Start-AIPScannerDiagnostics

Starts a series of health checks for a locally installed AIP scanner service.

Syntax

Start-AIPScannerDiagnostics
     [-OnBehalfOf <PSCredential>]
     [-ResetConfig]
     [<CommonParameters>]

Description

This cmdlet triggers a series of diagnostic checks to verify that the scanner deployment is healthy.

Diagnostic checks include whether:

  • The database is up-to-date and accessible
  • URLs are accessible
  • An authentication token is found and the policy can be acquired
  • The profile is set in the Azure portal
  • Offline/online configuration exists and can be acquired
  • Rules are valid

Examples

Starts the diagnostic tool for a locally installed AIP scanner

PS C:\> $scanner_account_creds= Get-Credential
PS C:\> Start-AIPScannerDiagnostics -onbehalf $scanner_account_creds

This example prompts you to enter credentials for a specific account, and then Provide the credentials of the service account used to run the AIP scanner service.

Parameters

-OnBehalfOf

Defines the scanner where you want to run the diagnostics, when you are running the command under a user that is not the scanner user.

The OnBehalfOf value defines the variable that holds a credentials object. The diagnostics checks are run on the AIP scanner for the account defined by that credentials object.

Use the Get-Credential cmdlet to get the variable that stores your credentials.

Note

If you are running the command under the scanner user, this parameter is not required.

Type:PSCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ResetConfig

Resets the policy cache. When used, the policy is refreshed even if the last refresh occurred less than four hours ago.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Outputs

System.Object

Notes

  • This cmdlet requires you to define a specific scanner account in the -OnBehalfOf parameter. The OnBehalfOf parameter requires you to run your PowerShell session as an Administrator.

  • Diagnostic checks do check for scanner deployment prerequisites. This cmdlet is supported only after you have the scanner deployed and your profile configured.

    For more information, see Deploying the Azure Information Protection scanner.