Detecting the authentication, privilege elevation, and audit and monitoring services installation status

If you’re encountering any issues with your authentication, privilege elevation, and audit and monitoring services installation, you can run the dacheck program on your UNIX computers. The dacheck command detects the following errors in your authentication, privilege elevation, and audit and monitoring services installation:

  • Auditing binaries linkage problems
  • Disk space
  • DNS, collector, dad, adclient health
  • Logging status
  • Auditing file permissions/ownership
  • Auditing installation configuration
  • If ActiveDirectory joined
  • Auditing database integrity
  • If root in user.ignore and other criteria that affect root login
  • var/centrifyda, /tmp write permission
  • nsswitch.conf (or method.cfg, user.cfg for AIX)
  • Selinux status
  • Nscd (pwgrd) status
  • User's cdax/real shell existence, permission, ownership.
  • DNS Reverse lookup for collector's hostname
  • Report Domain Controller

To check the status of the agent and the auditing infrastructure, run the following command as a user with root privileges:

  • dacheck

The dacheck command is available in the same location as the adcheck command: /usr/share/centrifydc/bin.