The DeliverPoint product download also contains a tool called DPChecker. In this blog post we are going to look at what DeliverPoint Checker is, and how to use it.
To give a full view of your users and permissions across SharePoint – DeliverPoint must integrate with both SharePoint and Active Directory and crawl both sources. If you are running on a test setup – your servers may not be as well spec’d as your production environment and this crawl may take some time. What you do not want to happen is for the crawl to take a long time – and at the end you discover that things have not been configured correctly! This is where the DPChecker tool comes in handy – as it is designed to do pre-installation checks and test that DeliverPoint will work in the environment you are using it as you expect. With DPChecker you can test Active Directory (Domain, Forest) connections and interrogation, SharePoint connections and FormsBasedAuthentication supported store interrogation for SharePoint.
DPChecker is a stand-alone desktop application tool and works for all versions of SharePoint (2007, 2010, 2013). It requires at least .Net framework 3.5 installed to run. If you want to test the FBA Interrogation you must run DPChecker on a server that has SharePoint installed.
Here is the main view of DPChecker after launching it:
In the latest version (1.5) 3 main features are supported:
- Test Active Directory Interrogation
- Test Forms Based Authentication Stores Interrogation
- Try Domain Connections
Test Active Directory Interrogation:
This feature allows you to test whether Active Directory users/groups can be crawled.
Here are the steps how to configure and test AD interrogation:
1. Registering forests using “Forests” section
2. Click “Add” – it will create a new entry with an empty configuration
3. Enter the forest name – You must enter the DNS name of the forest.
4. Enter the username and password of the user who will be used to perform specified forest (all it subdomains) users/groups enumeration. You can check “Use current logon credentials” to use current logged in user for selected forest crawl.
5. Click on “Update” button to apply new configuration.
6. If you need to delete an existing forest registration, use “Delete” button. You cannot delete the current forest.
7. Anytime you need to change existing forests registration settings, you must select the forest name from the list, edit its settings (credentials, name) and press “Update”.
8. If you need to exclude some domains from interrogation, you have to use the “Excluded Domains” section. Add DNS or NetBIOS names of domains you want to exclude and be sure that “Enable domains exclusion” check box is checked.
9. Use “AD Crawl Settings” section to put limits on the crawl. Interrogation will stop after reaching the specified count for each operation (0 indicates to no limit).
10. If you want to have the result in a log file you can specify this before the crawl process using the “Log” section (Browse, then Save).
Click on “Test AD interrogation” button. A special view will be opened and you will see crawling progress there. If you try to close this window during the crawl process, you will be informed about stopping the current crawl. Here is an example result:
Test Forms Based Authentication Stores Interrogation:
It is also possible to test current registered FBA stores for SharePoint web applications.
This feature has no any special configuration. Your only choice is whether to log the results and then click on the “Test FBA interrogation” button.
Sample results are shown below:
Try Domain Connections:
DPChecker has the ability to test a simple connection to a specified domain. You will see an error message if the connection fails:
After testing with DPChecker and being confident the domain account has the necessary permissions to crawl the parts of AD you are interested in, be sure to configure DeliverPoint Forest settings using the same settings you used in DPChecker. It will help ensure that when DeliverPoint tries to crawl your authentication store it will be successful.