Enable debug logging for Netlogon service

Netlogon Service is one of the key LSA (Local Security Authority) processes that run on every Domain Controller. Netlogon service log files are useful when you troublehsoot authentication problems, client account logon, lockout etc. By default the netlogon service logging is not enabled. You can do it in 2 ways to enable netlogon logging.

1. nltest /dbflag:0x2080ffff
 - Restart netlogon service
 - Logging will happen at %windir%\debug\netlogon

Note: Nltest is part of Win 2008 and also support tools for Win 2003, 2000 and XP
Note: Run nltest /dbflag:0×0 to disable logging

OR

2. Start Regedt32
 - go to HKLM\system\Currentcontrolset\Services\Netlogon\Parameters
 - Create a new REG_DWORD called DBFlag and add 2080ffff hexadecimal value
 - Restart netlogon service

Note: To disable it, change the value to 0×0

One of the issues with netlogon.log file is the file size will grow quickly. By default the Max log file size is 20MB. You can change this by editing registry.
HKLM\System\Currentcontrolset\Services\Netlogon\Parameters
Value Name: MaximimLogFileSize
Value Data: <Max log file size in Bytes>

Utility used to query the Netlogon log File is nlparse.exe. It is a GUI tool that comes with ALTools.exe file at
http://www.microsoft.com/downloads/details.aspx?FamilyID=7AF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en
nlparse contains the most common Netlogon error codes and stores the output in two files – %windir%\debug\netlogon - folders: netlogon.log-out.scv and netlogon.log-summaryout.txt