How can I verify that an LDAP Profile is Active?


This article applies to:

  • Web Filter (WF/WFR/R3000) 

Question:

  • How can I verify that an LDAP Profile is Active?

Procedure:

The Active Profile Lookup window is a useful tool for the global administrator to use to find out whether or not an LDAP profile is active.
1. In the System section of the user interface, select Diagnostics > Active Profile Lookup to display the Active Profile Lookup window
2. In the User IP/MAC Address field, enter the IP address or MAC address of the end user.
3. Click Lookup to verify whether or not an LDAP profile is active for that IP/MAC address.

If an LDAP filtering profile is active, a pop-up box opens containing the Result frame that displays profile settings applied to the profile:


The default Login Summary tab displays the following information:
• Domain name - LDAP domain name.
• Profile name - Distinguished Name for the LDAP profile.
• User login name - path of the LDAP profile on the domain. For a workstation profile, this path includes the workstation name.
• Rule name - if this profile uses a non-custom rule, the rule number displays.
• Profile Type - “Regular profiles” displays greyed-out.

A check mark inside a green circle displays in the Pass, Allow, Warn, Block column for the filter setting assigned to the category group/library category for the end user. These filter settings indicate the following:
• Pass - URLs in this category will pass to the end user.
• Allow - URLs in this category will be added to the end user’s white list.
• Warn - URLs in this category will warn the end user that the URL he/she requested can be accessed, but may be against the organization’s policies. The end user can view the URL after seeing a warning message and agreeing to its terms.
• Block - URLs in this category will be blocked.
• Quota - If a number displays in this column, the corresponding category group/library category was set up as passed but with a time limit, as defined by the number of minutes in that column. After spending 75 percent of the allotted time visiting URLs in that group/category, the user receives a quota warning message; after spending 100 percent of the allotted time visiting URLs in that group/category, he/she receives a quota block page.
At the bottom of the Rule Details frame, Uncategorized Sites are set to “Pass”, “Warn”, or “Block”, indicating that the selected setting applies to any non-classified URL. If the Overall Quota field is enabled, the user is restricted to the number of minutes shown here for visiting URLs in all groups/categories collectively in which a quota is specified.
• Blocked Ports (optional) - ports that have been set up to be blocked, if established.
• Redirect URL (optional) - the URL that will be used for redirecting the user away from a page that is blocked, if established.
• Filter Options (optional) - filter options to be used in the user’s profile: “X Strikes Blocking”, “Google/Bing/
Yahoo!/Youtube/Ask/AOL Safe Search Enforcement”, “Search Engine Keyword Filter Control”, and/or “URL Keyword Filter Control” with/without the “Extend URL Keyword Filter Control” option selected.
5. Click the “X” in the upper right corner of the pop-up box to close it.

 

Notes:

If the user is getting Global group (Deafult) profile, after click Lookup will display "No active profile".


Last Modified 1/6/2012.
https://support.trustwave.com/kb/KnowledgebaseArticle14430.aspx