8e6 Technologies Enterprise Filter Authentication R3000 User Manual

Size:
6.79 Mb
Download

CHAPTER3: NT AUTHENTICATIONSETUPCREATE AND MAINTAIN NT PROFILES

This window is used for viewing profile information about a group, and for adding members to a group.

In the Group Details frame, the following details display:

Group name, Domainname, and Domain Type. Members that belong to the group display in the Members list box in the Add Member to Profile frame.

To add a member to the tree list so that a profile can be created for that member:

1.Select the entity from the Members list box.

2.Click Add.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

119

CHAPTER3: NT AUTHENTICATIONSETUPCREATE AND MAINTAIN NT PROFILES

Add or maintain an entity’s profile

Select the NT domain, and choose Profile from the pop-upmenu to display the default Category tab of the Profile window:

Fig. 3-12Group Profile window, Category tab

The Profile window is used for viewing/creating the filtering profile of the defined entity (group or member). Entries made in the Category, Redirect URL, and Filter Options tabs comprise the profile string for the entity.

120

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER3: NT AUTHENTICATIONSETUPCREATE AND MAINTAIN NT PROFILES

Category Profile

Category Profile is used for creating the categories portion of the filtering profile for the entity.

NOTE: In order to use this tab, filtering rules should already have been set up via the Rules window, accessible from the Global Group options, and the minimum filtering level should already be established. The minimum filtering level is set up in the Minimum Filtering Level window, accessible from the Global Group options. See the R3000 User Guide for more information about these windows.

By default, “Rule0 Minimum Filtering Level” displays in the Available Filter Levels pull-down menu, and the Minimum Filtering Level box displays “Child Pornography” and Pornography/Adult Content”. By default, Uncategorized Sites are allowed to Pass.

NOTE: By default, theAvailable Filter Levels pull-downmenu also includes these three rule choices: Rule1 BYPASS”, “Rule2 BLOCK Porn”, “Rule3 Block IM and Porn”, and “Rule4 8e6 CIPA Compliance”.

To create the category portion of the entity’s filtering profile:

1.Select a filtering rule from the available choices:

If you select a filtering rule from the Available Filter Levels pull-downmenu, this action automatically populates the Blocked Categories, Pass Categories, and/or Always Allowed list box(es) in the Rule Details frame with library categories set up as blocked, passed, or included in the white list for that rule.

If you select a library category from the Blocked Categories, Pass Categories, or Always Allowed list box, and use the right arrow (>) or left arrow (<) to move that category to another list box, the Available Filter Levels pull-downmenu changes to “Custom Profile”.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

121

CHAPTER3: NT AUTHENTICATIONSETUPCREATE AND MAINTAIN NT PROFILES

TIP: Multiple categories can be selected by clicking eachcategory while pressing the Ctrl key on your keyboard. Blocks of categories can be selected by clicking the first category, and then pressing the Shift key on your keyboard while clicking the last category.

2.Click the “Pass” or “Block” radio button to specify whether all Uncategorized Sites should pass or be blocked.

3.Click Apply to apply your settings at the entity’s filteringlevel.

Redirect URL

Click the Redirect URL tab to display the Redirect URL page of the Profile window:

Fig. 3-13Group Profile window, Redirect URL tab

122

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER3: NT AUTHENTICATIONSETUPCREATE AND MAINTAIN NT PROFILES

Redirect URL is used for specifying the URL to be used for redirecting users who attempt to access a site or service set up to be blocked.

1.Specify the type of redirect URL to be used: “Default Block Page”, or “Custom URL”.

If “Custom URL” is selected, enter the redirect URL in the corresponding text box. Users will be redirected to the designated page at this URL instead of the block page.

2.Click Apply to apply your settings.

Filter Options

Click the Filter Options tab to display the Filter Options page of the Profile window:

Fig. 3-14Group Profile window, Filter Options tab

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

123

CHAPTER3: NT AUTHENTICATIONSETUPCREATE AND MAINTAIN NT PROFILES

Filter Options is used for specifying which filter option(s) will be applied to the entity’s filtering profile.

1.Click the checkbox(es) corresponding to the option(s) to be applied to the filtering profile: “X Strikes Blocking”, “Google/Yahoo! Safe Search Enforcement”, “Search Engine Keyword Filter Control”, “URL Keyword Filter Control”. If URL Keyword Filter Control is selected, the “Extend URL Keyword Filter Control” option can be selected.

NOTE: See the R3000 User Guide for information about Filter Options.

2. Click Apply to apply your settings.

Remove an entity’s profile from the tree

To remove a group or member’s profile from the tree, select the profile in order to open the pop-upmenu, and choose Remove.

124

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER4: LDAP AUTHENTICATIONSETUPCREATE AN LDAP DOMAIN

CHAPTER4: LDAP AUTHENTICATION

SETUP

Create an LDAP Domain

In the Group section of the console, add an LDAP domain that contains entities to be authenticated.

Add the LDAP domain

1.Click LDAP in the control panel to open the pop-upmenu, and select Add Domain to open the Create LDAP Domain dialog box:

Fig. 4-1Create LDAP Domain box

2.In the LDAP Server IP field, enter the IP address of the authentication server.

3.In the LDAP Server Port field, enter the LDAP server port number. By default, enter389.

4.In the LDAP Domain Label field, enter the name of the LDAP domain. This entry does not need to match the NetBIOS name.

5.Click Apply to add the domain to the tree. This action takes you directly to the LDAP domain window (see View, modify, enter LDAP domain details).

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

125

CHAPTER4: LDAP AUTHENTICATIONSETUPCREATE AN LDAP DOMAIN

Refresh the LDAP branch

Click LDAP in the control panel to open the pop-upmenu, and selectRefresh whenever changes have been made in this branch of the tree.

View, modify, enter LDAP domain details

Double-clickLDAP in the control panel to open the LDAPbranch of the Group tree. Select the LDAP domain you added, and choose Domain Details from thepop-upmenu to display the default Type tab of the LDAP Domain Details window:

Fig. 4-2Domain Details window, Type tab

126

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER4: LDAP AUTHENTICATIONSETUPCREATE AN LDAP DOMAIN

The LDAP domain window is comprised of the following wizard tabs: Type, Group, User, Address, Account, SSL, Alias List, and Default Rule. By going through the entire wizard, domain details are established for the LDAP domain, preparing the LDAP domain for group and user filtering profile setup. After all entries are made on the wizard tabs, the domain can be activated.

WARNING: The instructions in this user guide have been documented based on standard default settings in LDAP for Microsoft Active Directory Services. The suggested entries and examples may not be applicable to all other server types, or if any changes have made to default settings on the LDAP Active Directory server.

LDAP Server Type

Based on the entries made when creating the LDAP domain, the R3000 will attempt to auto-detectthe type of server being used, and if successfully detected, the appropriate LDAP Server Type radio button will be selected on the Type tab.

The following options are available: “Microsoft Active Directory Mixed Mode”, “Microsoft Active Directory Native Mode”, “Sun One, Sun IPlanet or Netscape Directory Server”, “Novell eDirectory”, and “Other”. If the server type is not detected, “Other” will be selected.

The server type setting on this tab defines the content that displays on all other tabs of the wizard.

NOTES: If the server type is changed on this tab, object type settings will be overwritten with the new object type settings. Usersettings will not be modified.

If “Novell eDirectory” is selected, and the Novell eDirectory Agent option is enabled in the Enable/Disable Authentication window, the Default Rule tab lets you configure a backup server. See Default Rule for Novell eDirectory.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

127

CHAPTER4: LDAP AUTHENTICATIONSETUPCREATE AN LDAP DOMAIN

• Click Next to go to the Group tab.

WARNING: The contents of the tabs for User and Group do not normally need to be changed. The settings on these tabs are made automatically when you select the server type at the beginning of the setup process. Unless youhave made changes to the Schema of your LDAP server and are sure of the consequences of altering these settings, do not alter anything in these tabs. The only action you need to execute on these tabs is to confirm the settings by clicking the Next button at the bottom of the window, until you reach the Address tab.

Group Objects

The Group tab is used for including or excluding group objects in the LDAP domain.

Fig. 4-3Domain Details window, Group tab

128

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE