Server User Manual
RSA RADIUS Server 6.1 Administrator’s Guide Using the LDAP Configuration Interface 85
199.198.197.196
196.197.198.199
If the [LDAPAddresses] section is omitted or empty, RSA RADIUS Server
listens for LCI requests on all bound IP interfaces.
3 Specify the same port number using the
-p option on the LDAP command
line. For example:
ldapsearch -V 2 -p 354 -D "cn=admin,o=radius" -w radius
-s sub -T -b "radiusclass=Client,o=radius" radiusname=*
LDAP Virtual Schema
The LDAP server uses the virtual schema (illustrated in Figures 26–29) to format
configuration data so that this data can be understood by the
RSA RADIUS Server database.
NOTE: radiusstatus items can be read, but they cannot be modified.
Figure 26 LDAP Schema (Slide 1 of 4)
1...n
1...n
Available Attributes:
Login-Limit <number>
Profile <string>
Available Child Objects:
radiuslist=reply
radiuslist=check
radiusclass=
profile
radiusname=
MYPROFILE
1...n
radiusclass=
securid-user
radiusname=
MYPROFILE
radiusclass=
server
Available Attributes:
Server-Password <string>
Server-Password-Enabled 0|1
Default-Reject-Msg <string>
Unknown-User-Msg <string>
Lists-Mismatch-Msg <string>
Invalid-Lists-Msg <string>
Auth-Methods <meth1>; <meth2>; ...
Log-Max-Days <number>
radiusclass=
rsa_cached_passwords
(read-only)
Available Attribute:
cached-password
Available Check
Attributes:
All check list attributes
from dictionaries
Available Reply
Attributes:
All reply list attributes
from dictionaries
radiusclass=
client
radiusname=
MYRASCLIENT
Available Attributes:
Shared-Secret <string>
Acct-Shared-Secret <string>
IP-Address nnn.nnn.nnn.nnn
Product <string>
Inactivity-Timeout <seconds>