test

Solaris ISP Server 2.0 Administration Guide

Making Subscriber Entries Using the Deja Tool

Creating a Basic Subscriber Entry

Each ISP subscriber (or customer) must have an entry in the directory. These entries, of the ispSubscriber object class, provide authentication and access information for each customer. There are different types of subscriber entries, depending on the needs of the individual subscriber.

To make a basic subscriber entry in the directory:

  1. Start and log into Deja. See "Accessing the Sun Directory Services Deja Tool " for detailed steps.

  2. Choose Create Entry from the Entry menu.

  3. Enter the distinguished name of the subscriber's parent in the parent text field; for example, ou=People,ou=SomeDomain,o=sun,c=us. Solaris ISP Server expects subscriber entries to be located under a People node in a domain or organization.

    Tip -

    If the parent is visible in the tree on the left of Deja's screen, select it and click Get from Browser.

  4. Choose the cn attribute for the subscriber's relative distinguished name, and enter the name in the form Firstname Lastname (userid). The cn attribute is case-insensitive.

  5. Click Next Step.

  6. Choose the object class ispSubscriber, and click Next Step.

  7. Set values for the following mandatory attributes:

    • userid: enter the user's login name

    • commonName: enter the subscriber's name, in the form Firstname Lastname (userid). The cn attribute is case-insensitive.

      Note -

      It may appear that the cn attribute must be set twice. The first step sets the entry's relative distinguished name. This step actually sets the commonName attribute. Enter the same value.

    • sn: enter the subscriber's surname.

    • userPassword: enter the user's password. Limit passwords to 8 characters if you are sharing user information with UNIX accounts.

    These attributes must have values for the subscriber entry to be valid. You can add values for optional entries as appropriate.

  8. Click Done.

    The message "Entry successfully created" appears in the Deja message box. Your entry appears in the directory tree graph on the left of the Deja screen.

    See the Sun Directory Services User Guide, Chapter 2, "Deja Tool: Standard LDAP Features" for more information about the Deja tool.

Creating an Entry for a Subscriber with Virtual Hosting

To make a subscriber entry in the directory:

  1. Start and log into Deja. See "Accessing the Sun Directory Services Deja Tool " for detailed steps.

  2. Choose Create Entry from the Entry menu.

  3. Enter the distinguished name of the subscriber's parent in the parent text field; for example, ou=People,ou=SomeDomain,o=sun,c=us. Solaris ISP Server expects subscriber entries to be located under a People node in a domain or organization.

    Tip -

    If the parent is visible in the tree on the left of Deja's screen, select it and click Get from Browser.

  4. Choose the cn attribute for the subscriber's relative distinguished name, and enter the name in the form Firstname Lastname (userid). The cn attribute is case-insensitive.

  5. Click Next Step.

  6. Choose the object class ispSubscriber, and click Next Step.

  7. Set values for the following mandatory attributes:

    • userid: enter the user's login name

    • commonName: enter the subscriber's name, in the form Firstname Lastname (userid). The cn attribute is case-insensitive.

      Note -

      It may appear that the cn attribute must be set twice. The first step sets the entry's relative distinguished name. This step actually sets the commonName attribute. Enter the same value.

    • sn: enter the subscriber's surname.

    • userPassword: enter the user's password. Limit passwords to 8 characters if you are sharing user information with UNIX accounts.

    • gidNumber: enter the UNIX group ID defined for a user in the virtually-hosted domain.

    • uidNumber: enter the UNIX user ID defined for a user in the virtually-hosted domain.

    • ispContentDirectory: enter the path (relative to the ispDirectoryRoot defined for the virtually-hosted domain) to the subscriber's FTP content directory. Include the leading slash, for example: /home/ftp.

    These attributes must have values for the subscriber entry to be valid. You can add values for optional entries as appropriate.

  8. Click Done.

    The message "Entry successfully created" appears in the Deja message box. Your entry appears in the directory tree graph on the left of the Deja screen.

    See the Sun Directory Services User Guide, Chapter 2, "Deja Tool: Standard LDAP Features" for more information about the Deja tool. Also see Appendix A, "Configuring a Virtual Host."

Creating an Entry for a Subscriber with RADIUS Access

Adding RADIUS server access information to a subscriber entry involves adding an object class, remoteUser, and setting a number of special attributes. To make a subscriber entry in the directory for a user who accesses services through a RADIUS server:

  1. Start and log into Deja. See "Accessing the Sun Directory Services Deja Tool " for detailed steps.

  2. Choose Create Entry from the Entry menu.

  3. Enter the distinguished name of the subscriber's parent in the parent text field; for example, ou=People,ou=SomeDomain,o=sun,c=us. Solaris ISP Server expects subscriber entries to be located under a People node in a domain or organization.

    Tip -

    If the parent is visible in the tree on the left of Deja's screen, select it and click Get from Browser.

  4. Choose the cn attribute for the subscriber's relative distinguished name, and enter the name in the form Firstname Lastname (userid). The cn attribute is case-insensitive.

  5. Click Next Step.

  6. Choose the object classes ispSubscriber and remoteUser, and click Next Step.

  7. Set values for the following mandatory attributes:

    • userid: enter the user's login name

    • commonName: enter the subscriber's name, in the form Firstname Lastname (userid). The cn attribute is case-insensitive.

      Note -

      It may appear that the cn attribute must be set twice. The first step sets the entry's relative distinguished name. This step actually sets the commonName attribute. Enter the same value.

    • sn: enter the subscriber's surname.

    • userPassword: enter the user's password. Limit passwords to 8 characters if you are sharing user information with UNIX accounts.

    • gidNumber: enter the UNIX group ID defined for a user in the virtually-hosted domain.

    • uidNumber: enter the UNIX user ID defined for a user in the virtually-hosted domain.

    • ispContentDirectory: enter the path (relative to the ispDirectoryRoot defined for the virtually-hosted domain) to the subscriber's FTP content directory. Include the leading slash, for example: /home/ftp.

    • authSuffixName: enter the suffix string to be appended to the user's login name.

    • grpCheckInfo: enter the attributes you want used for user authentication (grpCheckInfo is multi-valued). We recommend that you enter at least authSuffixName and userPassword.

    • authServiceProtocol: enter Framed-User.

    • framedRouting: enter None.

    • framedProtocol: enter PPP.

    • grpReplyInfo: set this multivalued attribute three times, with the following values:

      • authServiceProtocol

      • framedProtocol

      • framedRouting

    These attributes must have values for the subscriber entry to be valid. You can add values for optional entries as appropriate.

  8. Click Done.

    The message "Entry successfully created" appears in the Deja message box. Your entry appears in the directory tree graph on the left of the Deja screen.

    See the Sun Directory Services User Guide, Chapter 2, "Deja Tool: Standard LDAP Features" for more information about the Deja tool. Also see Appendix A, "Configuring a Virtual Host."

Creating an Entry for a Subscriber with both Virtual Hosting and RADIUS Access

To make an entry in the directory services for a subscriber who uses a RADIUS server for access and who has FTP or Web services on a virtual host:

  1. Start and log into Deja. See "Accessing the Sun Directory Services Deja Tool " for detailed steps.

  2. Choose Create Entry from the Entry menu.

  3. Enter the distinguished name of the subscriber's parent in the parent text field; for example, ou=People,ou=SomeDomain,o=sun,c=us. Solaris ISP Server expects subscriber entries to be located under a People node in a domain or organization.

    Tip -

    If the parent is visible in the tree on the left of Deja's screen, select it and click Get from Browser.

  4. Choose the cn attribute for the subscriber's relative distinguished name, and enter the name in the form Firstname Lastname (userid). The cn attribute is case-insensitive.

  5. Click Next Step.

  6. Choose the object classes ispSubscriber and remoteUser, and click Next Step.

  7. Set values for the following mandatory attributes:

    • userid: enter the user's login name

    • commonName: enter the subscriber's name, in the form Firstname Lastname (userid). The cn attribute is case-insensitive.

      Note -

      It may appear that the cn attribute must be set twice. The first step sets the entry's relative distinguished name. This step actually sets the commonName attribute. Enter the same value.

    • sn: enter the subscriber's surname.

    • userPassword: enter the user's password. Limit passwords to 8 characters if you are sharing user information with UNIX accounts.

    • authSuffixName: enter the suffix string to be appended to the user's login name.

    • grpCheckInfo: enter the attributes you want used for user authentication (grpCheckInfo is multi-valued). We recommend that you enter at least authSuffixName and userPassword.

    • authServiceProtocol: enter Framed-User.

    • framedRouting: enter None.

    • framedProtocol: enter PPP.

    • grpReplyInfo: set this multivalued attribute three times, with the following values:

      • authServiceProtocol

      • framedProtocol

      • framedRouting

    These attributes must have values for the subscriber entry to be valid. You can add values for optional entries as appropriate.

  8. Click Done.

    The message "Entry successfully created" appears in the Deja message box. Your entry appears in the directory tree graph on the left of the Deja screen.

    See the Sun Directory Services User Guide, Chapter 2, "Deja Tool: Standard LDAP Features" for more information about the Deja tool. Also see Appendix A, "Configuring a Virtual Host."