Cisco Cisco Web Security Appliance S680 Guía De Instalación
1-16
Cisco Advanced Web Security Reporting 5.0 Installation, Setup, and User Guide
Chapter 1 Installation and Setup
Set Up Department Membership Query (Optional)
The membership script is set to run every day by default. The interval is set in seconds and can be
changed by navigating to Settings > Data > Data inputs > scripts and editing the interval in the
changed by navigating to Settings > Data > Data inputs > scripts and editing the interval in the
discovery
file.
You can verify that the script populated the file
departments.csv
with the user data by examining the
file
<install_home>/etc/apps/cisco_wsa_reporting/lookups/departments.csv
.
Note
On Windows, if the
departments.csv
file is not populated with data at this point, change
directory to
<install_home>\etc\apps\cisco_wsa_reporting\bin
, and run
cscript
discovery.vbs
, where
<install_home>
is
C:\Program Files\Cisco\CiscoWSAReporting
.
The membership script is set to run every day by default. The interval is set in seconds and can be
changed as per the deployment requirements.
changed as per the deployment requirements.
Restrict Access to Department Reports by Role
Before You Begin
•
Understand that if users are restricted to viewing data from specific departments or groups, Layer 4
Transport Monitor (L4TM) data will only be available to administrators because L4TM data is not
linked to a department or role.
Transport Monitor (L4TM) data will only be available to administrators because L4TM data is not
linked to a department or role.
•
Log into the Advanced Web Security Reporting application as
admin
.
Step 1
In the Advanced Web Security Reporting application,
•
Select Settings > Users and authentication > Access controls > Roles.
Step 2
Click New or edit an existing role.
Step 3
Define search restrictions for the role.
Example: To restrict a role to viewing data for the Sales Department, in the Restrict search terms field,
enter
enter
department=sales
.
Step 4
Click Save.
Troubleshooting Department Membership Reporting
Tip
•
Linux users: Verify that ldapsearch tool is in the Advanced Web Security Reporting user’s path.
•
Verify that the departments.csv file exists in the application’s lookup folder.
•
Windows users: Comment out
option explicit
to reveal more specific information the origin and
cause of an error.
•
Verify the LDAP paths are syntactically correct.
•
Verify the bind service account name is correct.
•
Verify the correct bind password is entered.
•
Test connection to the remote machine over port 389.
•
Verify the correct attribute was configured for the member name.