CiscoWorks Campus Manager User Tracking: Integrating UTLite with Microsoft Active Directory
Updated:May 16, 2008
PDF(239.1 KB) View with Adobe Reader on a variety of devices
UTLite is a utility that allows you to collect usernames from Active Directory, primary domain controllers, and Novell servers. UTLite sends traps to CiscoWorks Campus Manager whenever a user logs in or logs out. These usernames will show up in the user tracking reports of Campus Manager, along with other information of the end station such as the MAC address, hostname, IP address, and so on.
Figure 1 is a sample snapshot of the username on the user tracking report.
Figure 1. Snapshot of Username on a User Tracking Report
The UTLite script is supported on these platforms:
• Windows NT
• Windows 2000
• Windows XP
• Windows 2003
• Novell Directory Services (NDS)
The UTLite script is not supported on these UNIX hosts:
To make UTLite work, you need to install UTLite on the Windows 2003 Active Directory server, Windows 2000 primary domain controllers, or Novell servers.
Following is a detailed description of how to install the UTLite script on Active Directory.
Installing the UTLite Script on Active Directory
You must install the UTLite script on the Active Directory server and update the server's logon script to get user logon information from Active Directory hosts.
You must have Administrator privileges on the Active Directory server to install the UTLite logon script.
To install the script:
1. Copy the required files to the Active Directory server:
Log in to the Active Directory server as Administrator.
Obtain the UTLite files from the CiscoWorks server:
where NMSROOT is the directory in which you installed CiscoWorks.
Copy the UTLiteNT.bat and UTLite33.exe files into the NETLOGON folder on the Active Directory server.
NETLOGON is located at:
%SystemRoot%\sysvol\sysvol\domain DNS name\scripts
where %SystemRoot% is usually C:\windows and domain DNS name is the Domain Name System (DNS) name of the domain.
If port 16236 is already in use, enter a different number. This port number must match the number that you entered in the Use Port Number field in the User Tracking > Administration > Acquisition > Acquisition Settings page.
3. Edit the user profile on the Active Directory server to run the UTLiteNT.bat file when users log in to the network by editing the profile of the user (Figure 2).
Figure 2. Active Directory User Profile
Here, in the User profile section of the window, the Profile path is set to be:
The Logon script is set to be:
4. Update the domain controller's logon script for each Windows domain that you add.
The first time users log in to the network after you edit this script, UTLite33.exe is copied to the local WINDIR directory on their Windows client system.
Verify UTLite Functions
To verify that UTLite is working, just log in to Active Directory as the user configured with the logon profile. Then you can generate a quick user tracking report in Campus Manager and check out the username associated to the end station.
Note: The switch connected to the user's end station must be managed by Campus Manager.
Everything Else to Know
Increasing the Capacity of UTLite
UTLite traps are processed by Campus Manager at the rate of 150 traps per second, with a default buffer size of 76800.
If you need a higher trap processing rate, say 300 traps per second, increase the buffer size to 102400.
To increase the buffer size:
1. Enter pdterm UTLITE at the command line to stop the UTLite process.
2. Open utliteuhic.properties located at NMSROOT\campus\lib\classpath\com\cisco\nm\cm\ut\uhic\utlite\properties\.
3. Set Socket.portbuffersize=102400.
4. Enter pdexec UTLITE at the command line to start the UTLite process.
Note: Caution - Increasing the buffer size beyond 102400 results in performance degradation of UTLite.
Step 1. If usernames are not getting populated in UTLite, first make sure Campus Manager is configured to get names from Active Directory. Go to Campus Manager/User Tracking/administration; the Acquisition Settings should be as in Figure 3.
Figure 3. Acquisition Settings
Step 2. Turn on the debugging functions for UTLite (Figures 4 and 5).
Figure 4. Debugging Options
Figure 5. Adding and Removing Modules
The UTLite debugging messages can be found in the ani.log under NMSROOT\log.
Step 3. Manually run UTLite33 from the command line of one of the end hosts.