Administration Guide > Pluggable Authentication Modules > What Happens at Deployment and Run Time > Verifying that the PAM Deployed
 
Verifying that the PAM Deployed
The first level of verification is to make sure that TDV has recognized the package that you deployed. Optionally, you can use the TDV-supplied checksum function to verify the deployment of PAM packages supplied by third parties.
To verify that TDV recognized the PAM module
1. Open Studio.
2. Expand <localhost>/Packages in the Studio resource tree.
3. Verify that the name of your package is displayed under the <hostname>/packages/<package_name> folder.
This is the value you specified in cisext-name in the manifest.mf file, plus the .jar suffix. The cisext-version value is used to identify the instance. The cisext-annotation is also visible in Studio.
4. If the PAM fails to deploy properly or does not work, try the techniques listed in Troubleshooting PAM Deployment.
To use the checksum function
1. Open a command prompt window.
2. Navigate to <TDV_install_dir>/bin.
3. Run the checksum validation against the PAM security project bundle using the following server_util syntax:
server_util -server <hostname> [ -port <port> ] [ -encrypt ]
-user <username> -password <password> [ -domain <domain> ]
-checksum <algorithm/hex-bytes> [ -verbose ]
 
For details about using server_util, see The TDV Server Utility Program.
4. If the PAM fails to deploy properly or does not work, try the techniques listed in Troubleshooting PAM Deployment.
Troubleshooting PAM Deployment
Although the deployment script may indicate success, there are several conditions under which the PAM may fail to deploy properly or simply not work:
The PAM hierarchy of objects is incomplete in Studio (e.g. 4 objects are expected but only the first two objects appear for a PAM). This was observed to occur when the MANIFEST.MF properties were not properly set. Review the minimal set of PAM manifest entries as documented.
The PAM may not execute as expected when a user logs in. The PAM code may not be correct. It is important to test the PAM for the range of valid use cases. You might also run sanity checks immediately after you add and activate the PAM. You can manage any enabled PAM module from the Security tab Login Modules page of the TDV Web Manager for the target TDV instance.
You can run a tail command on cs_server.log to observe what happens when you log in to TDV as a non-admin user.
Note: TDV admin user logon bypasses PAM handling.