Skip to content
This repository has been archived by the owner on Jan 2, 2024. It is now read-only.

Debug Logging

Jump to bottom
Josh Wisenbaker edited this page Jan 12, 2022 · 1 revision

NoMAD Login AD uses Apple's unified logging system for logging. By default we log some basic info, but you can turn the logging level up if you want to see a lot more blow by blow info.

Reading log entries

When you are looking at the logs you can see what level the entries were made at, and which section of the NoLoAD code made the entries by way of the category.

For example, this log entry is a debug entry made by the CreateUser Mechanism. You can also see that the authorizationhost was the process that was running the NoLoAD code at the time: 2017-12-27 14:01:37.127349-0800 0x891e Debug 0x0 1720 authorizationhost: (NoMADLoginAD) [menu.nomad.noload:CreateUserMech] Account creation skipped, allowing login

Enabling debug logging

To watch the login process happen, follow these steps:

  1. Login to the Mac you want to log on via SSH.
  2. Start the debug logging with log stream --predicate 'subsystem == "menu.nomad.login.ad"' --debug
  3. Login with the user you want to see logs for.
  4. When you are satisfied, press control-c to quit the log program.

Other methods

Since we are using the Apple logging system you can observe and gather logs in a few other ways as well.

The simplest is to use the Console app and fast user switching. If you take a look under the Action menu, you can enable debug log messages there. Now just Fast User Switch to the login window and test away.

You can also take a sysdiagnose to gather the logs for EVERYTHING that is currently going on. This can be handy for general system diagnosis. At any time you can press Control-Option-Command-Shift-Period to trigger the process. The logs will be found in /private/tmp and the Finder will open a window to reveal them once the gathering process is complete.

Gathering logs post login

The log stream command has another parameter which can be used to pull logs after a login. This is useful when doing diagnostic work related to SecureTokens. The following command will pull the logs for the last 5 minutes. Though please keep in mind that debug logs do not appear to be persisted outside of a log stream.

log show --predicate 'subsystem == "menu.nomad.login.ad"' --last 5m

Example logs

Login with AD User with account creation (Debug On): Screen_Shot_2017-12-27_at_4.53.39_PM

Login with AD User with account creation (Debug Off): Screen_Shot_2017-12-27_at_5.04.16_PM

Login with local account (Debug On): Screen_Shot_2017-12-27_at_4.56.13_PM

AD User with failed authentication (Debug On): Screen_Shot_2017-12-27_at_4.59.32_PM

Clicked sign in button with no user (Debug On): Screen_Shot_2017-12-27_at_4.58.58_PM

Clone this wiki locally