How to increase the samba debug level to get useful information



There is a useful way to increase the debug level for problems with samba4 and get targeted information.

The first way will addintionally install and use tcpdump and exports the Kerberos-Keytab to encrypt the collected dump-file. This is optional but often helps to figure out the problem.

    apt-get install -y tcpdump
    ucr set samba/debug/level='10'
    cp -r /var/log/samba /var/tmp/samba.1
    service samba restart
    sleep 3
    tcpdump -p -s 0 -n -w trace.pcap &

Now reproduce the problem exactly. After that proceed with the following commands:

    kill "$tcpdump_pid"
    ucr set samba/debug/level='1'
    service samba restart
    cp -r /var/log/samba /var/tmp/samba.2
    samba-tool domain exportkeytab $(dnsdomainname).keytab
    diff -Nuar /var/tmp/samba.1 /var/tmp/samba.2 > sambalogs.diff

In the Logfile sambalogs.diff shows only the information of the problem. The trace.pcap and the $(dnsdomainname).keytab contain the communication part of the problem.
These information are very useful to accelerate the support process in case of problems with samba.

Please notice, that a lot of data is produced in a very short time with an increased debug level, so make sure you have enough space on your device!

Problem: Samba Replication: WERR_DS_DRA_ACCESS_DENIED