beautypg.com

Ldap user list format and rules – 8e6 Technologies Enterprise Filter Authentication R3000 User Manual

Page 302

background image

A

PPENDIX

E: U

SER

/G

ROUP

F

ILE

F

ORMAT

AND

R

ULES

F

ILE

F

ORMAT

: R

ULES

AND

E

XAMPLES

288

8

E

6 T

ECHNOLOGIES

, R3000 I

NTERNET

F

ILTER

A

UTHENTICATION

U

SER

G

UIDE

LDAP User List Format and Rules

When setting up the “ldapuserprofile.conf” file, each entry
must consist of the Distinguished Name (DN), with each
part of the DN separated by commas (,). The DN should be
followed by a semicolon (;), and then a rule number or rule
criteria (port, category, and filter mode specifications). A
redirect URL can be included, if a specific URL should be
used in place of the standard block page. If a redirect URL is
not included, a blank space should be entered in its place in
the profile string. Each segment of the profile string
following the semicolon for the DN should be separated by
commas (,). “0x1” should be placed at the end of a profile
string without any filter options enabled. For example:

CN=Jane Doe, CN=Users, DC=qc, DC=local; R 21 A, J

R KDPORN GPORN M PASSED I,1, , 0x1

CN=Public\, Joe Q., OU=Users, OU=Sales, DC=qc,

DC=local; Rule0, , 0x1306

NOTE: The DN format must contain the username and user
group "CN" ("common name") attribute type, and the domain and
DNS suffix "DC" ("domain component") attribute type. The "OU"
("organizational unit") attribute type also can be included. Each
attribute type should be followed by an equals sign (=), and sepa-
rated by a comma (,).

When translated, these strings of code mean:

LDAP profile for a user with username “Jane Doe”, user

group “Users”, domain “qc”, DNS suffix “.local”: Block
port 21 and Filter all other ports, Block Child Pornog-
raphy and Pornography/Adult Content, Warn on Uncate-
gorized URLs, and Pass all other categories, use filter
mode 1, use redirect URL http://www.cnn.com in place of
the standard block

page, no filter options enabled.