HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

241

242

243

244

245

246

247

248

249

250

Table 69 The HP-UX AAA Server LDAP Schema

DescriptionLDAP Attribute

RADIUS Check items in A-V pair string format.aaacheck

RADIUS Deny items in A-V pair string format.aaadeny

RADIUS Reply attributes in A-V pair string format.aaareply

User name*.user-id

User password. If not present, userpassword from inetOrgPerson is used.user-password

* Can be specified by entering User-ID as the search filter in the LDAP client configuration in

the AAA Server manager. If no search filter is specified, theuid attribute of the ineOrgPerson

object class is used.

LDIF files are a text based representation of LDAP data, and are used to import and export data

into an LDAP directory.

The following is an example of an LDIF entry for an AAA Server user profile:

dn: uid=deshen,ou=Groups,dc=chicago,dc=example,dc=com

objectclass: top

objectclass: aaaperson

cn: depakshen

sn: shen

uid: deshen

userpassword: mypass

aaareply: Reply-Message=”Hello, deshen”

aaareply: Session-Timeout=60

aaacheck: NAS-Idenfier=”localnet”

To Configure Netscape Directory Server v6

1. Copy /opt/aaa/examples/proldap/55iaaa-radius.ldif to the LDAP server schema

directory:

(/var/opt/netscape/servers/slapd-<hostname>/config/schema).

2. Restart the directory server.

3. Create an LDIF file for your user profiles and import to the directory.

To Configure iPlanet Directory Server v5

1. Copy /opt/aaa/examples/proldap/55iaaa-radius.ldif to the LDAP server schema

directory (/var/opt/iplanet/servers/slapd-<hostname>/config/schema).

2. Restart the directory server.

3. Create an LDIF file for your user profiles and import to the directory.

To Configure OpenLDAP 2.0.x

1. Copyiaaa-radius.schema from /opt/aaa/examples/proldap/ to the OpenLDAP

server (usually, /usr/local/etc/openldap/schema).

2. Modify the slapd.conf by adding the following lines:

/usr/local/etc/openldap/schema/cosine.schema /usr/local/etc/openldap/

schema/inetorgperson.schema

/usr/local/etc/openldap/schema/iaaa-radius.schema

3. Restart the directory server.

4. Create an LDIF file for your user profiles and import to the directory.

Authentication with LDAP 245