Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-4183: How to capture network trace on Windows

12 April,16 at 11:07 AM

Applies to:

All versions of Centrify DirectControl for Applications

Question:

How to capture network traffic from a Windows client machine accessing a Centrify server?

Answer:

The following steps need to be followed on the Windows machine where application url will be accessed.
 
1) Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development.
 
Wireshark can be downloaded here.
 
http://www.wireshark.org/download.html
 
Installing wireshark and configuring is beyond the scope of this Article. There are plenty of resources on the Internet like this one provided as a courtesy.
 
http://www.howtogeek.com/104278/how-to-use-wireshark-to-capture-filter-and-inspect-packets/
 
2) First the Browser should be configured/trained for Kerberos/SSO. Pl. see KB-0565: Configuring silent authentication for Internet Explorer & Firefox browsers
 
3) In order to get a new Kerberos ticket, the Windows client machine must be locked and unlocked with AD credentials.  Log out and login will work fine too.
 
4) Start capturing the network traffic using Wireshark.
 
5) Clear cache and open the browser and attempt access with FQDN. Let it fail. Note the name of the user in question.
 
6) Stop the capture using Wireshark
 
7) Save the network capture in pcap format. Email it to support or ftp the same if its too big.
 
8) Provide the source and destination IP addresses involved.
 

Related Articles

 articleKB-5275: How to capture network traffic from iOS devices using Fiddler articleKB-1869: How to collect a network trace on Unix and Mac systems articleKB-0446: How to Collect Debug Logs from a Samba Server articleKB-20210: Common Questions Regarding Centrify DirectControl and CoreOS articleKB-2140: Login failure for a user from cross Forest domain errors with KDC_ERR_POLICY (12) article[How To] Enable Symantec VIP MFA for Centrify Server Suite on Linux Part I articleKB-6041: How to show current license type in use by adclient article[How To] Enable Symantec VIP MFA for Centrify Server Suite on Linux Part II articleKB-6040: How to change the license type in use after adclient successful joined to the AD?