Winbind logs
The winbind services write the most important messages to syslog.
When using Active Directory, the most important messages are written to syslog, similar to
the logs in SMB protocol. For example:
grep winbindd /var/log/messages
The system displays output similar to the following
example:
Jun 3 12:04:34 prt001st001 winbindd[14656]: [2015/06/03 12:04:34.271459, 0] ../lib/util/become_daemon.c:124(daemon_ready)
Jun 3 12:04:34 prt001st001 winbindd[14656]: STATUS=daemon 'winbindd' finished starting up and ready to serve connections
Additional logs are available in /var/adm/ras/log.winbindd* and /var/adm/ras/log.wb*. There are multiple files that get rotated with the "old" suffix, when the size becomes 100 MB.
To capture debug traces for Active Directory authentication, use mmprotocoltrace command for the winbind component. To start the tracing of winbind component, issue this command:
mmprotocoltrace start winbind
After performing all steps, relevant for the trace, issue this command to stop tracing winbind component and collect tracing data from all participating nodes:
mmprotocoltrace stop winbind