Configuration options for Active Directory User Manager message logging

  • 24 February 2022
  • 0 replies
  • 132 views

Badge +6
 

Configuration options for Active Directory User Manager message logging

KB001286

PRODUCT
K2 blackpearl 4.6.1 to 4.7
K2 connect 4.6.5 to 4.7.1
LEGACY/ARCHIVED CONTENT
This article has been archived, and/or refers to legacy products, components or features. The content in this article is offered "as is" and will no longer be updated. Archived content is provided for reference purposes only. This content does not infer that the product, component or feature is supported, or that the product, component or feature will continue to function as described herein.

 

Introduction
The Active Directory User Manager (ADUM) log level and size are configurable as of K2 4.6.1.
This change was introduced to prevent oversized log files that impede the efficiency of the system. The configuration takes place in the HostServer.SecurityLabel table.

The latest version of this information is available in the K2 Installation and Configuration Guide in the K2 Auditing and Logging topic.

 

Log Level Configuration
The LogLevel setting is used to set the type of messages to be logged in ADUM. One or a combination of the following case-sensitive settings can be used to control what is logged:

  1. Error
    • Only error messages are logged.
    • This is the default level  – new and upgraded environments will use this log level until changed by the user. User entered settings will be preserved in later upgrades.
  2. None
    • Nothing will be logged.
    • The ‘None’ log level supersedes all others if a combination of levels (e.g. Error, None) are used. So nothing will be logged.
  3. Debug
    • All debug messages will be logged; the resolving of users and groups as well as anything else that occurs within ADUM.
    • The Debug level is not recommended unless something specifically needs to be debugged in order to track a problem. The reason this level is not recommended is because the log files will grow very quickly and due to the volume of log entries there would be a severe performance impact on the server.
  4. All
    • Logs at all levels except NONE, this would put even more strain on the system than the Debug level and therefore is also not recommended unless necessary.

Log Size Configuration
The LogSize setting is used to set the maximum size of a log file in megabytes.
  • The ADUM log file will not be larger than the specified size, however once the size limit is reached, a new file will be created using the naming convention mentioned later in this article.
  • The default LogSize setting is 0, which allows an infinite file size.

 

Configuring LogLevel and LogSize
To configure ADUM logging, the following script needs to be run with the value of the users K2 security label’s RoleInit column copied from the “HostServer.SecurityLabel” table and pasted between the SET and WHERE statements (replacing the red text in the code section below). Then add the LogLevel and LogSize section as indicated in yellow in the code section. In this example, LogLevel is set to log both Error and Debug messages with the file size not exceeding 1MB.

The USE statement must point to the K2 database which by default in K2 4.6 and later is named K2. The database name in previous or upgraded versions would still be named K2HostServer.

 

 

-- for unconsolidated DBs before K2 4.7 the DB name is [K2HostServer]

USE [K2] 

GO

UPDATE [HostServer].[SecurityLabel]

  SET [RoleInit] = '<roleprovider><init>ADCache=0;LDAPPath=LDAP://DC=F1,DC=COM;ResolveNestedGroups=False;IgnoreForeignPrincipals=False;
IgnoreUserGroups=False;MultiDomain=False;OnlyUseSecurityGroups=False;LogLevel=Error,Debug;LogSize=1;DataSources=&amp;amp;lt;DataSources&gt;&lt;DataSource Path="LDAP://DC=F1,DC=COM" NetBiosName="F1" /&gt;&lt;/DataSources&gt;;;</init><login /><implementation assembly="ADUM, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16a2c5aaaa1b130d" type="ADUM.K2UserManager2" /><properties><user><property name="Name" type="System.String" /><property name="Description" type="System.String" /><property name="Email" type="System.String" /><property name="Manager" type="System.String" /><property name="SipAccount" type="System.String" /><property name="ObjectSID" type="System.String" /><property name="DisplayName" type="System.String" /><property name="CommonName" type="System.String" /><property name="UserPrincipalName" type="System.String" /></user><group><property name="Name" type="System.String" /><property name="Description" type="System.String" /><property name="Email" type="System.String" /></group></properties></roleprovider>'     

  WHERE SecurityLabelName = 'K2'

GO

 

 

After executing the script, restart the K2 server.

Some other changes

  1. A new log file will be created every time the server is restarted.
  2. The log file is no longer called AdumError1.txt. It is now called AdumError[Date]_[Increment].log where [Date] is the date the file was created and [Increment] is the number of the file per date. This number will increment when a new file is created on the same day as an already existing file (file size reached or server restarted on the same day).
  3. Logging format has been changed to conform to the HostServerLogging file.

 

 


0 replies

Be the first to reply!

Reply