Novell Home

Solving the BorderManager *No Matching Scanner* Error

Novell Cool Solutions: Tip
By Craig Johnson

Digg This - Slashdot This

Posted: 5 Jul 2006
 

Problem

A Forum reader asked the following question:

"I am in the process of changing from BorderManager 3.7 to NSM and I am in the testing phase. If I setup the proxy for http with Cobion and leave the "blocked SP categories" to none, I can go to any site. If I click on any content scanning feature, I get the "No matching scanner profile found for user@ipaddress. I know that it might have to do with profile assignments, but I am confused on that part. I am using eDirectory and LDAP for user authentication and my user is at the top of the tree."

And here's the reply from BorderManager expert Craig Johnson ...

Solution

You need to have three separate areas properly configured for this to work.

1. You need to have authentication enabled for NSM, in System > User Authentication > Novell eDirectory. In this section, I was unable to get the "dot" syntax to work, so I used LDAP syntax. With version 6.1 and earlier, I also had to manually add in every context that contained a user account that would be accessing the proxy. There was no inheritance where I could specify an upper-level OU and have users underneath be allowed.

2. Further down on that page, in the Novell eDirectory User/Group/Container-based access control, I added an (LDAP) entry for the highest O or OU in my tree under which users needed proxy access. (In this area, you don't need to put in all contexts as inheritance worked).

3. Under Proxies, HTTP, User Authentication, I checked Novell eDirectory method.

In the Cobion profiles, I used fully-qualified LDAP formatted entries for the users, though for groups I only needed to add the group name.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell