Troubleshooting Directory Query

If Directory Query is not performing as expected, you might need to troubleshoot issues or change settings.

Collect logs

The information is saved as a ZIP file that you can download with your browser.

  1. From the Main menu, go to Administration > Shared Services > Directory Query and then click Help .
  2. From the Troubleshooting tab, select the solutions for which to gather troubleshooting packages and then click Create Packages.
    By default, all solutions are selected.
  3. When the packages are ready, click Download Packages.
    ZIP files of all the selected packages download to the local download directory.

    Some browsers might block multiple downloads by default. Make sure to configure your browser to permit multiple downloads from the Tanium Console.

  4. Contact Tanium Support to determine the best option to send the ZIP file. For more information, see Contact Tanium Support.

Tanium Directory Query maintains logging information in the Directory Query.log file in the \Program Files\Tanium\Tanium Module Server\services\Directory Query directory.

Perform monthly maintenance

  1. From the Main menu, go to Administration > Shared Services > Directory Query.
  2. Review the Domains grid for errors. Hover over an Error icon Error to display a popup with the error message.
  3. To troubleshoot errors, see Troubleshooting satellite configuration.

Unable to connect to the domain: 204 No Content

Issue

Newly created domains show a pending status with a 204 No Content message when you hover over the status. This missing status does not indicate a failure.

Solution

Run a Criticality sync or restart the Directory Query service.

Troubleshooting satellite configuration

If satellite synchronization is not working as expected, check for error messages in Directory Query. The following table lists contributing factors into satellite synchronization issues and corrective actions you can make.

Contributing factor or error message Corrective action
A domain does not use TLS. Update the domain connection to use TLS. Edit the domain connection to use TLS. See Add a domain.

One of the following error messages:

  • Failed to connect to Direct Connect. Test the Direct Connect connection to the endpoints, then try again.
  • Failed to authenticate a satellite. Test the Direct Connect connection to the endpoints, then try again.
  • Failed to establish a connection to a satellite. Test the Direct Connect connection to the endpoints, then try again.
  • Satellite not found. Test the Direct Connect connection to the endpoints, then try again.
 Confirm that Direct Connect can connect to the satellite. See Tanium Direct Connect User Guide: Troubleshoot endpoint connection issues.
A satellite does not have the latest version of Direct Connect. Deploy the latest version of Direct Connect to the satellites.
  1. Verify that all endpoints have the latest version of Direct Connect installed using the following sensor: Get Computer Name and Endpoint Configuration - Tools Status matches Direct Connect\|.* from all machines with Endpoint Configuration - Tools Status matches Direct Connect\|.*
  2. Deploy the Endpoint Configuration- Reinstall Tools [Windows] package to any endpoints with older Direct Connect versions. See Tanium Endpoint Configuration User Guide: Reinstall one or more tools installed by Endpoint Configuration.
An error occurred saving sync settings. Try again. Try again. If that does not work, Contact Tanium Support.
Connection issues between the satellite and the Active Directory server.

See the following Microsoft Documentation articles:

Uninstall Directory Query

If you need to uninstall Directory Query, perform the following steps.

  1. Sign in to the Tanium Console as a user with the Administrator role.
  2. From the Main menu, go to Administration > Configuration > Solutions.
  3. In the Content section, select the Directory Query row and click Uninstall.
  4. Review the summary and click Yes to proceed with the uninstallation.
  5. When prompted to confirm, enter your password.

Contact Tanium Support

To contact Tanium Support for help, sign in to https://support.tanium.com.