Enabling Debug Logging for the Netlogon Service

12/12/2017 One-minute read

Here is a easy way to find out where the user is trying to logon to. Great way to find out why they always have account lockout.

To enable netlogon logging: Nltest /DBFlag:2080FFFF

An log under %windir%\debug\netlogon.log will be created and here we can see where the user is trying to logon to.

To disable netlogon logging: Nltest /DBFlag:0x0