HP-UX AAA Server A.08.02.10 Administrator's Guide HP-UX 11i v3 (T1428-90093, November 2013)

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

271

272

273

274

275

276

277

278

279

280

• L. Name or F. Name

• Work Phone

• Token Serial Number

A list of matching users is displayed.

4. Click Modify User or the matching user listed.

The Manage User screen is displayed.

5. Modify the relevant information. For information on modifying token information such as token

status, see “Valid Token Status Values” (page 281). For information on validating tokens, see

“Synchronizing Tokens (Procedure for Users)” (page 279).

6. Click Modify User Info.

Managing Users Using OTP to Authenticate

This section provides a brief overview illustrating how administrators can manage users who use

OTP to authenticate.

The following screens are provided to ease administration.

• The Administrator's screen that enables administrators to add, view, and modify user and

token information.

• The User's screen enabled users to do basic self-management tasks such as enrolling and

synchronizing their tokens.

Following is the process that administrators need to follow to manage user and token information:

1. “Importing Tokens into the Database” (page 277)

2. “Assigning Tokens to Users” (page 277)

3. “Enrolling Tokens (Procedure for Users)” (page 278)

4. “Synchronizing Tokens (Procedure for Users)” (page 279)

5. “Terminating Tokens” (page 280)

Importing Tokens into the Database

Tokens are devices or software that generate OTP. Usually, token vendors provide the token in

bulk along with a file that contains the secret associated with each token. This token information

must be imported into the database token table. The HP-UX AAA Server includes a sample /opt/

aaa/examples/sqlaccess/userdb/aaatoken2sql.pl file that can be used to convert a

CSV file containing token information into SQL insert statements. The generated file can be executed

on the database to populate the database with the token table.

After the tokens are imported into the database, they are in an AVAILABLE state, indicating that

it is free and can be assigned to any user.

Assigning Tokens to Users

Once tokens are imported into the database, they must be assigned to users. The procedure to

assign tokens varies slightly depending on whether you want to assign a specific token serial

number or whether you want to allocate any free token. This section documents both these

procedure.

Assigning a Specific Token to a User

To assign a specific token to a user, complete the following procedure:

1. In the Add or Manage Users screen, enter the serial number listed on the token in the Enter

Token Serial Number field.

2. Click Validate.

The Token Validate screen appears in a new browser window as shown in Figure 88.

Administering Users and Tokens Stored in an SQL Database 277