authentication Policy¶
The following operations can be performed on "authentication Policy":
add | rm | set | unset | show | rename | stat
add authentication Policy¶
Adds an advanced authentication policy. The policy defines the criteria under which the NetScaler appliance attempts to authenticate the user.
Synopsys¶
add authentication Policy <name> -rule <expression> -action <string> [-undefAction <string>] [-comment <string>] [-logAction <string>]
Arguments¶
name
Name for the advance AUTHENTICATION policy.
Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Cannot be changed after AUTHENTICATION policy is created.
The following requirement applies only to the NetScaler CLI:
If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my authentication policy" or 'my authentication policy').
rule
Name of the NetScaler named rule, or a default syntax expression, that the policy uses to determine whether to attempt to authenticate the user with the AUTHENTICATION server.
action
Name of the authentication action to be performed if the policy matches.
undefAction
Action to perform if the result of policy evaluation is undefined (UNDEF). An UNDEF event indicates an internal error condition. Only the above built-in actions can be used.
comment
Any comments to preserve information about this policy.
logAction
Name of messagelog action to use when a request matches this policy.
rm authentication Policy¶
Removes the advance authentication policy.
Synopsys¶
rm authentication Policy <name>
Arguments¶
name
Name of the advance authentication policy to remove.
set authentication Policy¶
Modifies the specified parameters of a authentication policy.
Synopsys¶
set authentication Policy <name> [-rule <expression>] [-action <string>] [-undefAction <string>] [-comment <string>] [-logAction <string>]
Arguments¶
name
Name of the advance authentication policy to modify.
rule
Name of the NetScaler named rule, or a default syntax expression, that the policy uses to determine whether to attempt to authenticate the user with the AUTHENTICATION server.
action
Name of the authentication action to be performed if the policy matches.
undefAction
Action to perform if the result of policy evaluation is undefined (UNDEF). An UNDEF event indicates an internal error condition. Only the above built-in actions can be used.
comment
Any comments to preserve information about this policy.
logAction
Name of messagelog action to use when a request matches this policy.
unset authentication Policy¶
Use this command to remove authentication Policy settings.Refer to the set authentication Policy command for meanings of the arguments.
Synopsys¶
unset authentication Policy <name> [-undefAction] [-comment] [-logAction]
show authentication Policy¶
Displays the current settings for the specified advance authentication policy.If no policy name is provided, displays a list of all advance authentication policies currently configured on the NetScaler appliance.
Synopsys¶
show authentication Policy [<name>]
Arguments¶
name
Name of the advance authentication policy.
Outputs¶
rule
The name of the new rule associated with the policy.
action
The name of the authentication action associated with the policy.
stateflag
undefAction
Action to perform if the result of policy evaluation is undefined (UNDEF). An UNDEF event indicates an internal error condition. Only the above built-in actions can be used.
comment
Any comments to preserve information about this policy.
logAction
Name of messagelog action to use when a request matches this policy.
hits
Number of hits.
boundTo
The entity name to which policy is bound
activePolicy
priority
bindPolicyType
policyType
nextFactor
On success invoke label.
gotoPriorityExpression
Expression specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE.
description
Description of the policy
vserverType
policySubType
devno
count
rename authentication Policy¶
Renames the specified authentication policy.
Synopsys¶
rename authentication Policy <name>@ <newName>@
Arguments¶
name
Existing name of the authentication policy.
newName
New name for the authentication policy. Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) hash (#), space ( ), at (@), equals (=), colon (:), and underscore characters.
The following requirement applies only to the NetScaler CLI:
If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my authentication policy" or 'my authentication policy').
Example¶
rename authentication policy oldname newname
stat authentication Policy¶
Displays authentication statistics for all advanced authentication policies, or for only the specified policy.
Synopsys¶
stat authentication Policy [<name>] [-detail] [-fullValues] [-ntimes <positive_integer>] [-logFile <input_filename>] [-clearstats ( basic | full )]
Arguments¶
name
Name of the advanced authentication policy for which to display statistics. If no name is specified, statistics for all advanced authentication polices are shown.
detail
Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.
fullValues
Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated
ntimes
The number of times, in intervals of seven seconds, the statistics should be displayed.
Default value: 1
Minimum value: 0
logFile
The name of the log file to be used as input.
clearstats
Clear the statsistics / counters
Possible values: basic, full
Outputs¶
count
devno
stateflag
Outputs¶
Policy hits (Hits)
Number of hits on the policy
Policy undef hits (Undefhits)
Number of undef hits on the policy
Example¶
stat authentication policy