Bay Networks BayRS Guide de dépannage Page 99
- Page / 197
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Chapter 2 Troubleshooting LDAP Servers and the AMC Debugging LDAP
Advanced Technical Reference Guide 4.1 • June 2000 94
fw ldapsearch
Using this function you can access the LDAP server, and get all the information it contains— including the
CRL (Certificate Revocation List).
Syntax
ldapsearch [options] filter [attributes...]
where:
Filter RFC-1558 compliant LDAP search filter
attributes whitespace-separated list of attributes to retrieve
(if no attribute list is given, all are retrieved)
Table 3: fw ldapsearch attributes
Attribute Meaning
-A Retrieve attribute names only (no values)
-B Do not suppress printing of non-ASCII values
-b basedn Base dn for search
-D binddn Bind dn
-d level Set LDAP debugging level to `level'
-f file Perform sequence of searches listed in `file'
-F sep Print `sep' instead of `=' between attribute names and values
-h host LDAP server
-l time lim Server Side time limit (in seconds) for search
-p port Port on LDAP server
-S attr Sort the results by attribute `attr'
-s scope One of base, one, or sub (search scope)
-t Write values to files in /tmp
-T Timeout Client side timeout for all operations. (in milli-seconds)
-u Include User Friendly entry names in the output
-w passwd Bind passwd (for simple authentication)
-Z Encrypt with SSL
-z size lim Server Side size limit (in entries) for search
Examples
On Windows NT machines, if the DN referred to is the DN of the CRL (cn=CRL1 if CA is Entrust).
fw ldapsearch -h host -b "cn=CRL1, o=check point, c=IL"
certificaterevocationlist=* certificaterevocationlist
With a CA other than Entrust, you should mention the DN of the CA object if non-Distribution Points are
mentioned.
- VPN-1/FireWall-1 1
- Contents 2
- Table of Contents 3
- WhoshouldusethisGuide 6
- Feedback Please! 6
- Summary of Contents 7
- Troubleshooting Guidelines 8
- In This Chapter: 10
- Troubleshooting Tools 11
- UNIX only) 12
- Explanation 13
- offset of IP in 17
- FireWall-1 Monitor Command 21
- Examples 22
- Debugging with INSPECT 24
- Translation 26
- Resolving Common NAT Problems 27
- “Leaky” NAT 31
- Debugging NAT 33
- BayRS router 36
- Controlling the FireWall 37
- Licenses 38
- Problems and bugs 38
- BayRS Router Commands 39
- VPN-1/FireWall-1 Commands: 40
- General Commands 40
- General problems 41
- Common problems resolution 43
- Information to Gather 44
- Spoofing 49
- Debugging of Cisco Routers 49
- Debugging of 3Com Routers 51
- Debugging 52
- Troubleshooting Anti-Spoofing 54
- Static ARP and Anti-Spoofing 55
- Debugging Anti-Spoofing 56
- Content Security 57
- SMTP Security Server 58
- Debugging Security servers 58
- HTTP Security server 59
- IP Interface 60
- The Software 60
- VPN-1/FireWall-1 Rule Base 60
- Diagram of the environment 61
- Performance Test 62
- Discussion 63
- Action Plan 63
- Conclusions 64
- HTTP Security Server and DNS 66
- Test Plan 68
- The Solaris machines 69
- The VPN/FireWall module 69
- The security servers 69
- The CVP server 69
- Test Results 70
- FTP Security Server 71
- Fast mode and FTP 73
- FTP PASV vulnerability: 74
- PORT command is blocked 74
- Server fails 78
- Log Viewer Error Messages 80
- Log Viewer 81
- Security Server? 82
- Chapter 2: Security Servers 84
- Chapter 3: Content Security 84
- Troubleshooting LDAP Issues 87
- Installation Issues 88
- Configuration Issues 88
- Schema Checking 89
- Known configuration problems 90
- AMC Configuration problem 91
- Working with the AMC 92
- Creating a Tree Object 93
- Defining Users 93
- The LDAP server 93
- Working with LDAP 94
- Known LDAP and AMC problems 94
- Exporting Users Problems 95
- Special Configurations 96
- PKI Issues related to LDAP 96
- Known Limitations 97
- Debugging LDAP 98
- More Information 100
- Management 101
- What Tables are synchronized 104
- Synchronization Tests 104
- Troubleshooting Fail-over 106
- Problem Detection Devices 107
- Troubleshooting Fail-Over 108
- VPN Fail-Over 108
- Debugging High-Availability 111
- Load Balancing Components 112
- Stealth Rule 114
- Check_alive table 114
- Balance does not work 115
- Troubleshooting SNMP 120
- Node n Node 2 Node 1 123
- External Network 123
- Internal IP 124
- Bank Certificate Key (BCK) 125
- Product Features Lists 126
- How to Verify Licenses 127
- Licensing non IP hosts 128
- License installation 129
- In This Chapter 132
- Introduction 133
- Rule Base 133
- Network Address translation 133
- Anti Spoofing 133
- High Availability 135
- Security Servers 135
- BAY Router 136
- Open Security Extension (OSE) 137
- Mission Statement 139
- Telephone 139
- Problem Severity Definitions 142
- Software Versions Supported 142
- Escalation Procedure 142
- In This Appendix: 143
- What are State Tables? 146
- Table Attributes 147
- General tables 148
- SAMP tables 152
- License enforcement tables 153
- Logging tables 154
- NAT tables 156
- VPN tables 158
- SKIP tables 159
- NSID value Description 160
- IKE tables 161
- IPSec tables 161
- SPI_table table 162
- Load balancing tables 170
- Specific services tables 172
- RPC tables 174
- Program Number Description 175
- 100001 Rstat 175
- 100004 Ypserv 175
- 100007 Ypbind 175
- 100300 NIS+ 175
- DCE/RPC tables 176
- IIOP tables 177
- Static tables (lists) 177
- Object Lists tables 178
- Time Objects tables 180
Produits connexes et manuels pour Logiciel Bay Networks BayRS
(76 pages)
Logiciel Bay Networks 5391 Guide d'installation
(138 pages)
(138 pages)
Logiciel Bay Networks 5000 Manuel de service
(166 pages)
(166 pages)
Logiciel Bay Networks 5391 Manuel de service
(20 pages)
(20 pages)
Logiciel Bay Networks 5000 Spécifications
(185 pages)
(185 pages)
© 2020, manymanuals.fr. Tous droits réservés | 0.068 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels