Detecting the authentication, privilege elevation, and audit and monitoring services installation status
If you’re encountering any issues with your authentication, privilege elevation, and audit and monitoring services installation, you can run the dacheck
program on your UNIX computers. The dacheck
command detects the following errors in your authentication, privilege elevation, and audit and monitoring services installation:
- Auditing binaries linkage problems
- Disk space
- DNS, collector, dad, adclient health
- Logging status
- Auditing file permissions/ownership
- Auditing installation configuration
- If ActiveDirectory joined
- Auditing database integrity
- If root in user.ignore and other criteria that affect root login
- var/centrifyda, /tmp write permission
- nsswitch.conf (or method.cfg, user.cfg for AIX)
- Selinux status
- Nscd (pwgrd) status
- User's cdax/real shell existence, permission, ownership.
- DNS Reverse lookup for collector's hostname
- Report Domain Controller
To check the status of the agent and the auditing infrastructure, run the following command as a user with root
privileges:
dacheck
The dacheck
command is available in the same location as the adcheck
command: /usr/share/centrifydc/bin
.