setad(8)
152 SPARC Enterprise Mx000 Servers XSCF Reference Manual • Last Revised February 2010
logdetail Enable logging of Active Directory authentication and
authorization diagnostic messages at the specified detail
level. This log is for use in troubleshooting and is cleared
on SP reboot. Level can be one of the following:
none Do not log diagnostic messages. Use
this setting during normal system
operation
high Log only high-severity diagnostic
messages
medium Log only high-severity and medium-
severity diagnostic messages
low Log high-severity, medium-severity,
and informational diagnostic
messages
trace Log high-severity, medium-severity,
informational, and trace-level
diagnostic messages
log [options] clear Clear the log file of Active Directory authentication and
authorization diagnostic messages.
dnslocatormode Enable or disable DNS locator mode. This mode is
disabled by default. If enabled, XSCF queries a DNS
server to learn the Active Directory server to use for user
authentication.
expsearchmode Enable or disable expanded search mode. The default
Active Directory functionality is intentionally restrictive
to ensure proper security. Search criteria can be expanded
to accommodate specific customer environments. The
expanded search mode is disabled by default, which
means the UserPrincipalName (UPN) is expected to have
a fully qualified domain name suffix. When expanded
search mode is enabled, more searches are attempted if
the more specific UPN search does not immediately
succeed.