Manage AD Bridge Services

The Service Manager lets you track and troubleshoot all AD Bridge services with a single command line utility (.lwsm).

./lwsm list

Lists the status of all known services. Run this command with superuser privileges.

/opt/pbis/bin/lwsm list

./lwsm restart <service>

Restarts a service, automatically identifying the service's dependencies and restarting them in the correct order. Run this command with superuser privileges.

/opt/pbis/bin/lwsm restart lsass

./lwsm refresh <service>

Refreshes a service's configuration, forcing use of a new configuration after a registry setting has been changed. Run this command with superuser privileges.

/opt/pbis/bin/lwsm refresh lsass

./lwsm info <service>

Displays information about a service, including any dependencies.

/opt/pbis/bin/lwsm info lsass

.lwsm get-log <service> [ <facility> ]

Lists the logging state given the service and optionally the facility.

/opt/pbis/bin/lwsm get-log gpagent

Example output:

<default>: syslog LOG_DAEMON at DEBUG

./lwsm set-log-target [ -p, -- persist ] <service> <facility> <type> [ <target> | <syslog facility> ]

Set the log target for a given service and facility. Optionally include -p, --persist to save the log type and target so they will be used when the service starts. The facility is the tag of an AD Bridge facility or a dash (-). Supported types are none, syslog, and file.

/opt/pbis/bin/lwsm set-log-target lsass daemon syslog

 

A type of syslog uses the LOG_DAEMON facility by default. You can override this by setting a syslog facility name.

/opt/pbis/bin/lwsm set-log-target lsass - syslog local3

 

A type of file directs logging to a file and requires you to set a target, such as file name.

/opt/pbis/bin/lwsm set-log-target lsass - file log.txt

./lwsm set-log-level [-p, --persist] <service> <facility> <level>

Set the log level for a given service and facility. Supported levels are error, warning, info, verbose, debug, and trace. The default setting is error.

Optionally include -p, --persist to save the log level so it will be used when the service starts. The log level is changed only until the authentication service (lsass) or the computer restarts. Syslog messages are logged through the daemon facility.

/opt/pbis/bin/lwsm set-log-level lsass - DEBUG

You cannot use --persist with the service lwsmd, that is, where the <service> value is a dash (-). To persist the settings for lwsmd, you must change the settings in the startup script. The script name and location depends on the platform and is either /etc/init.d/lwsmd or /etc/systemd/system/lwsmd.service.

./lwsm reset-log-defaults <service>

Clear any saved log level, type, and target default values. This does not affect the service's current log settings. You must restart the service to get the new default values.

/opt/pbis/bin/lwsm reset-log-default lsass

You cannot use reset-log-defaults with the service lwsmd, that is, where the <service> value is a dash (-).

./lwsm tap-log <service> <facility> <level>

Temporarily redirect logging for the given service and facility to stdout with the given log level.

/opt/pbis/bin/lwsm tap-log lsass - WARNING

./lwsm gdb <service>

Attach gdb to the specified running service.

/opt/pbis/bin/lwsm gdb lsass