App Control: How To Collect Logs for Active Directory Integration Troubleshooting

App Control: How To Collect Logs for Active Directory Integration Troubleshooting

Environment

  • App Control Server: All Supported Versions
  • Microsoft Windows Server: All Supported Versions

Objective

To collect logs for troubleshooting AD Integration

Resolution

  1. Login to App Control Server as the service account 
  2. Confirm that the service account running the CB Protection Server/Reporter services is a domain account.
  3. Confirm that the service account has correct LDAP permission:
  4. Open an admin CMD prompt
  5. Run commands:
    cscript /U /nologo "C:\Program Files (x86)\Bit9\Parity Server\scripts\TestAD.vbs" /r EnterServerFQDNHere /v -debug 6 > C:\temp\testAD-v.txt
    
    cscript /U /nologo "C:\Program Files (x86)\Bit9\Parity Server\scripts\QueryAD.vbs" -base "toplevel" -list EnterServerFQDNHere -access EnterDomainNameHere /v -debug 6 > C:\temp\QueryAD-v.txt
  6. Login to the App Control Console
  7. Navigate to System Configuration (Gear Icon) > General Tab
  8. Under section "Active Directory / LDAP integration" click "Test"
  9. Once test is complete, click on the word "Success" or "Failure". Screenshot the Active Directory Information page that displays.
  10. Browse to https://CbServerNameHere/support.php.
  11. Under "Diagnostics tab - Server Logging" Set the Logging Duration to 30 minutes.
  12. Leave all other settings set to Minimum (Default).
  13. Click Start Logging.
  14. Browse to https://YourCbServerName/testlogin.php.
  15. Enter a test Active Directory account and their password.
  16. Click Test Login.
  17. Take a screenshot of the result.
  18. Browse to https://YourCbServerName/support.php
  19. Click Stop Logging
  20. Click on "Available Log Files" (right hand pane)
  21. Click "Download File"  for ServerLog.bt9
  22. Take a screenshot of:
    • https://YourCbServerName/support.php > Advanced Configuration tab
    • Gear Icon > System Configuration > General Tab
  23. Files to send to Carbon Black:
    • testAD-v.txt (created in step 5)
    • QueryAD-v.txt (created in step 5)
    • ServerLog{datetime}.bt9 (step 121)
    • Screenshots (steps 9 and 22)

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎05-28-2015
Views:
2382