LOGIN
TRY IT NOW
Why Centrify
Products
Solutions
Customers
Partners
Company
Toggle navigation
Why Centrify
Products
Solutions
Customers
Partners
Company
Cusomer Support Portal
Knowledge Base
Manage Support Cases
Support Policies
Submit a Case
Centrify Trust
Documentation
Downloads
Support
Search Tips
Tips for finding Knowledge Articles
- Enter just a few key words related to your question or problem
- Add Key words to refine your search as necessary
- Do not use punctuation
- Search is not case sensitive
- Avoid non-descriptive filler words like "how", "the", "what", etc.
- If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
- Minimum supported Internet Explorer version is IE9
Related Articles
No related Articles
Home
>
KB-1869: How to collect a network trace on Unix and Mac systems
Product:
Authentication Service
,
Mac & PC Management Service
,
Published:
12 April,16 at 11:02 AM
Rating:
Rate This Article
Like
0
Dislike
0
Version
Published on
Show Properties
Hide Properties
First Published
10/28/2013 12:47 PM
Last Modified
10/23/2017 3:40 PM
Last Published
4/12/2016 11:02 AM
Article Audience
Products
Authentication Service
,
Mac & PC Management Service
Operating Systems
All
Service
Centrify Infrastructure Services
Article Number
000056684
Summary
How to collect a network trace on Unix and Mac systems
Question:
What are the steps needed to collect a raw network trace from a Centrify-joined system?
Answer:
For UNIX systems:
Perform the following steps as root or sudo:
Edit /etc/centrifydc/centrifydc.conf and temporarily edit the parameter below:
adclient.ldap.packet.encrypt: Disabled
Restart adclient as follows:
# /usr/share/centrifydc/bin/centrifydc restart
Start the network trace:
For Linux machines:
tcpdump -i <ETHERNET INTERFACE NAME> -s 0 -w <NAME FOR THE FILE>
Example:
tcpdump -i <ETHERNET INTERFACE NAME> -s 0 -w /tmp/login.pcap
For Solaris machines:
snoop -d <ETHERNET INTERFACE NAME> -s 0 -o <NAME FOR THE FILE>
Example:
snoop -d ge0 -s 0 -o /tmp/login.pcap
When the target traffic has been captured, hit Control + C to stop the trace.
Zip send in the packet trace to Support
Restore the "adclient.ldap.packet.encrypt" back to "Enabled" and reload the configuration file.
For Mac systems:
Check the following Apple KB to determine the correct interface to use:
http://support.apple.com/kb/HT3994
Make sure SSH has been enabled on the Mac: System Preferences > Sharing > "Remote Login"
Login to the Mac as Local Admin and open the Mac Diagnostic Tool
http://community.centrify.com/t5/The-Centrify-Apple-Guys/Introducing-the-New-Mac-Diagnostic-Tool/ba-p/11328
Make sure that the CentrifyDC mode on the first screen says: Connected.
Go to the Debug / Logs section and click in order:
[ Flush AD Cache ]
[ 0. Clear Debug Log Files ]
[ 1. Enable / Disable Debugger ]
(The Debug Status will switch to: ON )
From another computer, connect to the Mac via SSH and also login with Local Admin credentials.
Start the network trace (Run the tcpdump command from the Apple KB.)
Login as the affected AD account and reproduce the reproduce the issue.
On the SSH connection, hit Control + C to stop the trace.
On the Mac itself, log back in as Local Admin and go back to the Diagnostic Tool > Debug / Logs
- (The pcap trace just captured will also be seen on the Desktop)
Enter the affected AD username in the box on the left and press:
[ 1. Enable / Disable Debugger ]
[ 2. Save Debug Log files to Desktop ]
(The Debug Status will switch to: OFF )
Send the DumpFile01.pcap and Full_Log_Pack.zip files from the Desktop to Support.
Related Articles
No related Articles
