Testing idenprotect Active Directory Agent

From iDENprotect Knowledge Base
Jump to: navigation, search

If you have not yet installed the idenprotect Core Platform, please see Start Here - idenprotect Core Platform

If you have not yet installed the idenprotect Active Directory Agent, please see Start Here - idenprotect Active Directory Agent


Introduction

Once the idenprotect Core Platform and idenprotect Active Directory Agent(s) have been installed and configured, you will want to test that both the WebSocket Server and WebSocket Client is active and connected. There are a few ways that this can be done.


Testing the connection

Testing the connection can most easily be done by checking that the idenprotect Core Platform shows that it has a valid LDAP connection. This test is performed as part of the idenprotect Core Platform Health Check Metrics and that page will show how to access the metrics and understand the response being given


Testing synchronization

Testing the synchronization can be done with either Standard or Administrative users. We recommend syncing Standard users for this test as it only requires connecting to a single group within Active Directory.

  1. Ensure that you have received a positive connection result (from Testing the connection above)
  2. Log in to the idenprotect Core Platform admin console and go to the Users tab
  3. Press the button called Sync
  4. You should see a popup during the synchronization process which will have numbers that will update (NOTE: If you have previously done a sync job with a normal connection and are used to seeing the number of users rise as Active Directory is read, this may initially look like nothing is happening. The idenprotect Active Directory Agent will deliver all users to the idenprotect Core Platform in a single batch after the users have been read so please give some time for this to happen - especially if a large group of users is being read, once the users are passed over, you should see the normal updates happening as idenprotect Core Platform creates/updates/deletes users as appropriate)
  5. At the end of the sync job, a message will show on the popup to say that the Sync Job is complete.


Troubleshooting

If you have any issues with the connection or sync job (for example, users not appearing after the Sync Job even though the idenprotect Core Platform has reported that the Sync Job has completed). Please check the logs for both the idenprotect Core Platform and idenprotect Active Directory Agent. These logs should give some insight into what is happening. Note that if you are not logging DEBUG logs, these may need to be switched on first, the applications restarted and then try the process again. DEBUG logs can give more detailed insight into what is happening if no errors are apparent.