Manualshelf

HP-UX AAA Server A.07.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
261262263264265266267268269270
Notes:
When SecurID users are prompted to enter their password, the user must enter a
SecurID PASSCODE.
To support the SecurID authentication, a NAS must support RADIUS
Access-Challenge messages.
Configuring SecurID Authentication
To configure the AAA server to work with the RSA ACE/Server, the following steps
must be performed. If you are not familiar with the ACE/Server, contact your ACE
administrator for assistance.
Configuring the AAA Server for RSA SecurID Authentication
1. Copy the sdconf.rec file from its usual location on the ACE/Server (/ACE/data)
to the AAA server configuration directory (/etc/opt/aaa by default).
IMPORTANT: Stop and restart the AAA Server if you copied the sdconf.rec
file while the AAA Server is running.
2. Identify the user profiles that are stored on the SecurID server after you copy the
sdconf.rec file to the AAA server configuration directory.
NOTE: You can identify these user profiles by user name or realm name. It is
not necessary to do both. If you have identified a realm that a group of SecurID
users belong to, it is not necessary to also identify them by user name.
Configuring the ACE/Server
1. Start the ACE/Server Administration program and verify that the AAA server has
an entry on the list of clients.
2. If there is no corresponding entry, from the Client menu, select Add Client.
Complete the Client dialog box, giving the AAA server a Client type of Net OS
Client as shown in the following figure:
Configuring SecurID Authentication 263