HP-UX AAA Server A.07.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

371

372

373

374

375

376

377

378

379

380

The aatv.ProLDAP Property

This property controls AAA server connections to an LDAP server.

• Retry-Interval sets the number of seconds for the AAA server to wait before trying

to reconnect to a LDAP directory server, when a realm has failover directory servers

configured. Defaults to 60 seconds.

• Retry-Wait sets the number of seconds that the AAA server will wait before

attempting to connect to the same failover LDAP server. When all failover directory

servers configured for a realm are down, the AAA server will try to reconnect to

one every time an access request is received. In such a situation, this parameter

guarantees that the software does not spend too much time in trying to reconnect

those directory servers. Default value is 1 second.

• Timeout sets the number of seconds that an LDAP connection will remain open

when the AAA server has not been able to successfully perform any successful

LDAP operation. This parameter allows better handling of the situation where the

LDAP directory times out client connections.

• TCP-Timeout sets the number of seconds that the AAA server will wait for an

LDAP server when trying to establish the TCP connection.

• Debug determines whether OpenLDAP debug messages must be written to the

radius.debug file. A value of 0 disables writing these messages; a value of -1

enables writing these messages. The syntax of this property follows a block syntax

that is different than the other aaa.config variables.

For example:

aatv.ProLDAP

{

Retry-Interval 60

Retry-Wait 1

Timeout 60

TCP-Timeout 3

Debug 0

}

The log_threshold_limit and suppression_interval Variables

These variables can be used to suppress a message from being repeatedly recorded in

the log file. For example:

log_threshold_limit=150

supression_interval=20

Where:

log_threshold_limit The number of times that the same message can be

recorded to the log file within two seconds, before it is

suppressed. Default: 100.

supression_interval The time in seconds for which the logging of a message

is suppressed. Default: 30 seconds.

376 Configuration Files