Quick Reference Guide
The last three digits are the user's permissions.
• testfeature –f adkrb –u
user_name@domain_name
SUCCESSFUL: User permissions are 80000fff
• testfeature -f ldap -u harold -p barrel
SUCCESSFUL: User permissions are 0x00000fff
testfeature -f adkrb
Description Tests the Active Directory configuration using Kerberos
authentication (single sign-on or Smart Card login). Use
the optional -d switch to obtain additional diagnostic
information, as needed. This subcommand when executed
performs the following:
• Checks command syntax.
• Verifies if the required system resources are
available.
• Validates Active Directory configuration.
• Verifies if the SSL certificate and certificate
signing request (key) exists.
• Acquires LDAP and Global Catalog Service
records from DNS.
• Verifies if the CMC can acquire CMC, LDAP and
Global Catalog servers FQDN through reverse IP
lookups.
• Verifies that the CMC principal name matches the
principal name in the uploaded Keytab file.
• Verifies that the CMC acquires a Kerberos TGT.
• Acquires user privileges from the Active Directory
server.
• Checks the time to acquire user privileges with
the allotted time to login.
NOTE: In the event of an error, the command outputs
all tests performed up to and including the test that
failed, as well as all error messages.
Synopsis
testfeature -f adkrb -u <username> [-d
<diagnostic-message-level>]
testfeature -f ldap
101