cancel
Showing results for 
Search instead for 
Did you mean: 
navi147
Level 8

Block users who are not having any policy assigned.

Jump to solution

HI,

I am using Webgateway 7.2, need somehelp to fix a issue.

We have Configured LDAP authentication. I need to block user if he is not defined any rule (policy).

Thank you.

0 Kudos
1 Solution

Accepted Solutions
navi147
Level 8

Re: Block users who are not having any policy assigned.

Jump to solution

Yes, we have to write a ruleset Capture.PNGbelow ther user group rule set , but I dont have a Idea what rule to write and how its have to be.

0 Kudos
7 Replies
asabban
Level 17

Re: Block users who are not having any policy assigned.

Jump to solution

Hello,

I don´t understand what is the criteria to block a user. LDAP usually would give you a username and a list of groups as properties that you can use to configure your rules. You basically manually define which rules should be executed for what users or groups.

Probably you are looking for a way to block users based on their group membership? In this case you could look at the "Direct Proxy Auth" rule set that is in the product library, it shows how to perform authentication (which you already did) and then compares the groups against a list of allows groups. Everyone else will be blocked.

Best,

Andre

0 Kudos
navi147
Level 8

Re: Block users who are not having any policy assigned.

Jump to solution

Thanks Andre for reply.

I have a rule to Verify for Domain Authentication.  If it is true the rest of rules will be applied if authentication is flase the request will be blocked.

Next level

I have a Rule set based on IP , Rule set based on User and Rule set based on User group.

Now when a user is authenticated and if he is not mentioned in all ablove three rules ( means no rule is processed on his name or group)his request needs to be blocked.

1.PNG

0 Kudos
asabban
Level 17

Re: Block users who are not having any policy assigned.

Jump to solution

Okay. Can you add a screenshot of the "Policy" rule sets? I belive we simply need to put in another rule after all three policy mappings have been run through and add a block rule there.

Best,

Andre

0 Kudos
navi147
Level 8

Re: Block users who are not having any policy assigned.

Jump to solution

Yes, we have to write a ruleset Capture.PNGbelow ther user group rule set , but I dont have a Idea what rule to write and how its have to be.

0 Kudos
asabban
Level 17

Re: Block users who are not having any policy assigned.

Jump to solution

Hello,

I am sorry but I have to admit I can´t tell you how exactly the rule set needs to look like either, because I do not know the complete policy, the intentions behind this policy and what exactly you would like to block. The screenshot tells me that you allow all users through that do not have a specific username + category combination, but I still don´t unterstand who should be allowed and who should be blocked.

Did you create the policy on your own or was there another party involved in the process of developing the policy and setting up the MWG in the way it is now? If so it may make sense to talk to them about the requirement.

Best,

Andre

0 Kudos
navi147
Level 8

Re: Block users who are not having any policy assigned.

Jump to solution

The thing is I will allow some users or Groups to specific categories. The other users or groups who is not having any rules applied have to be blocked by default.

0 Kudos
McAfee Employee

Re: Block users who are not having any policy assigned.

Jump to solution

Perhaps that is what you are looking for?

https://community.mcafee.com/docs/DOC-3649

0 Kudos