If Provision is not performing as expected, you might need to troubleshoot issues or change settings.
The information is saved as a ZIP file that you can download with your browser.
- From the Provision Overview page, click Help .
- Click Download Support Bundle.
A tanium-provision-support-<timestamp>.zip file downloads to the local download directory.
- Contact Tanium Support to determine the best option to send the ZIP file. For more information, see Contact Tanium Support.
Tanium Provision maintains logging information in the provision.log file in the \Program Files\Tanium\Tanium Module Server\services\provision-files\logs directory.
If you have issues during the endpoint provisioning process, you can review the following logs to troubleshoot possible causes.
You can also use Client Management to directly connect to an endpoint and collect the following logs. For more information, see Tanium Client Management User Guide: Collect troubleshooting information from endpoints.
Linux PXE and ODJ endpoints
macOS PXE and ODJ endpoints
Windows PXE and ODJ endpoints
<Tanium Client>\Logs\provision-linux.log - shows the various activities that happen when you boot the device into the Linux image, such as formatting, partitioning, downloading, and so on
<Tanium Client>\Logs\provision-systemd.log - shows messages from the browser and service that are used in the Linux image, in case something is not working as expected
<Tanium Client>\Logs\provision-os.log - shows all the activities while in the new Windows OS
<Tanium Client>\Logs\provision-pe.log - shows all the activities while in Windows PE, such as applying the Windows image, injecting drivers, and so on
<Tanium Client>\Logs\provision-refresh.log - shows the start of the OS refresh process, running in the current Windows OS
After successful OS imaging and installation of the Tanium Client, the logs are copied to <Tanium Client>\Logs and the C:\_t contents are deleted. If the Tanium Client did not successfully install, logs are copied to C:\Windows\temp\logs instead.
PXE Linux environment
- From the Main menu, go to Modules > Provision > Overview.
- Scroll to the Health dashboard to verify that the Provision service is running as expected on Provision endpoints.
- If the Health dashboard indicates that the Provision service is not running on Provision endpoints:
- Click Provision Endpoints to see details about the service status and versions for all Provision endpoints.
- To see additional details about a particular endpoint, click Additional Data beside that endpoint.
- To investigate deployment issues, see Monitor a deployment.
If you have an invalid or expired license, you can no longer access the Provision workbench or upgrade Provision. You might also encounter this error if any required dependencies are missing.
- Update your license to restore full functionality for Provision.
- Verify that all Required dependencies are installed.
If the endpoint stops responding during the Provision Linux boot image, you can use the following steps to perform some basic troubleshooting.
- Launch Terminal and use the Ctrl+Alt+F1 keyboard shortcut to switch from the graphical user environment to the text based console.
You can use the Ctrl+Alt+F2 keyboard shortcut to switch back to the graphical user environment.
- To sign in to the Linux Environment, enter root for the user name. No password is required.
- Enter the following commands to check IP address information:
- IP address: enter ip address
- Routing information: enter ip route
- DNS configuration: enter cat /etc/resolv.conf
- To review storage information, enter sudo fdisk -l.
- Collect logs for Tanium Support.
- To navigate to where the Provision logs are located, enter cd /tmp.
- To create an archive of the logs, enter tar czf /tmp/provision.tar.gz /tmp/*.
- To copy the archive to a remote SMB share, enter smbclient //myServer.myDomain.com/share - U myDomain/myUserName and then enter put provision.tar.gz at the SMB prompt.
When a provisioning endpoint is configured with Intel Rapid Restore Technology (RAID), booting to the USB media does not find the storage drive.
RAID is not supported. Switch the BIOS/firmware to AHCI mode.
When multiple PXE servers exist in the local network, the PXE boot request accepts the response from whichever PXE server responds first. If the PXE boot request does not boot to the Tanium PXE service, it is likely that a different PXE server responded before a Tanium PXE service did.
Check with your network team to determine if any PXE servers are configured in DHCP (scope options 66 and 67).
The provisioning process does not appear to be complete and Other User cannot sign in.
You must use non-OEM product keys, except on Enterprise editions and Windows Server operating systems.
The system is missing the storage drivers.
- Download the Dell Windows PE driver pack CAB file from Dell Technologies: WinPE 10 driver pack.
- Extract the contents of the file into a folder.
- Copy the contents of \winpe\x64\storage\HHN7T_A00-00\F6\NonVMD\f6flpy-x64 (Intel Rapid Storage Technology Driver) into the C:\Users\Administrator\Documents\utility\ADKPrep\amd64\drivers folder.
The HHN7T part of the folder name could change if the driver is updated.
- To create a new adk_amd64.zip file in the /Documents folder, run the ADKPrep.ps1 script in an elevated command prompt.
- From the Provision OS Bundles page, update any existing OS bundles to use the new adk_amd64.zip file.
Wait for the status of the OS bundles to change from Updating to Ready.
- When the Dell logo appears in the PXE endpoint, select the F12 key and then select ONBOARD NIC (IPV4).
If the computer account already exists for the specified computer name, the ODJ blob creation fails because the service does not specify to overwrite the existing computer object in AD.
Make sure that the computer account does not already exist.
This issue is less likely to occur because Provision appends a numeric suffix to the computer name if needed. For example, if you specify myComputer for the computer name, Provision tries myComputer first. If myComputer already exists, Provision tries myComputer-1, and continues to increase the suffix if that account already exists.
Bootable media created with the -Bundles option hangs with [ERR_INVALID_URL]: Invalid URL log message for isolated endpoints if any OS bundle includes an ODJService or AdminPassword setting.
Network connectivity to a Tanium PXE server is required by OS bundles that includes an ODJService or AdminPassword setting. To work around this issue:
- Specify OS bundles that do not include an ODJService or AdminPassword setting, or
- Establish network connectivity on the endpoint.
To contact Tanium Support for help, sign in to https://support.tanium.com.
Last updated: 9/19/2023 3:03 PM | Feedback