XYGATE User Authentication Reference Manual
XYGATE
®
User Authentication
™
(XUA) 1.85 Reference Manual
Chapter 12. Configuring the LDAP Interface
XYPRO Technology Corporation 85 Proprietary and Confidential
12.11 Troubleshooting the XUA and LDAP Servers’ Communication
If XUA controls logons and the logon or test outcome produce unexpected results, you
can use the TESTLDAP script to test an LDAP server availability outside of XUA.
The TESTLDAP program can be invoked from the Guardian space by running
XUA_EXECUTE_LDAP_PROXY macro. Using the trace option will give the trace data.
In the below dialogs, if more than one LDAP authentication group has been
configured, an additional prompt may appear asking for the LDAP group name to be
selected.
TESTLDAP TRACE - command turns on tracing.
The TESTLDAP HELP command displays usage of the command.
Example 1 How to invoke help for testldap
$SYSTEM XYGATEUA 39> testldap help
Usage: TESTLDAP [TRACE | HELP | LOOKUP ]
$SYSTEM XYGATEUA 40>
The TESTLDAP LOOKUP command invokes the lookup test features.
Example 2 How to test the lookup feature
$SYSTEM XYGATEUA 39> testldap lookup
Sel LDAP_GROUP LDAP_HOST
---- ----------------------------- -----------------------------
1) LD1 ldap1.example.com
2) LD2 ldap2.example.com
3) LD3 ldap3.example.com
4) LD4 ldap4.example.com
Selection?2
Users container :dc=xyz,dc=local
Lookup attribute :samaccountname
DN attribute :dn
Search user :xyz-ftp
Search Password :
Enter User :ldap-1
Password : BIND_BY_TYPE returns 0 Container=dc=xyz-23,dc=local Lookup attribute
samaccountname=xua-1 DN attribute=dn Search user=xyz-ftp Search pass=pass1
Returned DN: CN=xyz-ftp,CN=Users,DC=XYZ-23,DC=LOCAL
BIND_BY_TYPE returns 0
User Id: ldap-1
Access allowed: 0
Example 3: How to Invoke the testldap program using the macro
$SYSTEM XYGATEUA 4> XUA_EXECUTE_LDAP_PROXY
Sel LDAP_GROUP LDAP_HOST
---- ----------------------------- -----------------------------
1) LD1 ldap1.example.com
2) LD2 ldap2.example.com