Cisco Cisco Web Security Appliance S160 Guía Del Usuario
20-21
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
Chapter 20 Authentication
Testing Authentication Settings
Testing Process
When you test authentication settings, the Web Security appliance first verifies
that the settings you entered for the realm are in valid formats. For example, if a
field requires a string and it currently contains a numeric value, the appliance
informs you of that error.
that the settings you entered for the realm are in valid formats. For example, if a
field requires a string and it currently contains a numeric value, the appliance
informs you of that error.
If all fields contain valid values, the appliance performs different steps, depending
on the authentication protocol. If the realm contains multiple authentication
servers, the appliance goes through the testing process for each server in turn.
on the authentication protocol. If the realm contains multiple authentication
servers, the appliance goes through the testing process for each server in turn.
The appliance continues testing all servers in the realm and determines as many
failures as possible for each server. It reports the testing outcome of each server
in the realm.
failures as possible for each server. It reports the testing outcome of each server
in the realm.
LDAP Testing
The appliance performs the following steps when you test LDAP authentication
settings:
settings:
Step 1
It ensures that the LDAP server is listening on the specified LDAP port.
Step 2
If Secure LDAP is selected, the appliance ensures the LDAP server supports
secure LDAP.
secure LDAP.
Step 3
It performs an LDAP query using the supplied Base DN, User Name Attribute,
and User Filter Query.
and User Filter Query.
Step 4
If the realm includes Bind Parameters, the appliance validates them by forming an
LDAP query with the Bind Parameters.
LDAP query with the Bind Parameters.
Step 5
If Group Authorization is provided, the appliance ensures that the specified group
attributes are valid by fetching the groups from the server.
attributes are valid by fetching the groups from the server.
NTLM Testing
The appliance performs the following steps when you test NTLM authentication
settings:
settings:
Step 1
It ensures that the specified Active Directory server is reachable and responds to
queries.
queries.