Manualshelf

HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
31323334353637383940
The dictionary file
The aaa.config file
5. Copy your legacy users files from /etc/opt/aaa.old/ to /etc/opt/aaa/ (including the
default users file and all files with the .users extension). Update the users files as follows:
Remove all DEFAULT, dumbuser, pppuser, and slipuser entries. The following
shows example entries for each:
DEFAULT DEFAULT Authentication-Type = Realm
Filter-Id = "unlim"
dumbuser dumbuser Authentication-Type = None
Service-Type = Login,
Login-Service = Telnet,
Login-IP-Host = 255.255.255.255
pppuser pppuser Authentication-Type = None
Service-Type = Framed,
Framed-Protocol = PPP,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = None,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobson-TCP-IP
slipuser slipuser Authentication-Type = None
Service-Type = Framed,
Framed-Protocol = SLIP,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = None,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobson-TCP-IP
Remove all Authentication-Type=Realm and Authentication-Type=File
strings from the remaining user entries. The following is a sample sed command you can
modify to remove these entries:
$ sed -e s/Authentication-Type[ ]*=[ ]*Realm[ ,,]*//g-e
s/Authentication-Type[ ]*=[ ]*File[ ,,]*//g <users or
*.users file name>
6. Use Server Manager to re-configure all of your legacy realm and outbound proxy entries on
A.08.02. Refer to your legacy authfile at /etc/opt/aaa.old/authfile:
Use Server Manager’s Proxies link to re-configure entries in /etc/opt/aaa.old/
authfile with the following syntax:
realm.com RADIUS <Realm_host_name>
Use Server Manager’s Local Realms link to re-configure the realm entries as they appear
in /etc/opt/aaa.old/authfile.
If you have configured realm for EAP-LEAP, ORACLE or SecurID authentication, complete
the Migration procedure listed in “Upgrading from Versions A.07.00, A.06.02, A.06.01,
or A.07.01 to Version A.08.02” (page 33).
7. If you are using a Netscape Directory server, update the RADIUS schema file for the directory
server. Copy /opt/aaa/examples/proldap/55iaaa-radius.ldif to the Netscape
Directory server. Stop and restart slapd after copying the schema file to the Netscape server.
8. If you are using an OpenLDAP server, update the RADIUS schema file for the directory server.
Copy /opt/aaa/examples/proldap/iaaa-radius.ldif to the OpenLDAP server.
Stop and restart slapd after copying the schema file to the OpenLDAP server.
Upgrading from Version A.06.00.x to Version A.08.02 35