OpenEdge authentication process debugging is helpful when trying to trace all the steps in building the Windows user-id and password or authentication and to see what the the Windows library returns.
There are three steps for three separate levels in the architecture:
- ABL client level debugging to trace the language's call into the DB authentication process:
-clientlog ./avm.log -logentrytypes DB.Connects:7,SEC.AUTH:7
- PAM library set before the ABL client runs to trace the authentication process:
set PSC_AUTH_DEBUG=D
- PAM plug-in level debug before the ABL client runs to trace building the Windows user-id and call into the system libraries:
Edit the PAM options in the database domain's record and add -debug -verbose (without quotes).
In addition to these steps, it is often useful to also obtain a dump of the domain and system security tables from the Data Admin tool.
- Data Admin
- Dump Data and Definitions
- Security Domains.
This will result in the following two files being dumped:
_sec-authentication-system.d
_sec-authentication-domain.d
