HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

information on OATH standards-based authentication, see “OATH Standards-Based OTP

Authentication” (page 127).

No migration is required. If you have modified /etc/opt/aaa/dictionary, and want to use

SQL Access, OTP authentication, or pre-defined policy hooks in the FSM, merge the dictionary

file. For information on merging the dictionary file, see “Merging the Dictionary File” (page 36).

If you have modified the radius.fsm file, and you want to use OTP authentication, Dynamic

Authorization, EAP-SIM, EAP-AKA, or use pre-defined policy hooks in the FSM, merge the

radius.fsm file. For information on merging the radius.fsm file, see “Merging the radius.fsm

File” (page 36).

If you have configured realms with LDAP as the back end, and you want to enable CIS search,

then you must specify the Filter-Type in the realm configuration in the authfile as follows:

<realm name> -DEFAULT ProLDAP ""

{

Filter-Type CIS

Directory "directory_name"

{

Host <ldap-server-hostname>

Port <ldap-server-port>

Administrator <ldap-server-administrator>

Password <Password>

Searchbase <search-base>

Authenticate <auto | search | bind>

}

Additions have been made to the vendors file in this version of the HP-UX AAA Server. If you

have modified the vendors file, you must merge the vendors file. For information on merging

the vendors file, see“Merging the vendors File” (page 36).

Upgrading from Version A.06.00.x to Version A.08.02

To upgrade the configuration files, complete the following steps:

1. Backup your existing HP-UX AAA server configuration.

2. Install the HP-UX AAA Server A.08.02 without removing your existing HP-UX AAA Server

software.

3. Copy the following files from /etc/opt/aaa.old/ to /etc/opt/aaa/. You do not need

to modify these files when migrating to A.08.01:

• The clients file

• The las.conf file

• The iaaaAgent.conf file

• The engine.config file

• The DAC.grp file and additional policy files

• New or modified certificate files (to be copied from /etc/opt/aaa.old/security/

to /etc/opt/aaa/security/)

4. Update the following A.08.02 files in /etc/opt/aaa/ to include any modifications you

made for your legacy configuration. Perform this step to include your legacy configuration in

the new A.08.02 file format. Refer to the copy of your legacy files in /etc/opt/aaa.old/

and update the corresponding A.08.01 files listed below:

• The vendors file

• The log.config file

• The radius.fsm file

34 Upgrading to Version A.08.02