Use the netsh trace command to capture communication activities
between the user terminal and the NES server, while performing
the action that fails.
For example, to troubleshoot the issue where a user terminal cannot retrieve Nymi-enabled Application(NEA) certificates
from NES, perform the following steps:
-
On the NES server, open up a command prompt as
administrator, and then type netsh trace start capture=yes
tracefile=.\capture_server.etl scenario=internetserver
-
On the user terminal, open up a command prompt as administrator, and then type netsh trace start capture=yes tracefile=.\capture_client.etl scenario=internetclient
-
Delete all the files in the C:\Windows\System32\config\systemprofile\AppData\Roaming\Nymi\NSL\randomstring\ksp directory
-
Perform the action to trigger the certificate retrieval.
For example:
- If a user terminal the Evidian EAM Client software
cannot retrieve certificates, restart the Enterprise Access Management
Security Services service.
- If the enrollment terminal cannot retrieve the certificates, log into
the Nymi Band Application.
-
Wait about a minute and then from the command prompt on both the user terminal
and the NES server, type netsh trace
stop
The netsh command records the command line output
into the filename that you specified with the tracefile
option in the current directory.
-
Optional, to convert the output file to a text file, type the following command netsh trace convert input=filename.etl
The command creates a text file with the same name as the .etl file in the current directory.
-
For ease of analysis, retrieve .etl file from the machine and use the etl2pcapng tool to convert the file into to a
.pcapng file.
-
Use an application such as WireShark to analyze the output to determine the communication path between components.
Comments
0 commentsPlease sign in to leave a comment.