Using SSSD Log Files

SSSD uses a number of log files to report information about its operation, located in the /var/log/sssd/ directory. SSSD produces a log file for each domain, as well as an sssd_pam.log and an sssd_nss.log file.

Additionally, the /var/log/secure file logs authentication failures and the reason for the failure.

Increasing the log level can provide more information about problems with SSSD. To change the log level, set the debug_level parameter for each section in the sssd.conf file for which to product extra logs. For example:

[sssd]
config_file_version = 2
services = nss, pam
domains = LDAP
debug_level = 9