There is an quick and easy way to see what policies applied in realtime using the command line
If you havn´t had time to check out the nsconmsg command, this post will help you master it.
The command can be used with the AGGE, rewrite and responder policies, and i find that it´s the fastest way to debug what is going on.
The first thing you need to know, is that you have to be in shell mode, for it to work, so after you SSHd into the Netscaler (I prefer to use Putty http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html on Windows and just use the buildin on my Mac)
After you got access to the shell, you can use nsconmsg, the parameters that i mostly use is the this:
nsconmsg -d current -g pol_hits
When an user logs on to the AGEE, it will display which authentication policies that was used and the session policies (if the login was successful of course) an output will look like this:
This picture shows what policies was hit in realtime.
There are a couple of other paramets that are helpful:
nsconmsg –d current | egrep –i rewrite/responder depending if you want check for rewrites or responder policies.
Hopefully this quick post will help Netscaler administrators to debug AGEE, rewrite and responder policies in realtime.
My next blog post will be about authentication troubleshooting in realtime also.