Articles‎ > ‎

Troubleshooting with dirt

posted Dec 19, 2008, 3:54 PM by Philip Rinehart   [ updated Dec 19, 2008, 3:55 PM by Greg Neagle ]
Written by Philip Rinehart   
Thursday, 29 March 2007


Never heard of this handly little command line utility?  From the manual page description:

The dirt tool is a command line utility for testing Directory Services.  Common usages are to do simple authentication tests on various nodes (including search node) as well as repetitive stress testing 

Using the dirt tool, you can test whether authentication is working correctly against Active Directory.   Upon success the Active Directory username and Active Directory password, with a Success message are echoed back to the command line.  If it fails, a Directory Services error message will be returned.  Note that the Active Directory username and password are both returned in clear text.

An example:

 dirt -m "/Active Directory/All Domains" -u activedirectoryusername -p activedirectorypassword

A couple of notes:

  • The -u flag uses the username from the node you are testing against, in the above example it is the Active Directory username
  • The -p flag uses the password from the username that is being tested.  In the above example, it is the Active Directory account password
  • The node is the Search node as referenced in Directory Access.  In the above example, all Active Directory domains are searched.
  • Local administrative privileges are not required to use this tool. 

It can also be used to test whether a given user account exists in any node.

dirt -u username -n

After this search, any node that the user is located in will be returned.  Only nodes are returned when the command is used this way.  As an example, if the previous command was issued, the following information is echoed back on the command line.

User username was found in:
/Active Directory/domainname