CLI Guide
• Veries the SSL certicate and if the certicate signing request (key) exists.
• Acquires LDAP and Global Catalog Service records from DNS.
• Acquires user privileges from the Active Directory server.
• Checks the time to acquire user privileges with the allotted time to login.
NOTE: In the event of an error, the command displays the test that failed, all the tests
performed earlier to the test that failed, and all the error messages.
Synopsis
testfeature -f ad -u <username> -p <password> [-d <diagnostic-message-
level>]
Example
• testfeature –f ad –u user@domain –p secret
SUCCESSFUL: User permissions are xxxxxppp.
The last three digits are the user's permissions.
• testfeature –f adkrb –u user_name@domain_name
SUCCESSFUL: User permissions are 80000fff.
• testfeature -f ldap -u harold -p barrel
SUCCESSFUL: User permissions are 0x00000fff.
Table 106. Details of testfeature -f adkrb
Description Tests the Active Directory conguration using the Kerberos authentication (single sign-on or Smart
Card login). Use the optional -d switch to obtain additional diagnostic information, as needed. This
subcommand, when run, performs the following:
• Checks command syntax.
• Veries if the required system resources are available.
• Validates Active Directory conguration.
• Veries if the SSL certicate and certicate signing request (key) exists.
• Acquires LDAP and Global Catalog Service records from DNS.
• Veries if the CMC can acquire CMC, LDAP and Global Catalog servers FQDN through reverse IP
lookups.
• Veries that the CMC principal name matches the principal name in the uploaded Keytab le.
• Veries that the CMC acquires a Kerberos TGT.
• Acquires user privileges from the Active Directory server.
• Checks the time to acquire user privileges with the allotted time to login.
NOTE: In the event of an error, the command outputs all tests performed up to and
including the test that failed, and all the error messages.
Synopsis
testfeature -f adkrb -u <username> [-d <diagnostic-message-level>]
Table 107. Details of testfeature -f ldap
Description Tests LDAP conguration and operation, and reports success as each stage of the authentication
process proceeds. After successful completion, this command prints the CMC privileges assumed by
the specied <username>.
If a failure occurs, the command stops with an error message that displays the required corrective
action. Use the optional -d switch to obtain additional diagnostic information, as needed.
Synopsis
testfeature -f ldap -u <username> -p <password> [-d <diagnostic-
message-level>]
RACADM Subcommand Details 91