Management and Configuration Guide (Includes ACM xl) 2005-12

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

191

192

193

194

195

196

197

198

199

200

5-50 ProCurve Secure Access 700wl Series Management and Configuration Guide

Configuring Authentication

Note: The HTML Template fields are cleared after you update the template file. You can tell if

a template file is in use by the presence of the “Last Update at...” message, see Figure 5-30. If

the default web page is in use, no message appears.

» To clear a template file and return to the default (built-in) page, click Reset to Defaults.

The default page is restored and the “

Last Update at...” message is removed.

Note:

Clicking Reset to Defaults will not delete any graphics you have loaded.

Tools and Options

The Tools and Options tab provides several options that help you manage and troubleshoot your Rights

configuration. This area includes the following features:

• The User Rights Simulator — shows you the Connection Profile, Identity Profile, Access Policy, the

logon expiration, and a detailed list of rights in XML format for a user you specify at a location and

time you specify. You can use this to determine whether your Rights Assignment configuration is

working as you expect, or to determine what rights a particular user would have if they logged on

at a particular time through a particular Access Controller port.

• The Authentication Transaction Tracer — attempts to authenticate a user you specify using the

Authentication Service you specify, and displays the information sent to and received from the

service. You can use this to verify that an Authentication Service you have configured is working

correctly.

• Import/Export Rights — lets you export the rights configuration and save it on an external system,

or import a saved rights configuration from an external file. You can use this to copy a rights

configuration from one Access Control Server to another. You can also use this as a method for

modifying a rights configuration offline, by editing the saved configuration file.

Simulating User Rights

You can use the User Rights Simulator to view the rights that a particular user would receive if they

were logged on at a specific time and location. The 700wl Series system matches the user to an Identity

Profile based on authentication via the Authentication Service you specify, and matches the user to a

Connection Profile based on the Access Controller port, VLAN ID and connection time you specify. It

then uses the Identity Profile and Connection Profile to determine the Access Policy appropriate for this

user from the Rights Assignment table.

Note:

The User Rights Simulator does NOT show you the actual rights of a user who is currently logged

on, but shows you the rights a user would have as if they were logged on at a particular time and location.

To view the current rights for a logged-on user, see “Viewing Client Status” on page 3-6.

» To use the User Rights Simulator, click the Tools and Options tab visible at the top of any Rights module

page. This displays the Simulate User Rights page, as shown in Figure 5-31.

You can also access the User Rights Simulator from the Trace Transaction or Import/Export Rights

pages by clicking the

Simulate User Rights link in the left-hand column.