Manualshelf

HP-UX AAA Server A.07.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
919293949596979899100
1. On the Local Realms screen, select the name of the directory definition you wish
to delete.
2. Click Delete.
Tuning the AAA Server to LDAP Server Connection
The AAA server to LDAP server connection can be modified by adding the following
entry to /etc/opt/aaa/aaa.config and then stopping and starting the server:
aatv.ProLDAP
{
Retry-Interval 60
Retry-Wait 1
Timeout 60
TCP-Timeout 3
Debug 0
}
Retry-Interval sets the number of seconds for the AAA server to wait before trying
to reconnect to a LDAP directory server when a realm has failover directory servers
configured. Default value is 60 seconds.
Retry-Wait sets the number of seconds that the AAA server will wait before
attempting to connect to the same failover LDAP server. When all failover directory
servers configured for a realm are down, the AAA server will try to reconnect to
one every time an access request is received. In that situation, this parameter
guarantees that the software does not spend too much time in trying to reconnect
those directory servers. Default value is 1 second.
Timeout sets the number of seconds that an LDAP connection will remain open
when the AAA server has not been able to successfully perform any successful
LDAP operation. This parameter allows better handling of the situation where the
LDAP directory times out client connections.
TCP-Timeout sets the number of seconds that the AAA server will wait for an
LDAP server when trying to establish the Transmission Control Protocol (TCP)
connection.
Debug determines whether OpenLDAP debug messages should be written to the
AAA server radius.debug file. A value of 0 disables writing these messages; a
value of -1 enables writing these messages. The syntax of this property follows a
block syntax that is different from the other aaa.config variables.
Configuring Realms for Oracle
This section discusses how to configure realms for Oracle authentication. These realms
can be configured only after setting up the Oracle database server. See Chapter 19:
“Oracle Authentication (Supported Using SQL Access)” (page 248) for more information
on setting up the Oracle database server for Oracle authentication.
To authenticate users stored in an Oracle database, you must configure the AAA server,
run the db_srv daemon on each Oracle host machine, and configure one or more
Configuring Realms for Authentication using an External Server 99