HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

211

212

213

214

215

216

217

218

219

220

FUNC(get_server_name) DBP(11, 259, CHAR)

4. sess_mod_time — Specifies the time when the session entry was modified. The initial

value is Current timestamp. This column does not require mapping. The

current_timestamp function is directly used in the SQL statement.

5. filter_id — Specifies the data filter used for this session. The value is retrieved from

the Filter-Id attribute. You can configure Filter-Id using either the user profile or

through policy. The following mapping is used to insert this value:

• For Oracle,

RAD(Filter-Id, REPLY) DBP(filterid, 253, CHAR)

• For MySQL,

RAD(Filter-Id, REPLY) DBP(12, 253, CHAR)

If the StartSession SQL action was not modified earlier, you can directly substitute

with the StartSession SQL action in the latest reference implementation

sqlaccess.config file. The file is available in the following paths:

For Oracle,

/opt/aaa/examples/sqlaccess/oracle-1/sqlaccess.config

For MySQL,

/opt/aaa/examples/sqlaccess/mysql-1/sqlaccess.config

If StartSession was modified to suit your environment, the changes must be merged

with the changes in the latest sqlaccess.config file.

3. You must modify the FSM file. If the default FSM file delivered with the reference implementation

is not modified, you can copy the FSM file from the latest reference implementation. If you

have modified the default FSM file, you must manually modify the latest file. The latest FSM

file is available at: /opt/aaa/examples/config/sqlaccess-acct-sess.fsm

The migration is complete. To configure for Disconnect and CoA, complete the procedure

available at:

• For Oracle — /opt/aaa/examples/sqlaccess/oracle-1/README

• For MySQL — /opt/aaa/examples/sqlaccess/mysql-1/README

Configuring Multiple HP-UX AAA Servers as a Group

To improve performance and the ability to process multiple dynamic authorization requests, it is

possible to run multiple HP-UX AAA Servers on a single HP-UX host and use the load balancer to

distribute the client requests thereby, achieving scalability and reliability. In addition to running

multiple HP-UX AAA Servers, you can clone the HP-UX AAA Server on the same or different hosts

to support high-availability.

For easier management of the servers, each server is associated with a group. For dynamic

authorization, all the HP-UX AAA Servers in a group must facilitate load balancing and

high-availability. The Disconnect and CoA messages to be sent to sessions must be distributed

among the live HP-UX AAA Servers in that group. Figure 67 illustrates multiple HP-UX AAA Servers

configured as a group for dynamic authorization.

Configuring for Dynamic Authorization 219