Hi
**With version 7.4 and later (7.0.12 and later)**
You can find the following messages in the logs:
11:35:00.997 INFO [ch.ivyteam.ivy.security.user.synch] [ivy immediate job pool-thread-1] [executionContext=SYSTEM]
Start synchronizing users of application ads with external security system Microsoft Active Directory on zugtstdirads
11:45:23.687 INFO [ch.ivyteam.ivy.security.user.synch] [ivy immediate job pool-thread-3] [executionContext=SYSTEM]
User synchronization of application ads with external security system Microsoft Active Directory on zugtstdirads finished.
943 users were read from naming and directory server.
943 users were analyzed.
943 users were imported.
0 users were deleted.
0 users were updated.
4 users were added to a role.
0 users were removed from a role.
Total execution time was 10 seconds.
Here you find how many users were read from the external server and what was done with them.
Additionally you can configure the log level of the logger `ch.ivyteam.ivy.security.user.synch` to `DEBUG` . Now you find detailed log messages what is done during the user synchronisation:
14:21:06.271 DEBUG [ch.ivyteam.ivy.security.user.synch] [ivy immediate job pool-thread-1] [executionContext=SYSTEM]
Imported user 'Administrator'
14:21:06.301 DEBUG [ch.ivyteam.ivy.security.user.synch] [ivy immediate job pool-thread-1] [executionContext=SYSTEM]
Imported user 'Gast'
14:21:06.312 DEBUG [ch.ivyteam.ivy.security.user.synch] [ivy immediate job pool-thread-1] [executionContext=SYSTEM]
Imported user 'krbtgt'
If you configure the log level of the logger `ch.ivyteam.ivy.security.ldap.api` to `DEBUG` you enable low level LDAP API log messages:
11:31:33.861 DEBUG [ch.ivyteam.ivy.security.ldap.api] [ivy immediate job pool-thread-1] [executionContext=SYSTEM]
Searching LDAP objects with name 'DC=zugtstdomain,DC=wan' and filter '(&(objectClass=user)(!(objectClass=computer)))' (Page 0..500)
11:31:33.999 DEBUG [ch.ivyteam.ivy.security.ldap.api] [ivy immediate job pool-thread-1] [executionContext=SYSTEM]
Searching LDAP objects with name 'DC=zugtstdomain,DC=wan' and filter '(&(objectClass=user)(!(objectClass=computer)))' (Page 500..1000)
11:31:34.036 DEBUG [ch.ivyteam.ivy.security.ldap.api] [ivy immediate job pool-thread-1] [executionContext=SYSTEM]
LDAP call returned 943 objects. Execution time was 218 ms
11:31:34.051 DEBUG [ch.ivyteam.ivy.security.ldap.api] [ivy immediate job pool-thread-1] [executionContext=SYSTEM]
Reading LDAP attribute 'memberOf' from 'CN=Administrator,CN=Users,DC=zugtstdomain,DC=wan'
11:31:34.053 DEBUG [ch.ivyteam.ivy.security.ldap.api] [ivy immediate job pool-thread-1] [executionContext=SYSTEM]
LDAP call returned attribute 'memberOf' with 5 values. Execution time was 2 ms
If you configure the log level of the logger `ch.ivyteam.ivy.security.ldap.wire` to `DEBUG` you enable low level binary LDAP protocol messages:
11:35:01.266 DEBUG [ch.ivyteam.ivy.security.ldap.wire] [Thread-8] []
<- zugtstdirads:389
0000: 30 84 00 00 00 5A 02 01 02 64 84 00 00 00 51 04 0....Z...d....Q.
0010: 27 43 4E 3D 47 61 73 74 2C 43 4E 3D 55 73 65 72 'CN=Gast,CN=User
0020: 73 2C 44 43 3D 7A 75 67 74 73 74 64 6F 6D 61 69 s,DC=zugtstdomai
0030: 6E 2C 44 43 3D 77 61 6E 30 84 00 00 00 22 30 84 n,DC=wan0...."0.
0040: 00 00 00 1C 04 0E 73 41 4D 41 63 63 6F 75 6E 74 ......sAMAccount
0050: 4E 61 6D 65 31 84 00 00 00 06 04 04 47 61 73 74 Name1.......Gast
----------
**Before version 7.4 (7.0.12)**
You can find the following messages in the logs:
2019-04-12 00:00:01.638 INFO [ch.ivyteam.ivy.security.internal.jndi] [ivy scheduled job pool-thread-2] [executionContext=SYSTEM]
Start synchronizing users of application myApp with external security system Novell eDirectory on ldap://xxxxxx:389
2019-04-12 02:32:55.334 INFO [ch.ivyteam.ivy.security.internal.jndi] [ivy scheduled job pool-thread-2] [executionContext=SYSTEM]
Synchronize users of application myApp with external security system Novell eDirectory on ldap://xxxxxx:389 finished.
200,000 users were read from naming and directory server.
0 users were imported.
0 users were deleted.
0 users were updated.
0 users were added to a role.
0 users were removed from a role.
Here you find how many users were read from the external server and what was done with them.
Additionally you can configure the log level of the logger `ch.ivyteam.ivy.security.internal.jndi` to `DEBUG` . Now you find low level binary LDAP messages that are sent and received the LDAP server:
11:35:01.266 DEBUG [ch.ivyteam.ivy.security.internal.jndi] [Thread-8] []
<- zugtstdirads:389
0000: 30 84 00 00 00 5A 02 01 02 64 84 00 00 00 51 04 0....Z...d....Q.
0010: 27 43 4E 3D 47 61 73 74 2C 43 4E 3D 55 73 65 72 'CN=Gast,CN=User
0020: 73 2C 44 43 3D 7A 75 67 74 73 74 64 6F 6D 61 69 s,DC=zugtstdomai
0030: 6E 2C 44 43 3D 77 61 6E 30 84 00 00 00 22 30 84 n,DC=wan0...."0.
0040: 00 00 00 1C 04 0E 73 41 4D 41 63 63 6F 75 6E 74 ......sAMAccount
0050: 4E 61 6D 65 31 84 00 00 00 06 04 04 47 61 73 74 Name1.......Gast
----------
**Xpert.ivy 3.9.X legacy installations**
There is separate answer that brings light into 3.9 LDAP import issues: see https://answers.axonivy.com/questions/3788/troubleshoot-activedirectory-user-import-to-my-ivy-3-9-webapp