Netdiag is a set of pre-defined commands that can be used from the console of the SMA (KACE Systems Management Appliance) that can be used by support and customers to help troubleshoot issues regarding the appliance. Most of the commands are also avaiable in the SDA (KACE Systems Deployment Appliance) and RSA (KACE Remote Site Appliance, the SDA slave appliance)
Login: netdiag
Password: netdiag
NOTE: Starting in version 12.0 of the KACE SMA, the password for the netdiag utility can be changed from default. For further details please see: How to change default configuration passwords
Commands
Manipulates the kernel's ARP cache in various ways. The primary options are clearing an address mapping entry and manually setting up one. For debugging purposes, the arp program also allows a complete dump of the ARP cache.
Most commonly used command is arp -a
A flexible tool for interrogating DNS name servers.
It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried.
Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output.
Example(s):
dig + trace example.com
For reverse lookup:
dig -x ip address +short or dig -x +short ipaddress
Disable Single-Sign-On for the KACE SMA. This command does not affect LDAP authentication configuration
Disable SAML authentication for selected organizations, as well as, systemui (starting in version 12.0 of the KACE SMA). After running this command SAML configuration should be adjusted as necessary in System or Admin UI settings.
A system administration utility in Unix like operating systems to configure, control, and query Tcp/IP network interfaces parameters from a command line interface (CLI) or in system configuration scripts.
Example(s):
KBOX# ifconfig -a
lo0: flags=8049 mtu 16384
options=3
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
gif0: flags=8010 mtu 1280
stf0: flags=0
en0: flags=8863 mtu 1500
ether b8:8d:12:0a:b1:dw
inet6 fe80::vcng:12ff:fe0a:b1fa%en0 prefixlen 64 scopeid 0x4
inet 10.0.1.10 netmask 0xffffff00 broadcast 10.0.1.255
media: autoselect
status: active
p2p0: flags=8843 mtu 2304
ether 0a:8d:35:a9:fa
media: autoselect
status: inactive
utun0: flags=8051 mtu 1380
inet6 fe80::c94b:ba34:ecqc:1b4f%utun0 prefixlen 64 scopeid 0x6
inet6 fd04:960:e41b:841c:c94b:be34:ecac:1b4f prefixlen 64
This utility displays kernel I/O statistics on terminal, device and CPU operations.
The first statistics that are printed are averaged over the system Uptime.
To get information about the current activity, a suitable wait time should be specified, so that the subsequent sets of printed statistics will be averaged over that time.
iostat -w 1 da0 da1 cd0
Display statistics for the first two Direct Access devices and the first CDROM device every second ad infinitum.
Example(s):
KBOX# iostat -w 1 da0 da1 cd0
tty da0 cpu
tin tout KB/t tps MB/s us ni sy in id
0 1 40.07 8 0.32 0 0 1 0 98
0 44 4.00 0 0.00 0 0 0 0 100
0 15 0.00 0 0.00 0 0 0 0 100
0 15 0.00 0 0.00 0 0 1 0 99
iostat -c 2
Display the statistics for the first four devices in the system twice, with a one second display interval.
Example(s):
KBOX# iostat -c 2
tty da0 pass0 cpu
tin tout KB/t tps MB/s KB/t tps MB/s us ni sy in id
0 1 40.07 8 0.32 0.00 0 0.00 0 0 1 0 98
0 62 12.53 59 0.72 0.00 0 0.00 0 0 2 0 98
iostat -t da -t cd -w 1
Display statistics for all CDROM and Direct Access devices every second ad infinitum.
Example(s):
KBOX# iostat -t da -t cd -w 1
tty da0 cpu
tin tout KB/t tps MB/s us ni sy in id
0 1 40.06 8 0.32 0 0 1 0 98
0 44 0.00 0 0.00 0 0 0 0 100
0 15 0.00 0 0.00 0 0 0 0 100
0 15 0.00 0 0.00 0 0 0 0 100
iostat -t da,scsi,pass -t cd,scsi,pass
Display statistics once for all SCSI passthrough devices that provide access to either Direct Access or CDROM devices.
Example(s):
KBOX# iostat -t da,scsi,pass -t cd,scsi,pass
tty pass0 cpu
tin tout KB/t tps MB/s us ni sy in id
0 1 0.00 0 0.00 0 0 1 0 98
iostat -h -n 8 -w 1
Display up to 8 devices with the most I/O every second ad infinitum.
Example(s):
KBOX# iostat -h -n 8 -w 1
tty da0 pass0 cpu
tin tout KB/t tps MB/s KB/t tps MB/s us ni sy in id
0 1 39.81 8 0.31 0.00 0 0.00 0 0 1 0 98
0 62 0.00 0 0.00 0.00 0 0.00 0 0 0 0 100
0 21 0.00 0 0.00 0.00 0 0.00 0 0 0 0 100
iostat -dh -t da -w 1
Omit the TTY and CPU displays, show devices in order of performance and show only Direct Access devices every second ad infinitum.
Example(s):
KBOX# iostat -dh -t da -w 1
da0
KB/t tps MB/s
39.81 8 0.31
0.00 0 0.00
0.00 0 0.00
iostat -Iw 3
Display total statistics every three seconds ad infinitum.
Example(s):
KBOX# iostat -Iw 3
tty da0 pass0 cpu
tin tout KB/t xfrs MB KB/t xfrs MB us ni sy in id
0 1 39.81 3308834 128632.41 0.00 0 0.00 0 0 1 0 98
iostat -odICTw 2 -c 9
Display total statistics using the old-style output format 9 times, with a two second interval between each measurement/display.
The -d flag generally disables the TTY and CPU displays, but since the -T and -C flags are given, the TTY and CPU displays will be displayed.
Example(s):
KBOX# iostat -odICTw 2 -c 9
tty da0 pass0 cpu
tin tout blk xfr msps blk xfr msps us ni sy in id
0 12634421733308931 2.0 0 0 0.0 0 0 1 0 98
Helps to restore to various good state including restore to factory and restore from backup on KBox disk.
krestore factory
To reset your KBox to factory defaults
krestore backup
To restore from current backup
krestore network
To try and update the OS network setting to match the DB.
krestore createbackup
Runs the nightly backup script overwriting the current backup
Resets the password for the local 'admin' username.
You must provide username/password from another user with an Admin role applied.
Example(s):
kbox# reset_admin_password
username:company_admin
password:*******
This script will now reset the admin password. Are you sure (Yes/No)? Yes
System's Admin password has been reset to 'admin'.
Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
Example(s):
To display the statistics for only the TCP or UDP protocols, type one of the following commands:
netstat -sp tcp
netstat -sp udp
Is a program to query Internet domain name servers.
Nslookup has two modes: interactive and non-interactive.
Example(s):
nslookup 10.0.1.4
nslookup google.com
Uses the ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway.
ECHO_REQUEST datagrams (``pings'') have an IP and ICMP header, followed by a struct timeval and then an arbitrary number of "pad'' bytes used to fill out the packet.
Example(s):
ping 127.0.0.1
ping google.com
This utility deletes all patches from the K1000. It does not modify any information within the database; it simply deletes all patch payloads and signatures from the disk. If no changes are made to configuration, all patch payloads and signatures will be re-downloaded at the next scheduled patch feed synchronization.
Note: Please make sure this is a step you want to take. Purging patches will remove all patch payloads and signatures from your appliance. This means a fresh download will need to occur afterward, and depending upon the size of your environment and bandwidth available to you, this can take several minutes to several hours. It can also negatively affect synchronization to replication shares and failure to detect or deploy patches to endpoints. This utility very rarely resolves a patch download issue, and if there is any question about whether or not it may resolve a particular issue, please contact KACE Support.
Use Case #1: The disk has filled and is causing the K1000 to be unable to fully boot properly. Purgepatches can be used in this situation to reclaim enough disk space to allow for full system boot. However, if patch settings are not adjusted to accommodate for the lack of disk space, the issue will occur again after the next patch feed synchronization.
Press Y to confirm when running the command.
Example(s):
KBOX# purgepatches
Purge Patch Files? y|n [n]:
Soft way to reboot the server versus pressing power button.
When you run this command it does not prompt so use wisely.
Example(s):
KBOX# reboot
Manipulates the kernel's IP routing tables.
Its primary use is to set up static routes to specific hosts or networks via an interface after it has been configured with the ifconfig program.
When the add or del options are used, route modifies the routing tables.
Without these options, route displays the current contents of the routing tables.
Example(s):
route add -net 127.0.0.0
Adds the normal loopback entry, using netmask 255.0.0.0 (class A net, determined from the destination address) and associated with the lo device (assuming this device was previously set up correctly with ifconfig.
route add -net 192.56.76.0 netmask 255.255.255.0 dev eth0
Adds a route to the network 192.56.76.x via eth0. The Class C netmask modifier is not really necessary here because 192.* is a Class C IP address. The word dev can be omitted here.
route add default gw mango-gw
Adds a default route (which will be used if no other route matches). All packets using this route will be gatewayed through mango-gw.
The device which will actually be used for that route depends on how we can reach mango-gw - the static route to mango-gw will have to be set up before.
route add ipx4 sl0
Adds the route to the ipx4 host via the SLIP interface (assuming that ipx4 is the SLIP host).
route add -net 192.57.66.0 netmask 255.255.255.0 gw ipx4
This command adds the net "192.57.66.x" to be gatewayed through the former route to the SLIP interface.
route add -net 224.0.0.0 netmask 240.0.0.0 dev eth0
This is an obscure one documented so people know how to do it.
This sets all of the class D (multicast) IP routes to go via eth0
This is the correct normal configuration line with a multicasting kernel.
route add -net 10.0.0.0 netmask 255.0.0.0 reject
This installs a rejecting route for the private network 10.x.x.x.
This starts the ftp daemon
Example(s):
startftpd
This starts the SSH daemon
Example(s):
startsshd
Shows the system information.
Example(s):
KBOX# systeminfo
FreeBSD 7.0-Stable amd64
System Information
Manfacturer: Vmware, Inc.
Product Name: Vmware Virtual Platform
Version: none
Serial number: Vmware-56 34 34 34 34 34 34 34 34
UUID: 564DEDB2-AAAA-A343-A345-A34434355
Wake-up Type: Power Switch
SKU Number: Not specified
Family: Not specified
Provides an ongoing look at processor activity in real time.
It displays a listing of the most CPU-intensive tasks on the system, and can provide an interactive interface for manipulating processes.
It can sort the tasks by CPU usage, memory usage and runtime.
It can be better configured than the standard top from the procps suite.
Most features can either be selected by an interactive command or by specifying the feature in the personal or system-wide configuration file.
See below for more information.
Example(s):
KBOX# top
last pid: 81397; load averages: 0.00, 0.00, 0.00 up 5+00:44:00 17:32:44
158 processes: 1 running, 157 sleeping
CPU states: % user, % nice, % system, % interrupt, % idle
Mem: 217M Active, 43M Inact, 140M Wired, 7212K Cache, 60M Buf, 69M Free
Swap: 512M Total, 359M Used, 152M Free, 70% Inuse
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
1220 root 1 44 0 27352K 1260K select 0 1:22 0.00% vmtoolsd
1025 root 1 44 0 23420K 920K select 0 1:06 0.00% snmpd
1010 root 1 8 0 167M 4344K nanslp 0 0:29 0.00% php
926 root 1 8 0 147M 3452K nanslp 1 0:25 0.00% php
1017 root 1 8 0 138M 6164K nanslp 0 0:20 0.00% php
905 root 1 8 0 165M 6124K nanslp 1 0:14 0.00% php
969 root 1 8 0 151M 3392K nanslp 1 0:14 0.00% php
934 root 1 8 0 151M 3352K nanslp 0 0:10 0.00% php
639 root 1 44 0 8960K 1476K select 0 0:07 0.00% ntpd
1031 root 1 44 0 18088K 4376K select 0 0:05 0.00% perl
669 root 1 44 0 13852K 1120K select 0 0:04 0.00% nmbd
983 root 1 8 0 166M 2548K nanslp 1 0:02 0.00% php
910 root 1 4 0 4764K 812K kqread 0 0:02 0.00% kmsgr.7.0-am
1152 root 1 8 0 5736K 972K nanslp 1 0:01 0.00% cron
77324 root 1 44 0 250M 16504K select 0 0:01 0.00% httpd
541 root 1 44 0 4684K 892K select 0 0:00 0.00% syslogd
77433 www 1 4 0 253M 31468K accept 1 0:00 0.00% httpd
This will override the httpd settings and start httpd on port 80 only.
Example(s):
KBOX# httpd80
Then go to K1000 Security Settings to make repairs/adjustments to the SSL settings and save changes.
Are you sure you want to do this? y/n
This will show you what version of the OS the appliance is, along with if it is 64 or 32 bit, depending on what switches you use.
Example(s):
[netdiag@kbox.kace.com ~]$ uname -a
FreeBSD kbox.kace.com 7.0-STABLE FreeBSD 7.0-STABLE #0: Thu May 1 14:53:40 UTC 2008 tom@beavis.tomwhit.org:/usr/obj/usr/usr/src/sys/KBOX1200 amd64
FreeBSD kbox.kace.com 7.0-STABLE FreeBSD 7.0-STABLE #0: Thu May 1 14:53:40 UTC 2008 tom@beavis.tomwhit.org:/usr/obj/usr/usr/src/sys/KBOX1200 i386
[netdiag@kbox.kace.com ~]$ uname -i
KBOX1200
[netdiag@kbox.kace.com ~]$ uname -m
AMD64
amd64 = 64-bit appliance
i386 = 32-bit appliance
KBOX1200 - Model
shows the informations about the Two Factor Authentication keys which are needed to access the backend by KACE support
shows the last upgrade log. Can be used to decide what caused an upgrade failure
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center