APPENDIX A USER/GROUP FILE FORMAT AND RULES

LDAP User List Format and Rules

When setting up the “ldapuserprofile.conf” file, each entry must consist of the Distinguished Name (DN), with each part of the DN separated by commas (,). The DN should be followed by a semicolon (;), and then a rule number or rule criteria (port, category, and filter mode specifications). A redirect URL can be included, if a specific URL should be used in place of the standard block page. If a redirect URL is not included, a blank space should be entered in its place in the profile string. Each segment of the profile string following the semicolon for the DN should be separated by commas (,). A zero (0) should be placed at the end of a profile string without any filter options enabled. For example:

CN=Jane Doe, CN=Users, DC=qc, DC=local; R 21 A, J J FINAN Q, 1, http://www.cnn.com, 0x2

CN=Public\, Joe Q., OU=Users, OU=Sales, DC=qc, DC=local; Q, R AUTO GENTER I, 1, ,0x4

NOTE: The DN format must contain the username and user group "CN" ("common name") attribute type, and the domain and DNS suffix "DC" ("domain component") attribute type. The "OU" ("organizational unit") attribute type also can be included. Each attribute type should be followed by an equals sign (=), and sepa- rated by a comma (,).

When translated, these strings of code mean:

LDAP profile for a user with username “Jane Doe”, user group “Users”, domain “qc”, DNS suffix “.local”: Block port 21 and Filter all other ports, White List and Open Financial Category and Block all other categories, use filter mode 1, use redirect URL http://www.cnn.com in place of the standard block page, X Strikes Blocking filter option enabled.

8E6 TECHNOLOGIES, R3000 ENTERPRISE FILTER AUTHENTICATION USER GUIDE

215

Page 227
Image 227
8e6 Technologies R3000 manual Ldap User List Format and Rules, When translated, these strings of code mean