HP-UX AAA Server A.07.01 Administrator's Guide
Access-Group attribute is added to the dictionary file and user profiles as a
configuration item. For more information, see “The dictionary File ” (page 385).
1 Group Weekday-Access {
2 Condition {
3 (Access-Group = weekday) &&
4 ((Day-Of-Week >= Monday) && (Day-Of-Week <= Friday))
5 }
6 Reply {
7 Decision = ACK
8 Reply-Message = "Weekday access allowed"
9 }
10 }
11 Group Daytime-Access {
12 Condition {
13 (Access-Group = daytime) &&
14 ((Time-Of-Day >= 06:00) && (Time-Of-Day <= 20:00))
15 }
16 Reply {
17 Decision = ACK
18 Reply-Message = "Daytime access allowed"
19 }
20 }
21 Group Nighttime-Access {
22 Condition {
23 (Access-Group = nighttime) &&
24 ((Time-Of-Day < 06:00) || (Time-Of-Day > 20:00))
25 }
26 Reply {
27 Decision = ACK
28 Reply-Message = "Nighttime access allowed"
29 }
30 }
31 Group Denied-by-timed-access {
32 Reply {
33 Decision = NAK
34 Reply-Message = "Time-Based access denied"
35 }
36 }
Line 1 Names the first group entry Weekday-Access.
Lines 2 to 5 If the user belongs to the weekday access group and calls on a
weekday, they belong to this group.
Line 7 The Decision attribute returns the ACK value to the FSM as an
event, which accepts the request.
Line 8 Specifies a message that is sent back to the user.
Lines 11 to 30 Define the second and third groups with a structure similar to
the first group entry.
Line 31 Names the fourth group Denied-by-time-access. Requests that
do not match with the previous two groups are matched to this
450 Syntax of the Decision Files in Earlier Versions of the HP-UX AAA Server