I am spoiled, and have been doing most of my LDAP work with eDirectory, which has a utility called DSTrace which is lovely, and for LDAP specifically, will show you all the bind attempts, the source IP's, the searches passed in, a summary of the matched objects returned.
When debugging an LDAP application, like SAP GRC I was trivially able to figure out what the application was doing wrong, just by watching what it did.
I know the Security Event log will have some of this information (bind attempts at least) but there has to be a better way? Is there any such functionality?
I see a question Debugging AD that is close, but only suggests login events. I need much more on a day to day basis to manage LDAP applications.
Best Answer
For real time monitoring of LDAP, you might try the Sysinternals ADInsight tool.