HP-UX AAA Server A.08.02.10 Administrator's Guide HP-UX 11i v3 (T1428-90093, November 2013)
Configuring Multiple HP-UX AAA Servers as a Group..................................................220
Configuring for Disconnect and CoA Request Processing.........................................222
Dedicated HP-UX AAA Servers for Dynamic Authorization.......................................225
Dynamic Authorization in Authorize Only Mode.........................................................230
Configuring for Dynamic Authorization in Authorize Only Mode..............................230
Configuring for Proxy Functionality............................................................................232
Configuring for Dynamic Authorization Proxy Functionality......................................233
Configuring for Failover...........................................................................................233
Security Consideration in Dynamic Authorization........................................................234
Replay Protection...............................................................................................234
Message-Authenticator.......................................................................................235
Reverse Path Forwarding Check for Proxies............................................................236
Sample Configuration Files................................................................................................237
The client-request-init.grp.dynauth Sample File.................................................................237
The client-reply-ingress.grp.dynauth Sample File...............................................................238
The sqlaccess.config.dynauth Sample File.......................................................................238
The sqlaccess.config.dynauth_server_group Sample File...................................................239
The dbsetup.sql.dynauth_server_group Sample File..........................................................240
IV Integrating the HP-UX AAA Server With External Services...........................242
21 LDAP Authentication..........................................................................245
LDAP Server Compatibility ...............................................................................................245
Related LDAP Documentation ............................................................................................245
Authentication with LDAP .................................................................................................245
Configuring the LDAP Server ........................................................................................245
The HP-UX AAA Server LDAP Schema.......................................................................245
To Configure Netscape Directory Server v6................................................................246
To Configure iPlanet Directory Server v5....................................................................246
To Configure OpenLDAP 2.0.x.................................................................................246
22 SQL Access......................................................................................248
SQL Access Overview......................................................................................................248
SQL Access Concepts..................................................................................................249
RADIUS Attribute to SQL Statement Mapping.............................................................249
Mapping Functions.................................................................................................250
Conversion Functions..............................................................................................250
SQL Action Processing and Result Handling...............................................................251
Implementing SQL Access.................................................................................................251
Sample Implementation Files.........................................................................................251
sqlaccess.config Sample File....................................................................................251
dbsetup.sql Sample File...........................................................................................253
Finite State Machine Sample....................................................................................254
Pre-requisites for SQL Access........................................................................................254
Database Server and Schema..................................................................................254
Database Security..............................................................................................254
High Availability................................................................................................255
Database Client.....................................................................................................255
Shared Library Path Configuration........................................................................255
Database Client Connector Libraries.........................................................................255
SQL Access Implementation Details................................................................................255
sqlaccess.config File Configuration................................................................................256
Database Connection Definition...............................................................................257
SQL Actions...........................................................................................................258
Mapping Syntax.....................................................................................................259
RAD Mapping...................................................................................................260
Contents 9