Parameter:
LDAPDebugShort description: Enables debug output of the LDAP task (bind / search / bind errors) on the server console and in the console log.
Profile
Parameter | LDAPDebug |
Category | Logging / Debug |
Component | Server |
Available since | 9.0 |
Supported versions | 9.0.1, 10.0, 11.0, 12.0, 14.0, 14.5, 14.5.1 |
GUI equivalent | notes.ini only (no GUI) |
Possible values | 0 = off (default), 1–7 = increasing level of detail |
Description
For troubleshooting LDAP requests – such as failed bind operations from external apps, empty search results despite existing entries, or TLS issues –
LDAPDebug provides additional information on the server console / console.log. The lower levels (1–2) log connection and bind events, while higher levels (3–7) produce very verbose logs including the evaluated filters and return values.Example configuration
LDAPDebug=2
Notes & pitfalls
- High detail levels produce a large number of console messages – enable only temporarily.
- Active
LDAPDebuglogs can contain sensitive DN / filter information; treat the logs accordingly.
- Takes effect after a restart of the LDAP task (
tell ldap quit/load ldap).
- Pairs with server-side TLS debug (
SSL_LogLevel/DebugSSLHandshake) when investigating LDAPS.