XYGATE User Authentication Reference Manual
XYGATE
®
User Authentication
™
(XUA) 1.85 Reference Manual
Chapter 12. Configuring the LDAP Interface
XYPRO Technology Corporation 82 Proprietary and Confidential
MAP re:"^control-" delete
MAP re:"^*.$" APPEND "@MYCOMPANY.LOCAL"
!Selection Criteria:
FROM_USER $EVERYONE
TO_USER $TECH-IDS $APPL-IDS $QA-IDS
UAGROUP EVERYONE-ELSE
LDAP_AUTHENTICATE OFF
!Selection Criteria:
FROM_USER $EVERYONE
TO_USER $EVERYONE
Users not included in the TO_USER line of the UAGROUP LDAP-AUTHENTICATE,
will be evaluated based on the following UAGROUP EVERYONE-ELSE, and
authenticated via Safeguard.
12.9 Testing the LDAP Interface and User Mapping
Before you run XUA, you should test your configurations.
Important! XUA does not run in warning mode. The initial configuration must be
tested before the software is enabled as the authentication SEEP in Safeguard.
Once configuration is done, you may run XYGATEUA in ACCESS, EXPLAIN, or
SERVER modes. Refer to Chapter 16, “What-if Testing” starting on page 137 for
instructions on how to test XUA in those modes.
Note: Only EXPLAIN mode shows the ID mapping (see example below).
Example: Sample EXPLAIN mode test
1> RUN XYGATEUA EXPLAIN
Access check:logon "qa-LDAP8jxj" * 0,0
Alias : qa-LDAP8jxj
User : QA.NEXT8JXJ (222,212) on 2007-01-16 10:48:13.801319
User Expires : * None *
Password Expires : * None *
Password May Change : * None *
Password Must Change : Every 90 days
Password Expiry Grace : 21 days
Last Logon : 2006-09-13 13:42:13.162144
Last Unsuccessful Lgn : 2007-01-16 10:46:22.574923
Fail count : 13
Static fail count : 121
Frozen/Thawed : Thawed
Last Modification Time: 2007-01-16 10:46:22.574923
From User : 000,000 NULL.NULL
Requestor : $NONE $NONE.NONE.NONE
Ancestor : $NONE $NONE.NONE.NONE
To User : 222,212 qa-LDAP8jxj (alias)
Port : $NONE $NONE.NONE.NONE
Dialog ID : 001 Tag=0 Dialog=On
State : 01 Initial
Options : 0000000000000001
Option 15: Logon