Question
How can I validate a case's integrity?
Answer
There are two different methods to validate a case
- DBConfig utility
- DBControl Command Line Option.
Note: Exterro reccomends that no processing, collections, or exports occur during the time the validation is running.
The time it takes for a validation to complete will depend on the number of cases you have, the size of those cases, the health of your envrionment, and how much is found that needs to be rectified by the validation tool. Could range anywhere from a few minutes to a day or more.
DBConfig
Note: Using DBConfig will validate all cases in the database. To validate a single case, DBControl should be used.
The DBConfig utility can be found at this location
[drive]:\Program Files\AccessData\Forensic Tools\<version>\bin
1. Find DBConfig.exe in the bin folder, Right Click and choose to "Run as Administrator". Note: You must be logged into windows with the service account, or an account that has admin rights to the SQL database.
2. Select the configuration so that it is highlighted in Blue, and click Validate.
- Click the box for "Check All Options" unless directed otherwise by the exterro support team.
- Choose the correct Authentication Mode for the Evidence Database. Note: for MSSQL users, this will be "Windows Authentication". For Postgres Users, it will be Database authentication and you will need to enter "postgres" as the System User and whatever password you set during install.
- Enter the appropriate Application Database information if required. If not required, this option will be grayed out. Applies to versions 7.5 and older.
- Optional to click "Show Warnings". Warnings are issues that the validation tool found and was able to recitfy.
- Click Validate. The utility will then proceed to validate all cases in the database. Note: If the "Validate" button is greyed out, you are using a Windows account that does not have admin rights to the SQL database, or you have entered incorrect credentials.
- When completed, a window will pop up saying "Validation Successful" or it will provide a list of failure messages that it was unable to rectify. Please copy these text from the failure window and send it to support@exterro.com
DBControl
Note: If you need to validate only one case, and do not wish to validate your entire database, you need to use this section of the guide. The DBConfig section of the guide can only be used to validate the entire database.
DBControl.exe is a Command Line Interface (CLI) tool and can be found in one of the following locations.
[drive]:\Program Files\AccessData\Forensic Tools\<version>\bin
Option 1:
- Open a Command Prompt window as an administrator. Note: You should be logged into windows with the service account or an account that has admin rights to the database. Alternatively, you can choose "Run as another user" and enter the credentials for an account that does have those rights.
- Type: cd C:\Program Files\AccessData\Forensic Tools\8.0\bin
- Press Enter
Option 2:
- Navigate to the version folder above.
- Hold the Shift Key and Right Click the "bin" folder
- Select Open Command Prompt Here
- Type one of the following Commands: Note: Validate will only check for warnings/failures. Validate Fix will attempt to fix any warning or failures that it finds. The Number at the end is the CaseID of the case you want to validate.
DBControl.exe dbtype=XXXXX host=XXXX -Validate 3
DBControl.exe dbtype=XXXXX host=XXXX -Validate Fix 3
Examples:
DBControl.exe dbtype=MSSQL Host=ABCSQLSERVER - Validate 4
DBControl.exe dbtype=postgres Host=localhost -Validate Fix 4
If necessary, the system will prompt for the database SA password. Type the password and then press Enter. If the system reports "validate successful" at the end, the validation completed successfully. If "validate successful" does not appear and there are other warning and/or errors, please report these to support@exterro.com for assistance.
Overview
Validating a case can be useful in different scenarios and may be requested by support as part of troubleshooting a specific issue. It is strongly encouraged that a case (or all cases) be validated before backing up and/or archiving. Backing up a corrupt case may result in a failure to restore the case. A successful validation is also required prior to any upgrade attempts.