×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
TrueSight Middleware and Transaction Monitor 8.1 ... Administering Defining user access and security settings Configuring Active Directory security

Verifying Active Directory configuration with ADCheck

The ADCheck command validates the configuration of TrueSight Middleware and Transaction Monitor for Active Directory security. This single command runs several tests to ensure that your system is properly prepared.

Related topics

Configuring Active Directory security 

Obtaining and installing an Active Directory server private certificate on a client system

ADCheck command syntax 

ADCheck [-d][-w]

where:

  • -d enables verbose debugging mode. The default is non-verbose debugging.
  • -w writes new security certificate information to the keystore. The default is to not write security certificates into your keystore.

By specifying the -w option, the ADCheck command captures the SSL security certificates that were transmitted by the Active Directory servers. These certificates are then used when connecting to the Domain Controllers in the future.

Note

Using the transmitted security certificate might pose a security hazard to your system. If the certificate was transmitted by some system other than the real Active Directory servers, your system could be vulnerable to a man-in-in-middle attack. The secure alternative is to get copies of the Active Directory SSL security certificates or CA certificates from your network administrator.

If your network is configured with multiple Active Directory servers in a round-robin configuration, ADCheck verifies connections to all servers.

To run ADCheck

Go to the InstallDir, and enter the ADCheck command, and press Enter.

The program then executes several tests to verify the configuration.

If necessary, you can add the option -d, which increases the verbosity of the test results that are run. When all the tests have completed, the message "All tests have completed successfully" is displayed. Your system should be properly configured.

Sample output from a successful ADCheck test

(C) Copyright 1996-2017 BMC Software, Inc.
All Rights Reserved.
Version 8.1.00 (build 410)
Verifying services.cfg
Configuration is using AD for authentication, internal directory for authorization
ADS connection using SSL
Verifying keystore
Keystore appears correct
Verifying keystore
Keystore appears correct
Checking domain controllers
Verifying domain controllers Security Certificates
Server ad.sample.com/172.22.96.45 is reachable, average 297(ms)
Verifying SWS operations
Using Active Directory domain name = ad.sample.com
Verifying service user TopicService
Verifying service user HistoryService
Verifying service user EventService
Verifying service user ProactiveNetService
Verifying service user ReportService
Verifying service user ClientGatewayService
Verifying service user BrowserService
There are 8 Users in the namespace scope
There are 6 Groups in the namespace scope
Checking product functionality
System is keyed for BMC TrueSight Middleware and Transaction Monitor - Performance and Availability and Transaction Monitoring
BTM permissions are adequate
TSMA Security Settings not checked, not configuring ldap
All tests have completed with 0 errors, 0 warnings.
Was this page helpful? Yes No Submitting... Thank you
Last modified by Ashley Pearson on Jun 06, 2017
administration active_directory verification access_control

Comments

Log in or register to comment.

Obtaining and installing an Active Directory server private certificate on a client system
Sample Active Directory configuration settings for Delegate mode
© Copyright 2015 BMC Software, Inc.
© Copyright 2019 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.