This section contains information about the following topics:
iChain 2.1, by default, will not check community objects for ACL rules. Community objects existed in previous versions of iChain but are no longer provided in version 2.1; however, the functionality is provided to allow the use of pre-existing community objects.
To enable ACL rule checking for community objects when upgrading from iChain 1.5 to iChain 2.1, administrators should do the following:
Unlock the console.
Edit the appstart.ncf.
Change the load aclcheck entry to load aclcheck /m.
Restart the machine.
After specifying changes in the configuration, ACL rules will be checked in the following sequence:
If a specified option is not provided, checking for the italicized portions of the above list will not be performed for checking the ACL rules.
The module that provides iChain's Access Control (ACLCHECK.NLM) can be configured to output debug information. The administrator can choose one of two levels of increasingly more detailed information. This information can be helpful to developers and consultants. By default, no debug information is output.
To enable these debugging options, an administrator should:
Edit the APPSTART.NCF file on the iChain Proxy Server.
Find the line containing the LOAD ACLCHECK command and add a debug level switch at the end of that line, for example,
LOAD ACLCHECK /D2.
Shut down and restart the proxy server.
The ACLCHECK utility can be used with a number of options to refine rule checking. These options are not case sensitive. When you change an ACLCHECK option, the update is stored in the appstart.ncf file.
Table 3. ACLCHECK command line options