#!/bin/bash ############################################################################################################################ # Novell Inc. # 1800 South Novell Place # Provo, UT 84606-6194 # Script Name: ldapTrace.sh # Description: This script can be used take ldap traces. # # %Version: 1.1 # %Creating Date: Friday Feb 1 17:24:07 MST 2013 # %Created by: Rance Burker - Novell Technical Services # %Modify Date: Sun Feb 4 09:20:37 # %Modification: 1.1 added backup trace options # %Contact Information: If you have any comments/requests/issues, please contact Rance Burker at rance@novell.com ############################################################################################################################ ############### Configurable variables ##################################################################################### # Set emailsetting to 1 to send e-mail log when finished. Set to 0 or remove the 1 to disable emailsetting=1 # tracesetting sets the ndstrace options. Options are ldap, ldapdebug, skulk, auth, dsa, schema, janitor, backlink tracesetting=ldap # ldapscreenoption sets the ndstrace options. Set to 0 or remove the 1 to disable ldapscreenoption=1 # $email_to is the recipient of the e-mail. For two or more addresses seperate each address with a , email_to="rance@novell.com" # $server_name and $domain is a variable for populating the alert email as to the server and domain server_name=`perl -e '$srv = \`/bin/hostname\`; print uc($srv);'` domain=`perl -e '$dom = \`/bin/dnsdomainname\`; print uc($dom);'` # Get IP address ipaddr=`ifconfig | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{ print $1}'` # $email_sub is is the subject of the email. email_sub="DSfW packet trace and ndstrace for $server_name at $domain ($ipaddr)" # logs to attach to e-mail. For more logs list them below and in the SendEmail function ex: -a $log1 log1=/var/opt/novell/eDirectory/log/ndstrace.log #log2=/var/opt/novell/eDirectory/log/packet_trace.cap ############## Functions ############################################################################################## # Display ASCII art dsfwdudeasci(){ clear echo ' ___ ___ __ __ __ ___ __ ' echo '| \ / __| / _|\ \ / / / _ \ __ __ ___/ /___ __ ___ __ __ ' echo '| |) |\__ \| _| \ \/\/ / / // // // // _ // -_)_ / _|/ _ \| |' echo '|___/ |___/|_| \_/\_/ /____/ \_,_/ \_,_/ \__/(_)\__|\___/|_|_|_|' echo ' ' } # Send e-Mail function SendEmail(){ echo -e"traces.sh script "$0".\n" "Completed on "$server_name". "| mutt -s "$email_sub" "$email_to" -a $log1 } ## End-of-function send_email # pause 'Press [Enter] key to finish trace ...' pause(){ read -p "$*" } # bkntrace - Backup nds Trace bkntrace() { cp $log1 ${log1}-`date +%Y%m%d%H%M`.bak ; } # Credentials for admin user dscredentials() { echo -ne "Enter user (example admin.novell): " read ADMUSER echo -e The user is $ADMUSER echo -ne "Enter user's password: " read -s ADMPASSWD echo sleep 1 } # Turn on all ldap screen level debugging options ldapscreenall() { dscredentials ldapconfig set "LDAP Screen Level=all" -a $ADMUSER -w $ADMPASSWD } # Load dstrace and write to file in home directory lnt() { ndstrace -l > /dev/null & sleep .2 ndstrace -c "set ndstrace=nodebug;ndstrace on;ndstrace fmax=500000000" } # unload ndstrace unt() { ndstrace -c "ndstrace off" && ndstrace -u } # reload ndstrace rlnt() { unt ndstrace -l > /dev/null & } # rest ndstrace log rnt() { cat /dev/null /var/opt/novell/eDirectory/log/ndstrace.log > /dev/null & ndstrace -l > /dev/null & sleep .2 ndstrace -c "set ndstrace=*r" && ndstrace -u } # Turn on all tags atnt() { lnt ndstrace -c "set ndstrace=all" } # Clear all tags cnt() { lnt ndstrace -c "set ndstrace=nodebug" && ndstrace -u } # tail the ndstrace.log tntlog() { tail -f $DSLOGDIR/ndstrace.log } # Less the ndstrace.log lntlog() { less $DSLOGDIR/ndstrace.log } # Allows to grep trace for inserted argument gntlog() { if [ ! -n "$1" ] then echo echo -e "Usage:${BIRED} gntlog ${NC}" echo "Example: gntlog RECM" echo else tail -f $DSLOGDIR/ndstrace.log | grep -i "$1" fi } # Uselful tags from troubleshooting sync issues skulk() { lnt ndstrace -c "ndstrace tags time sklk coll chng sync sydl svty misc part lost recm;set ndstrace=*u;set ndstrace=*h" } # Useful tags from troubleshooting obits, inherited acls, etc... janitor() { lnt ndstrace -c "ndstrace tags time jntr dbg purg;set ndstrace=*f;set ndstrace=*j" } # Uselful tags from troubleshooting sync issues schema() { rnt lnt ndstrace -c "ndstrace tags time scma scmd svty;set ndstrace=*ssa;set ndstrace=*ssd;set ndstrace=*ss" sleep $TRACECOUNT unt } # Tags used to troubleshoot backlink issues backlink() { lnt ndstrace -c "ndstrace tags time blnk bldt misc svty drlk drld;set ndstrace=*b" } # Useful tags to troubleshoot ldap ldap() { lnt ndstrace -c "ndstrace tags time ldap auth nmas svty" } # Useful tags to troubleshoot ldap ldapdebug() { rnt lnt ndstrace -c "ndstrace tags time ldap auth nmas dbg recm svty" sleep $TRACECOUNT unt } # Useful tags to troubleshoot typical -6xx and -7xx errors dsa() { lnt ndstrace -c "ndstrace tags time areq abuf recm dbg part misc sklk sync aloc init insp rslv svty srch;set ndstrace=*h" } # Useful tags for troubleshooting authentication issues auth() { lnt ndstrace -c "ndstrace tags time nmas ldap auth vcln rslv conn areq abuf misc rslv srch ncpe svty" } # Take a packet trace using tcpdump on all interfaces packetTrace() { echo echo -e "starting the packet trace, press cntrl -c to stop" echo tcpdump -n -s0 -i any -w /var/opt/novell/eDirectory/log/trace.cap } # Functions to run main () { dsfwdudeasci if [ $ldapscreenoption -eq 1 ] then ldapscreenall; rnt; $tracesetting; pause 'Press [Enter] key to end the trace ...'; unt 1&>/dev/null else rnt; $tracesetting; pause 'Press [Enter] key to end the trace ...'; unt 1&>/dev/null fi sleep 1 bkntrace [ $emailsetting -eq 1 ] && SendEmail exit 0 } # Run the main function main