Sometimes you may want to test your Access Rules to make sure that the right ones are getting applied to the right users. Luckily, there's an easy way to test Access Rules without having to log in as the users that you're testing for!
- Navigate to Access Rules by click on Security and then selecting Access Rules from the navigational sidebar.
- You will be brought to the Access Rules Configuration page. At the bottom of the page you should see the Test Access All Rules box. This is what we're going to use to verify the integrity of our Access Rules.
- Under Source, select the Identity Source that the user that you want to test belongs to from the dropdown menu.
Naturally under Test Username you can type in the user that you want to test's username.
For Test IP you can specify any IP address within the Access Rule's defined CIDR range.
- Now let's use my test student as an example test:
This is my example student's Clearlogin Directory account (CLD):
As you can see in this screenshot, Brad is a "student," specifically a "junior," which matches him with the "Students" access rule in the previous screenshot.
Students as shown under my Where? are only allowed to access Clearlogin from the 10.130.40.0/24 CIDR.
So, in order to get started testing from Brad's account, we first need to select our Identity Source from the Source dropdown menu which in this case is my CLD, "Clearlogin Directory."
Next we need to type our user's username in to the Test Username text field, which is bshoemaker in this instance.
Finally we have to type in an IP address from within the CIDR range(s) of the Access Rule(s) that matches our user. In this case, I'm going to use 10.130.40.1.
- Once you have entered all of the required information, click on the green button that says Test and you should receive the following message in the Test All Access Rules box:
Of course if the user doesn't match with any rules you will receive this message:
You will also be alerted when a user matches multiple Access Rules:
The Test All Access Rules box is a great way to make sure that all of your Access Rules are in working order after making modifications!