HP-UX AAA Server A.08.02 Administrator's Guide
4. Select a session. The AAA server manager will display the attributes for the selected session
similar to the example shown in Figure 43.
Figure 43 Example of a Session’s Attributes
5. Click OK when you are done reading the session.
Stopping a Session
This procedure is intended for sessions that were terminated on the access device but are maintained
as active by the AAA server.
1. Follow the procedure described in “Displaying Session Attributes” (page 119).
2. On the Session Attributes screen, click Stop. The AAA server will clear its record of the active
session, but no action is taken by the access device.
Session Limits
You can set session limits to control how long the user has access to the network, what services
the user has access to, and how many active sessions the user may maintain on the network.
Session limits are defined through A-V pairs. These limits can be enforced on a user-by-user or
global basis.
Setting Limits on a User-by-User Basis
If the user profile does not currently exist, follow the appropriate procedure to create a new profile.
If the user profile does exist, access the user profile from the text file or database that stores the
profile.
Setting Timeout Values
If the user profile is stored in a AAA server flat file:
1. Select the General tab from the User Attributes screen.
2. Assign a Session Timeout value to limit how many seconds the user can access the service.
3. Assign an Idle Timeout value to limit how many consecutive seconds of idle connection time
can pass before the session is terminated.
If the user profile is stored in an LDAP LDIF file, add the following lines to the user profile:
aaaReply: Session-Timeout = Number-seconds
aaaReply: Idle-Timout = Number-seconds
Establishing a Filter
1. Define the filter on your network device according to the hardware instructions. The filter
definition should include a filter ID.
120 Managing Sessions