Product Documentation

authentication Policy

Sep 12, 2016

The following operations can be performed on "authentication Policy":

add | rm | set | unset | show | rename | stat

add authentication Policy

Adds an advanced authentication policy. The policy defines the criteria under which the NetScaler appliance attempts to authenticate the user.

Synopsys

add authentication Policy <name> -rule <expression> -action <string> [-undefAction <string>] [-comment <string>] [-logAction <string>]

Arguments

name

Name for the advance AUTHENTICATION policy.

Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Cannot be changed after AUTHENTICATION policy is created.

The following requirement applies only to the NetScaler CLI:

If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my authentication policy" or 'my authentication policy').

rule

Name of the NetScaler named rule, or a default syntax expression, that the policy uses to determine whether to attempt to authenticate the user with the AUTHENTICATION server.

action

Name of the authentication action to be performed if the policy matches.

undefAction

Action to perform if the result of policy evaluation is undefined (UNDEF). An UNDEF event indicates an internal error condition. Only the above built-in actions can be used.

comment

Any comments to preserve information about this policy.

logAction

Name of messagelog action to use when a request matches this policy.

rm authentication Policy

Removes the advance authentication policy.

Synopsys

rm authentication Policy <name>

Arguments

name

Name of the advance authentication policy to remove.

set authentication Policy

Modifies the specified parameters of a authentication policy.

Synopsys

set authentication Policy <name> [-rule <expression>] [-action <string>] [-undefAction <string>] [-comment <string>] [-logAction <string>]

Arguments

name

Name of the advance authentication policy to modify.

rule

Name of the NetScaler named rule, or a default syntax expression, that the policy uses to determine whether to attempt to authenticate the user with the AUTHENTICATION server.

action

Name of the authentication action to be performed if the policy matches.

undefAction

Action to perform if the result of policy evaluation is undefined (UNDEF). An UNDEF event indicates an internal error condition. Only the above built-in actions can be used.

comment

Any comments to preserve information about this policy.

logAction

Name of messagelog action to use when a request matches this policy.

unset authentication Policy

Use this command to remove authentication Policy settings.Refer to the set authentication Policy command for meanings of the arguments.

Synopsys

unset authentication Policy <name> [-undefAction] [-comment] [-logAction]

show authentication Policy

Displays the current settings for the specified advance authentication policy. If no policy name is provided, displays a list of all advance authentication policies currently configured on the NetScaler appliance.

Synopsys

show authentication Policy [<name>]

Arguments

name

Name of the advance authentication policy.

Outputs

rule

The name of the new rule associated with the policy.

action

The name of the authentication action associated with the policy.

stateflag

undefAction

Action to perform if the result of policy evaluation is undefined (UNDEF). An UNDEF event indicates an internal error condition. Only the above built-in actions can be used.

comment

Any comments to preserve information about this policy.

logAction

Name of messagelog action to use when a request matches this policy.

hits

Number of hits.

boundTo

The entity name to which policy is bound

activePolicy

priority

bindPolicyType

policyType

nextFactor

On success invoke label.

gotoPriorityExpression

Expression specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE.

description

Description of the policy

vserverType

policySubType

devno

count

rename authentication Policy

Renames the specified authentication policy.

Synopsys

rename authentication Policy <name>@ <newName>@

Arguments

name

Existing name of the authentication policy.

newName

New name for the authentication policy. Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) hash (#), space ( ), at (@), equals (=), colon (:), and underscore characters.

The following requirement applies only to the NetScaler CLI:

If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my authentication policy" or 'my authentication policy').

Example

rename authentication policy oldname newname

stat authentication Policy

Displays authentication statistics for all advanced authentication policies, or for only the specified policy.

Synopsys

stat authentication Policy [<name>] [-detail] [-fullValues] [-ntimes <positive_integer>] [-logFile <input_filename>] [-clearstats ( basic | full )]

Arguments

name

Name of the advanced authentication policy for which to display statistics. If no name is specified, statistics for all advanced authentication polices are shown.

detail

Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.

fullValues

Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated

ntimes

The number of times, in intervals of seven seconds, the statistics should be displayed.

Default value: 1

Minimum value: 0

logFile

The name of the log file to be used as input.

clearstats

Clear the statsistics / counters

Possible values: basic, full

Outputs

count

devno

stateflag

Outputs

Policy hits (Hits)

Number of hits on the policy

Policy undef hits (Undefhits)

Number of undef hits on the policy

Example

stat authentication policy