XYGATE User Authentication Reference Manual
XYPRO Technology Corporation 137 Proprietary and Confidential
Chapter 16. What-if Testing
The What-if mode can be used to test UAGroup rules before putting the rules into
production. The testing can be done based on any logon control configuration settings.
The What-if mode can also be used to test that userids and aliases are being correctly
mapped to the correct IDs in the LDAP, RSA or RADIUS databases.
And the What-if mode can also be used to research logon questions, such as why a
particular logon failed.
Syntax:
RUN $SYSTEM.XYGATEUA.XYGATEUA ACCESS [<UAACL filename> [<UACONF filename>]]
You can test against a non-production UAACL file, if you like, by entering the filename.
If no filenames are specified, XUA uses the UAACL and UACONF files present in its
subvolume.
Syntax For Access Check:
<operation> <To_ID> [{<password> | *} [<From_ID> [{<requestor> | *}
[{<ancestor> | *} [{<port> | *} [<predicted result> [<predicted UAGROUP>]]]]]]]
Where:
Operation LOGON/CHECK Permission
To_ID
Target ID (userid, user name, alias:"<alias>"). Cannot
be wildcarded.
password
The value to respond with for authentication.
The asterisk (
* ) indicates the password is not being supplied
yet. The program will prompt for the password.
Impersonation format:
<impers-chars><impers-user><impers-chars><password>
Example using <impers-chars> of // and user TEST.USER01:
//TEST.USER01//<password>
From_ID
The ID (userid, user name, alias:"<alias>") requesting
the logon. Defaults to current user if omitted or
*
is used.
requestor
The process making the requested operation; that is, a fully
qualified object file name, such as $SYSTEM.SYSnn.TACL or
$SYSTEMZTPIP.FTPSERV.
You can also append a process name as in the following
example: $SYSTEM.SYS02.TACL:$XYZ