -w password -B -b "ou=1.0,ou=DML,ou=services,dc-root" "(objectclass=*)" > /tmp/de-login-problem-services.ldif
server-root\shared\bin\ldapsearch.exe -h hostname -p port -D "cn=Directory Manager" -w password -B -b "ou=1.0,ou=DML,ou=services,dc-root" "(objectclass=*)" > C:\de-login-problem-services.ldif
Here, dc-root means the domain controller suffix for the configuration directory used in your environment, such as dc=example,dc=com.
Collect the de-login-problem-aci.ldif file generated by the ldapsearch command for the Managed Directory Servers.
server-root/shared/bin/ldapsearch -h hostname -p port -D "cn=Directory Manager" -w password -b "base-dn" "(objectclass=*)" aci > /tmp/de-login-problem-aci.ldif
server-root\shared\bin\ldapsearch.exe -h hostname -p port -D "cn=Directory Manager" -w password -b "base-dn" "(objectclass=*)" aci > C:\de-login-problem-aci.ldif
Here, base-dn means the DN of the suffix used in your environment to store user entries, such as ou=people,dc=example,dc=com.
Collect trace logging information showing authentication activity.
To collect this information, perform the following steps.
Open the app-server-root/WEB-INF/classes/log4j.properties file in a text editor.
Add the following lines.
log4j.logger.com.sun.dml.auth=TRACE,auth log4j.appender.auth=org.apache.log4j.RollingFileAppender log4j.appender.auth.layout=org.apache.log4j.PatternLayout log4j.appender.auth.layout.ConversionPattern=%d{ISO8601} [%t] %-5p %c - %m%n log4j.appender.auth.File=de-auth.log log4j.appender.auth.MaxFileSize=5MB log4j.appender.auth.MaxBackupIndex=1
Restart Directory Editor.
Reproduce the login problem immediately.
Collect the log file or files named de-auth.log.
This section describes what data to collect when part of the Directory Editor user interface fails to comply with what you expect.
Collect screen shots of the affected screen or screens.
The screen shots should show the problem you are experiencing.
Provide step by step instructions for reproducing the problem.
If needed, also provide test case data.
Provide the browser name, version number, and operating system where you run the browser to access Directory Editor.
Provide information about the user who was logged in when the problem occurred.
Collect trace logging information showing view and web activity.
To collect this information, perform the following steps.
Open the app-server-root/WEB-INF/classes/log4j.properties file in a text editor.
Add the following lines.
log4j.logger.com.sun.dml.view=TRACE,view log4j.logger.com.sun.dml.web=TRACE,web log4j.appender.view=org.apache.log4j.RollingFileAppender log4j.appender.view.layout=org.apache.log4j.PatternLayout log4j.appender.view.layout.ConversionPattern=%d{ISO8601} [%t] %-5p %c - %m%n log4j.appender.view.File=de-view.log log4j.appender.view.MaxFileSize=5MB log4j.appender.view.MaxBackupIndex=1 log4j.appender.web=org.apache.log4j.RollingFileAppender log4j.appender.web.layout=org.apache.log4j.PatternLayout log4j.appender.web.layout.ConversionPattern=%d{ISO8601} [%t] %-5p %c - %m%n log4j.appender.web.File=de-web.log log4j.appender.web.MaxFileSize=5MB log4j.appender.web.MaxBackupIndex=1
Restart Directory Editor.
Reproduce the login problem immediately.
Collect the log files named de-view.log and de-web.log.
Collect screen shots of Directory Editor debugging screens.
Access the following Directory Editor URL, http://hostname:port/de/Debug.do.
Take screen shots of the following five tab pages:
HTTP Session
Directory Properties
Java System Properties
Memory
Call Timer