Support User Manuals

Symantec Security Expressions Server Server User Manual

Open as PDF

of 97

SecurityExpressions Server User Guide

38

Supported Functions

Function Argument Description

iprange a valid IP range Returns TRUE if the target

computer is a member of the IP

range.

domain a windows domain in Netbios or

DNS format

Returns TRUE if the target

computer is a member of the

windows domain.

machinelist a database machine list created

using the console application

Returns TRUE if the target is a

member of the machine list.

devicetype a valid device type Returns TRUE if the target is the

type of device specified.

fqdnmatch a shell expression Returns TRUE if the target’s full

qualified domain name matches

the shell expression.

ou the name of an OU in Microsoft

shorthand, and optionally an LDAP

URL specifying what directory and

credentials should be queried

Returns TRUE if the target is a

member of the organizational

unit.

detectionmethod a method for detecting systems on

the network

Returns TRUE if the target was

detected on the network using

this method.

aocserver a shell expression Returns TRUE if the server

processing the connection event

matches the shell expression.

Org Unit Scopes

Also known as an OU, a system's organizational unit is listed in the domain controller. The

software searches OUs in order to find Active-Directory computer accounts. OU searches begin at

the directory’s default naming context.

Use Microsoft shorthand notation to type OUs. You do not need to type OUs in a case-sensitive

manner. For example, the Active Directory DN of “ou=A,ou=B,dc=symantec,dc=com” would be

entered as “B/A.” If your computer accounts are located in Active Directory's default location of

"cn=computers,dc=symantec,dc=com," you can simply enter "computers" to search for all

computer accounts.

If you're running the server application on a system that's not a member of an Active

Directory domain, you'll need to override the directory, protocol and login credentials to the

directory by specifying an LDAP URL as the first OU. The syntax is

"ldap://[user:password@]host[:port].” The User can be in Microsoft format such as

"user@domain.com” or in standard LDAP format such as "cn=user,dc=symantec,dc=com."

A system matches this scope if its Active-Directory computer account matches the value entered.

Detection Method Scopes

previous next