Netlogon.log, where is it, how to enable it

If you need to troubleshoot network authentication or communication issues on Windows computer, netlogon service can provide useful log, but it must be enabled first.

How do I enable netlogon service logging

Open Comand Prompt as an administrator and use following command:

Nltest /DBFlag:2080FFFF
You can also enable logging through registry as the message indicates …

Where do I find the log file

Every netlogon-related activity should now be writen in “%windir%\debug\netlogon.log”.
(usually C:\windows\debug\netlogon.log)

If nothing shows up in the file, you may need to restart netlogon service. If you still have the command prompt open, simply use those two commands:

net stop netlogon
net start netlogon

How do I disable the logging

Use this command:

Nltest /DBFlag:0x0

Netlogon.log size

Default maximum size for the “netlogon.log” is 20 Mb. When you reach it, the system renames the file to “netlogon.bak” and starts new “netlogon.log”. When you reach it again, old “netlogon.bak” is deleted and current “netlogon.log” is renamed to “netlogon.bak” again. And so on.

The size can be adjusted through registry:

Go to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Create new REG_DWORD and call it “MaximumLogFileSize“.

Put in desired size of log file in Mb.

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.