RADIUS General Parameters (Sun Directory Services 3.1 User's Guide)

Sun Directory Services 3.1 User's Guide

RADIUS General Parameters

The following general parameters are defined for RADIUS. The RADIUS_RU_OCLASS, RADIUS_RAS_OCLASS, RADIUS_RU_ROOT, RADIUS_RU_ROOT and RADIUS_MAX_FAIL definitions can be automatically generated from the radius.mapping(4) file by the dejasync utility. See Appendix B, dejasync Command Reference, or the dejasync(1M) manpage for information.

RADIUS_RU_OCLASS: Specifies the object class associated with the RADIUS Remote User entry type. A single object class is required for each type. This definition is automatically generated if you use the dejasync utility. The default object class is remoteuser.
RADIUS_RAS_OCLASS: Specifies the object class associated with the RADIUS Remote Access Server entry type. A single object class is required for each type. This definition is automatically generated if you use the dejasync utility. The default object class is nas.
RADIUS_RU_ROOT: Specifies the DN of the root entry used for RADIUS Remote User searches. It is also the default parent entry displayed in the RADIUS Create panel. This definition is automatically generated if you use the dejasync utility. The default value is o=xyz_remote_users,c=us.
RADIUS_RAS_ROOT: Specifies the DN of the root entry used for RADIUS Remote Access Server searches. It is also the default parent entry displayed in the RADIUS Create panel. This definition is automatically generated if you use the dejasync utility. The default value is o=xyz_ras,c=us.
RADIUS_RU_NAMINGATTR: Specifies the naming attributes that are available in the RADIUS Create panel for Remote User entries. This is a comma delimited list. The default naming attributes are cn and uid.
RADIUS_RAS_NAMINGATTR: Specifies the naming attributes that are available in the RADIUS Create panel for Remote Access Server entries. This is a comma delimited list. The default naming attribute is cn.
RADIUS_MAX_FAIL: Specifies search limit for the RADIUS Remote User blocked accounts search. The blocked accounts search returns entries that have a value for the attribute radiusAuthFailedAccess greater than or equal to the value of RADIUS_MAX_FAIL. The default value is 4. This definition is automatically generated if you use the dejasync utility.

Example A-10 RADIUS General Parameters

# Add object classes (a single objectclass is accepted for every type)
RADIUS_RU_OCLASS=          remoteuser
RADIUS_RAS_OCLASS=         nas

# Radius COMMON to ADD and SEARCH Panels
# Root DN: a single RootDN is accepted for every type
RADIUS_RU_ROOT=            o=xyz_remote_users,c=us
RADIUS_RAS_ROOT=           o=xyz_ras,c=us

# Naming attributes: a comma (,) separated list is accepted for every type
RADIUS_RU_NAMINGATTR=      cn, uid
RADIUS_RAS_NAMINGATTR=     cn
RADIUS_MAX_FAIL=           4