The testauthpol command allows you to test the specified authentication policy.

Read syntax diagramSkip visual syntax diagram testauthpol  -username  user_name  -pw  password  -servertarget  ldap  rsa  -alternateurl  -scope   resource_scope  -group   dsgroup1[,dsgroup2,...]  pol_name  "-"


-username user_name
(Required) The user name for the authentication policy that is being tested. For example, if the current policy is Policy1 and you want to test Policy2, then you must be logged in with an administrator user account in Policy1, and provide a valid user name and password for Policy2.
-pw password
(Optional) The password for the user name in the policy being tested. The -pw parameter is still required for SAS, Basic, and LDAP type policies.
-servertarget ldap | rsa
(optional) Specifies the type of the authentication server to test. Inputs are either RSA or LDAP. If the user specifies RSA, the RSA authentication will be tested. If the user specifies LDAP, the LDAP authentication will be tested.
Remote authentication through a direct connection to an LDAP repository.
The RSA authentication type provides Multi-Factor Authentication with RSA Authentication Manager Servers.
(Optional) The parameter directs the authentication test to the alternative remote authentication server address.
-scope resource_scope
(Optional) The expected scope that the user is associated with. The test will succeed if the user is associated with the scope. The scope mappings can be set and changed using the setauthpol command.
-group dsgroup1[,dsgroup2,...]
(Optional) The expected groups that the user belongs to. The test will succeed if the user is part of each of the specified groups. The group mappings can be set and changed using the setauthpol command.
pol_name |
(Required) The authentication policy that you want to test. If you use the dash (-), the specified value is read from standard input. You cannot use the dash (-) while you are in the DS CLI interactive command mode.

Example: Testing a specified authentication policy.

dscli> testauthpol –username admin –pw test2 -servertarget RSA GUIRSALDAPPolicy 
Authentication policy GUIRSALDAPPolicy successfully verified.