Manualshelf

Troubleshooting guide

ManualsBrandsBay Networks ManualsComputer equipmentBayRS
919293949596979899100
Chapter 2 Troubleshooting LDAP Servers and the AMC Debugging LDAP
Advanced Technical Reference Guide 4.1 June 2000 93
Debugging LDAP
In order to solve your problem, your technical support representative will need all relevant information about
the problem and its environment. For each type of problem, the Support representative will ask for specific
records and files.
Sending this information as soon as the Support Call is opened will make the handling of the ticket more
efficient and will ensure that the problem is resolved as quickly as possible
This section lists the information important debugging tools for use when troubleshooting LDAP problems. File
outputs can also be sent to Check Point Support support@ts.checkpoint.com
See “Chapter 2: Troubleshooting Tools,” page 5 for more information on the fwinfo, fw monitor and
the fw ctl debug commands.
Important Debugging Tools
1. The Log Viewer – the VPN-1/FireWall-1 log file might contain informative error messages.
2. fwenc.log file If SecuRemote is involved try, the fwenc.log file should be very informative.
See: How to troubleshoot SecurRemote problems by creating a fwenc.log file (Solution ID:
47.0.1537649.2530505)
1 fw ldapsearch
2. fwd.log (the output of the fwd–dcommand).
3. Environment Variables.
See the following SecureKnowledge solutions in the Check Point Technical Services site:
How to set environment variables in Windows NT? (Solution ID: 36.0.92223.2471774).
How to set environment variables on UNIX? (Solution ID: 10022.0.3099256.2509558).
4. The LDAP log files – each LDAP has its own log files, which might be informative as well (usually access
and error logs).
For example: The Netscape log files are: access.log and error.log (located in
Netscape/SuiteSpot/slapd-<serverid>/logs
5. AMC files: admin.lst and AMC.properties located in the Program
Files/CheckPoint/Account Management directory. These files will enable you to get the same
configuration of AMC as the customer.
6. VPN-1/FireWall-1 files: fwinfo
See: How to use the fwinfo utility to create and package debug information to send to Support (Solution
ID: 10022.0.1592028.2468724).
7. Snoop files - If you have a Sniffer or a snoop utility, you can trace the connection between different entities
and check if the connection exists.
See: How to get a packet snoop on Windows NT Solution ID: 36.0.2503074.2514022).