Cipafilter can integrate with Apple Open Directory for authentication to allow for filtering by Open Directory group and reporting by username. Configuration is easily accomplished using the following steps:
- Open Directory Configuration - integrate the Cipafilter with Open Directory
- In Open Directory
- Create a security group named nointernet and one named unfiltered.
By placing a user in one of these groups, you can either prevent them from having Internet access or allow them to have unfiltered Internet access.
- Create security groups based upon how you would like to filter users (i.e. students vs staff). When creating group names, please be advised that the Cipafilter does not like spaces in the group name.
- In the Cipafilter Management Interface
- Navigate to the Authentication tab of the Content Filtering page.
- Change the Authentication Method to Apple Open Directory.
- Enter the IP of your Open Directory server in LDAP Server Address.
- Click the magic wand icon to automatically detect the LDAP Search Base.
- Click the check icon to verify settings.
- Press the Save and Apply button to save your changes.
- Navigate to the Authentication Tools page.
- In the Query Group Memberships section, enter a valid Username and press Query. The group memberships for the user should be displayed.
- Navigate to the Group Permissions page.
The Group Configuration tab is used to define the properties of each filtering group. The Group Management tab is used to add, delete, and rename groups.
- On the Group Configuration tab, define the filtering permissions for the default group.
Please note that you can copy a previously defined group. By configuring the default group prior to creating any new groups, you can use it as the template for additional groups.
- Select the Group Management tab.
- For each filtering group created in Open Directory, create a group by the same name in the Cipafilter. You can copy the default group by selecting the button to the right of the group name.
Select the Group Configuration tab and make any changes you desire to each group.