Specifications

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE DIRECTORY SERVER 6.01 - PLUG-IN

Juniper Networks, Inc.

1194 North Mathilda Avenue

Sunnyvale, CA 94089

USA

408-745-2000

www.juniper.net

Juniper Networks

Steel-Belted Radius

Release Notes

Release 6.1.1

June 2009

Part Number: 530-028422-01 Revision 03

Summary of content (22 pages)

PAGE 1
Juniper Networks Steel-Belted Radius Release Notes Release 6.1.1 June 2009 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408-745-2000 www.juniper.
PAGE 2
Copyright © 1999–2009 Juniper Networks, Inc. All rights reserved. Printed in USA. Steel-Belted Radius, Juniper Networks, the Juniper Networks logo are registered trademark of Juniper Networks, Inc. in the United States and other countries. Raima, Raima Database Manager and Raima Object Manager are trademarks of Birdstep Technology. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
PAGE 3
Table of Contents System Requirements ...................................................................................... 1 SBR Administrator ..................................................................................... 1 Solaris........................................................................................................ 1 Linux ......................................................................................................... 3 Windows ...........................................
PAGE 4
iv 
PAGE 5
Release Notes Steel-Belted Radius Release 6.1.1 These release notes accompany Release 6.1.1 of the Steel-Belted Radius software. Before you install or use your new software, you should read these release notes in their entirety, especially the “Known Problems and Limitations” section on page 6. If the information in these release notes differs from the information found in the product documentation, follow these release notes.
PAGE 6
Steel-Belted Radius v6.1.1 Release Notes Before You Install on Solaris Before upgrading the Steel-Belted Radius software, you must stop the Steel-Belted Radius server and create an archive copy of your \radius directory. This will allow you to migrate items such as certificates, JRE extensions, and SNMP configuration information, which are not automatically migrated by the conversion script, after you have completed the upgrade steps.
PAGE 7
Steel-Belted Radius v6.1.1 Release Notes Be sure to obtain your patches directly from Sun (www.sun.com), review the patch README files, and consider making a backup before altering your system. Linux Release 6.1.1 of the Steel-Belted Radius software runs on the 32-bit versions of Red Hat Enterprise Linux ES or AS 4.0 and Red Hat Enterprise Linux ES or AS 4.5. Release 6.1.1 does not run on 64-bit versions of Linux.  The system must have glibc 2.3.2 or 2.3.3 for Red Hat 4.0 or 4.5 ES or AS.
PAGE 8
Steel-Belted Radius v6.1.1 Release Notes Before You Install on Windows If you are migrating data from a previous version of Steel-Belted Radius, you must convert your database per the instructions in the Steel-Belted Radius Installation and Upgrade Guide. Steel-Belted Radius Appliance Contact your sales representative concerning the availability of Steel-Belted Radius Appliance Release 6.1.1.
PAGE 9
Steel-Belted Radius v6.1.1 Release Notes Database Servers The following databases are recommended for use with the Steel-Belted Radius server running on Solaris or Linux using JDBC or running on Windows using ODBC:  Oracle 8.1.7  Oracle 9.2.0  Oracle 10.2.0  MS-SQL Server 2000 8.0.2039  MS-SQL Server 2005 9.0.1399  MySQL 5.0.27 The following databases are recommended for use with the Steel-Belted Radius server running on Solaris using native Oracle plug-ins:  Oracle 8.1.7  Oracle 9.
PAGE 10
Steel-Belted Radius v6.1.1 Release Notes  CRL cache timeout  Enforcement of CRL serial numbers  CRL proxy connection settings  Proxy exclusion list  Static CDPs  CCM replication  Support for background CCM replication  Replication backup and restore  Daylight savings time—Release 6.1 adds support for automatic adjustment of system clock for daylight savings time.
PAGE 11
Steel-Belted Radius v6.1.1 Release Notes  Changing Primary status with SBR Administrator—If the SBR Administrator is used to modify the configuration, the Primary status does not reflect the modification until the configuration is published. (247862, old ID-6428)  Editing record types on Replicas—Although it appears you can modify the Replica configuration using the SBR Administrator, Replica configuration changes are overwritten by the Primary when the Primary configuration is published.
PAGE 12
Steel-Belted Radius v6.1.1 Release Notes  No stored procedures with MySQL—As of MYSQL 5.0 and 5.1, stored procedures are supported by MYSQL and can be used with Steel-Belted Radius when using a SQL backend for authentication and accounting. Note that there are known issues with MYSQL when using CALL statements such as "SQL= {call rsp_getpword (%username!i, %password!o)}". However, execute statements, such as "SQL= Execute rsp_getpword %username, %password" work fine. See MYSQL for further details.
PAGE 13
Steel-Belted Radius v6.1.1 Release Notes  Calling software development kit function SbrCtrlEnumResponseAttributes() in a plugin causes enumerated attributes to be removed from response. (287519)  When using SQL accounting, not all values of multivalued attributes are inserted in the database. (288198)  SBR sends cached response for duplicate request. (289089)  Server crashes when client deleted. (295621)  Setting stringnz for State attribute in radius.
PAGE 14
Steel-Belted Radius v6.1.1 Release Notes  Upper-case characters in filters.ini—If the filters.ini file contains upper-case characters in filter names, the radio button on the Edit Rule panel will be uninitialized. If this occurs, change the case of all filter names to lower case. (249838, old ID-8799)  Name of Location Group—The names of location groups are case-sensitive.
PAGE 15
Steel-Belted Radius v6.1.1 Release Notes  Large Windows domain (Windows only)—If your Windows domain has thousands of users and you click Add in the Administrators panel, SBR Administrator may take many minutes for the available usernames to appear. During this time, the Steel-Belted Radius server does not respond to other copies of the SBR Administrator. To avoid this problem, create a local Windows group with a name such as sbradmins. Add this group to access.ini. Restart Steel-Belted Radius.
PAGE 16
Steel-Belted Radius v6.1.1 Release Notes  Windows Installer must be told server's role during upgrade—When you upgrade from a previous release of Steel-Belted Radius, the installer does not remember whether the host was a standalone server, a primary server, or a replica server. If you give a different answer during the upgrade, results are unpredictable. To avoid this, enter the same answer (standalone, primary, or replica) as before.
PAGE 17
Steel-Belted Radius v6.1.1 Release Notes  Statistics for replica server—If you connect the SBR Administrator to the primary server, open the Statistics:System panel, and select a replica server to view, the replica server statistics may not appear. If this occurs, connect the SBR Administrator to the replica of interest and open the Statistics:System panel.
PAGE 18
Steel-Belted Radius v6.1.1 Release Notes  SBR Administrator rights in the Tunnels panel—SBR Administrator users are able to edit the controls on the Name Parsing tab of the Tunnels panel in the Administrator application when they should not have the privileges to do so. (248563, old ID-7335) Problems Resolved in Release 6.0.1 Steel-Belted Radius release 6.0.1 corrects a problem in which Steel-Belted Radius could exhaust all threads under conditions of extremely heavy load.
PAGE 19
Steel-Belted Radius v6.1.1 Release Notes  RADIUS User-name attribute, not EAP user-name, was used when pre-fetching credentials. (7237)  JRE upgraded to support SMP Multiprocessor Kernel on RedHat Linux. (7212)  New CRLs were not retrieved during expiration grace period. (7167)  EAP-NAK would result in Access-Reject rather than use of another method. (7118)  PEAP/TTLS tunneled user-name was not logged. (7094)  Session time extension was not correctly returned.
PAGE 20
Steel-Belted Radius v6.1.1 Release Notes Figure 1: Sample rr. File ;acme.rr [Sets] VPN1=20 VNP2=12 VPN3=7 [VPN1] Tunnel-Server-Endpoint = 8.4.2.1 Tunnel-Password = GoodGuess [VPN2] Tunnel-Server-Endpoint = 8.4.2.2 Tunnel-Password = BestGuess [VPN3] Tunnel-Server-Endpoint = 8.4.2.4 Tunnel-Password = OurSecret Upgrade Instructions Windows/Solaris/Linux: Refer to the Steel-Belted Radius Installation and Upgrade Guide for information on upgrading your Steel-Belted Radius software to release 6.1.1.
PAGE 21
Steel-Belted Radius v6.1.1 Release Notes Documentation Feedback We encourage you to provide feedback, comments, and suggestions so that we can improve the Steel-Belted Radius documentation. You can send your comments to techpubs-comments@juniper.net, or fill out the documentation feedback form at http://www.juniper.net/techpubs/docbug/docbugreport.html.
PAGE 22
Steel-Belted Radius v6.1.1 Release Notes  18  Contacting Juniper Technical Support Any documentation that may help in resolving the problem, such as error messages, memory dumps, compiler listings, and error logs.