HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

381

382

383

384

385

386

387

388

389

390

fedc::ba98:fe*

The users File

User profiles associate information, like check and reply items, with a user name. The server

configuration must include profiles for all the users that can access services through the AAA server.

Profiles can be stored in flat text files, or in an external database. If a user profile is not included

in the configuration, the server will reject the user's access request.

The default users, realm, or prefix.users files may contain user profiles for authentication.

Each user entry in one of these files can be one or more lines of information. You do not have to

edit the default users file when mapping realms to authentication types in the authfile, since

the user information for each defined realm will be stored in a realm file or external database.

Unless the default installation of the configuration files has been changed, the users file can be

found in the /etc/opt/aaa directory.

IMPORTANT: Configuration files have a maximum input line length of 255 characters. No

checking is done to insure that a configuration statement has not exceeded this limit.

NOTE: The order of the entries is important; the first entry that matches the request will be used

to authenticate the user. The server will ignore the remaining entries; therefore, you should list the

most specific entries first and the default entry should be last.

Syntax of a User Entry

The first line of each entry consists of one or more fields:

Users-Name configuration-items check-items

reply-item,

reply-item

. . .

Syntax of IPv6 Attributes

This section briefly describes the syntax of the IPv6 attributes that the users file contains. For more

information on IPv6 Attributes, refer to RFC 3162.

NAS-IPv6-Address

This attribute indicates the identifying IPv6 address of the NAS which is requesting authentication

of the user, and it must be unique to the NAS within the scope of the RADIUS server.

Example 19 Examples of NAS-IPv6-Address Attribute Syntax

fedc:ba98:7654:3210:fedc:ba98:7654:3210

12ab::4871

2222::4

Framed-Interface-Id

This attribute indicates the IPv6 interface identifier to be configured for the user.

Example 20 Examples of Framed-Interface-Id Attribute Syntax

fedc:ba98:7654:3210

a:b:c:d

IMPORTANT: Do not use “::” in the Framed-Interface-Id syntax.

388 Configuration Files