Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-4183: How to capture network trace on Windows

Centrify DirectControl Plugins ,  

12 April,16 at 11:07 AM

Applies to:

All versions of Centrify DirectControl for Applications

Question:

How to capture network traffic from a Windows client machine accessing a Centrify server?

Answer:

The following steps need to be followed on the Windows machine where application url will be accessed.
 
1) Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development.
 
Wireshark can be downloaded here.
 
http://www.wireshark.org/download.html
 
Installing wireshark and configuring is beyond the scope of this Article. There are plenty of resources on the Internet like this one provided as a courtesy.
 
http://www.howtogeek.com/104278/how-to-use-wireshark-to-capture-filter-and-inspect-packets/
 
2) First the Browser should be configured/trained for Kerberos/SSO. Pl. see KB-0565: Configuring silent authentication for Internet Explorer & Firefox browsers
 
3) In order to get a new Kerberos ticket, the Windows client machine must be locked and unlocked with AD credentials.  Log out and login will work fine too.
 
4) Start capturing the network traffic using Wireshark.
 
5) Clear cache and open the browser and attempt access with FQDN. Let it fail. Note the name of the user in question.
 
6) Stop the capture using Wireshark
 
7) Save the network capture in pcap format. Email it to support or ftp the same if its too big.
 
8) Provide the source and destination IP addresses involved.
 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.