Troubleshoot Common Issues with BIUL

Application Logs

Application logs are available. The location differs based on the operating system:

  • For systemd machines, use systemd run journalctl -u pbsmc.
  • For SysV or Upstart machines, the log is located in /var/log/pbsmc.log.
  • For Windows machines, the log is located in ProgramFiles (x86)\PBSMC\pbsmc.log.

Common Error Messages

Hosts section displays credential error when selecting actions

If there are no credentials stored and an action is chosen requiring authentication, an error is displayed.

Oops, No Products Found displayed on Management page

BeyondInsight for Unix & Linux cannot locate either the Endpoint Privilege Management for Unix and Linux or BeyondInsight for Unix & Linux software to deploy.

For more information, please see Copy ISO Files to the Console Server at https://www.beyondtrust.com/docs/privilege-management/console/beyondinsight-unix-linux/install/install-windows.htm#copy-iso-files.

Unable to install EPM-UL, and AD Bridge

For more information, please see the Tasks page.

Discover does not locate a host

Verify the host is available, reachable from the network, and from an SSH-enabled port.

Unable to connect to EPM-UL using REST

For more information, please see the Tasks page. In most cases, the port is not available. Check the REST port on the Host Details page, and verify your firewall is accepting connections.

Troubleshoot Password Safe Issues

Certificates

Password Safe is installed with a self-signed certificate. If this is not changed to a trusted issuer, the certificate should be added to the BeyondInsight for Unix & Linux systems certificate store to be trusted. The following provides high-level steps on importing certificates.

  1. Copy the public certificate from the Password Safe server to the BeyondInsight for Unix & Linux server. This should be a .crt file.
  2. Install the .crt file to the system key store. The process is different depending on the operating system.

macOS

  1. Open Keychain Access, and drag the .crt file into the System node.
  2. Double-click to open and expand the Trust leaf.
  3. Select Always Trust.

Windows

  1. Click Start and type MMC.
  2. From the File menu, select Add/Remove Snap-In > Certificates > Add.
  3. Select Computer Account, and click Next.
  4. Select Local Computer.
  5. After the snap-in is added, expand Certificates and right-click Trusted Root Certification Authorities.
  6. Select All Tasks > Import and add the .crt file.

CentOS and Red Hat Linux

If not available, install ca-certificates
yum install ca-certificates 
Enable dynamic configuration
update-ca-trust force-enable
Copy the .crt
cp <cert.crt> /etc/pki/ca-trust/source/anchors/
Update the trusted list
update-ca-trust extract

Debian and Ubuntu

Copy the .crt file
cp <cert.crt> /usr/local/share/ca-certificates
Update the cert list
sudo update-ca-certificates
Refresh the cert list
sudo update-ca-certificates --fresh

For more in-depth system information, please see the appropriate operating system documentation.