Manualshelf

User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerconnect W-ClearPass Hardware Appliances
471472473474475476477478479480
For example, to permit non-administrator users to access the system only between the hours of 8:00 am and
6:00 pm, you could define the following LDAP translation rule:
The Custom rule is:
{strip}
{if stripos($user.memberof, "CN=Administrators")!==false}
1
{elseif date('H') >= 8 && date('H') < 18}
1
{else}
0
{/if}
{/strip}
Explanation: The rule will always match on the memberof” attribute that contains the user’s list of groups. The
operator field “enabled” will determine if the user is permitted to log in or not. The custom template uses the
{strip} block function to remove any whitespace, which makes the contents of the template easier to
understand. The {if} statement first checks for membership of the Administrators group using the PHP stripos
() function for case-insensitive substring matching; if matched, the operator will be enabled. Otherwise, the
server’s current time is checked to see if it is after 8am and before 6pm; if so, the operator will be enabled. If
neither condition has matched, the enabled” field will be set to 0 and login will not be permitted.
Dell Networking W-ClearPass Guest 6.4 | User Guide Operator Logins | 475