A Forum reader asked the following question:
"I am in the process of changing from BorderManager 3.7 to NSM and I am in the testing phase. If I setup the proxy for http with Cobion and leave the "blocked SP categories" to none, I can go to any site. If I click on any content scanning feature, I get the "No matching scanner profile found for user@ipaddress. I know that it might have to do with profile assignments, but I am confused on that part. I am using eDirectory and LDAP for user authentication and my user is at the top of the tree."
And here's the reply from BorderManager expert Craig Johnson ...
You need to have three separate areas properly configured for this to work.
1. You need to have authentication enabled for NSM, in System > User Authentication > Novell eDirectory. In this section, I was unable to get the "dot" syntax to work, so I used LDAP syntax. With version 6.1 and earlier, I also had to manually add in every context that contained a user account that would be accessing the proxy. There was no inheritance where I could specify an upper-level OU and have users underneath be allowed.
2. Further down on that page, in the Novell eDirectory User/Group/Container-based access control, I added an (LDAP) entry for the highest O or OU in my tree under which users needed proxy access. (In this area, you don't need to put in all contexts as inheritance worked).
3. Under Proxies, HTTP, User Authentication, I checked Novell eDirectory method.
In the Cobion profiles, I used fully-qualified LDAP formatted entries for the
users, though for groups I only needed to add the group name.
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.