Quick Reference Guide
• Verifies whether the required system resources are
available.
• Validates Active Directory configuration.
• Verifies the SSL certificate and if the certificate
signing request (key) exists.
• Acquires LDAP and Global Catalog Service records
from DNS.
• Acquires user privileges from the Active Directory
server.
• Checks the time to acquire user privileges with the
allotted time to login.
NOTE: In the event of an error, the command
displays the test that failed, all the tests performed
earlier to the test that failed, and all the error
messages.
Synopsis
testfeature -f ad -u <username> -p
<password>
[-d <diagnostic-message-level>]
Example
• testfeature –f ad –u user@domain –p
secret
SUCCESSFUL: User permissions are xxxxxppp.
The last three digits are the user's permissions.
• testfeature –f adkrb –u
user_name@domain_name
SUCCESSFUL: User permissions are
80000fff.
• testfeature -f ldap -u harold -p
barrel
SUCCESSFUL: User permissions are
0x00000fff.
testfeature -f adkrb
Description Tests the Active Directory configuration using the
Kerberos authentication (single sign-on or Smart Card
login). Use the optional -d switch to obtain additional
diagnostic information, as needed. This subcommand,
when run, performs the following:
• Checks command syntax.
• Verifies if the required system resources are available.
• Validates Active Directory configuration.
• Verifies if the SSL certificate and certificate signing
request (key) exists.
• Acquires LDAP and Global Catalog Service records
from DNS.
• Verifies if the CMC can acquire CMC, LDAP and Global
Catalog servers FQDN through reverse IP lookups.
• Verifies that the CMC principal name matches the
principal name in the uploaded Keytab file.
• Verifies that the CMC acquires a Kerberos TGT.
94