RSA Security 6.1 manual Adding Records

Page 105

The following syntax is valid if the same keyword applies throughout the transaction:

dn: distinguished-name-of-entry

changetype: keyword

subkeyword: attribute

attribute: value

subkeyword: attribute

attribute: value

subkeyword: attribute

attribute: value

.

.

.

subkeyword: attribute entries are optional and indicate that you want to apply the change to a specific attribute within the entry. If there are no subkeyword: attribute entries in the transaction, the change applies to the entire entry. For example, it is faster to delete an entire entry:

dn: radiusname=TINYCO.COM,radiusclass=client,o=radius

changetype: delete

but if you want to delete only a few attributes from the entry, you may do so:

dn: radiusname=TINYCO.COM,radiusclass=client,o=radius

changetype: delete

delete: acct-shared-secret

If the subkeyword is add or replace, an attribute: value entry must

appear immediately following the subkeyword: attribute entry. If the

subkeyword is delete, the attribute: value entry does not apply and should be omitted.

Adding Records

You can populate an LDAP database by creating an LDIF file that imports entries from one LDAP database into another. You can search the first database for the entries you want, then add them to the second database. You can even use the search operation to filter out attributes from the first database that you do not want in the second database. You can search the first database using ldapsearch. This creates an LDIF file which you can then input to ldapmodify.

To import entries from one LDAP database into another, run the ldapsearch command on the first database. Request only the attributes you want for the new database. When ldapsearch completes processing, edit the output LDIF file.

After each line that begins with dn:, add a single line containing the text

RSA RADIUS Server 6.1 Administrator’s Guide Using the LDAP Configuration Interface

93

Image 105
Contents RSA Radius Server 6.1 Administrator’s Guide Contact Information Trademarks Distribution Contents Chapter Installing the RSA Radius Server Chapter Administering Profiles Glossary Index About This Guide AudienceWhat’s In This Manual Syntax Conventions RSA Radius Server Documentation Related DocumentationVendor Information Requests for Comments RFCsGetting Support and Service Third-Party ProductsBefore You Call for Customer Support About RSA Radius Server RSA Radius Server FeaturesAbout RSA Radius Server September RSA Radius Server OverviewRSA Radius Authentication Radius Packets Radius Configuration Radius Server ConfigurationRadius Client Configuration Radius Shared SecretsRadius Secret Replication SecretNode Secret Radius Ports AuthenticationAccounting Comma-Delimited Log Files Accounting SequenceTunneled Accounting Dictionaries AttributesVendor-Specific Attributes Make/Model FieldChecklist Attributes Attribute ListsUpdating Attribute Information Attribute Values Return List AttributesMulti-Valued Attributes Orderable Attributes Default ValuesSystem Assigned Values Echo PropertyCentralized Configuration Management Designating a New Primary Radius Server Replacing a Replica Radius ServerChanging the Name or IP Address of a Server Recovering a Replica After a Failed DownloadBefore You Begin Installing the RSA Radius ServerRequired Files Data Migration/RegistrationSystem Requirements Installing on WindowsIf you are installing a Replica RSA Radius Server, click Installing the RSA Radius ServerUninstalling the RSA Radius Server Software Installer Syntax Installing on SolarisPath Reppkg Installing the RSA Radius Server SoftwareEnter RSA administration port Stopping and Starting the Radius Daemon Migration Log File Linux Server System Requirements Installing on LinuxShould be overwritten Installing the RSA Radius Server Software Enter RSA administration port Etc/init.d/sbrd stop # ./uninstallrsa.sh Running RSA Radius Administrator Using RSA Radius AdministratorNavigating in RSA Radius Administrator RSA Radius Administrator MenusFile Menu Panel Menu See , Administering Radius Clients onRSA Radius Administrator Toolbar Web MenuHelp Menu Adding an Entry RSA Radius Administrator WindowsSample Add Window Editing an EntrySample Edit Window Cutting/Copying/Pasting RecordsResizing Columns Using Context MenusChanging Column Sequence Sorting InformationAccessing Online Help Displaying Version InformationAdding a License Key Add a License for Server Window Exiting the RSA Radius AdministratorRadius Clients Panel Administering Radius ClientsAdd Radius Client Window Adding a Radius ClientSecret to display the characters in the shared secret Deleting a Radius Client Verifying a Shared SecretPage Administering Radius Clients September Administering Profiles Adding a Checklist or Return List Attribute for a ProfileAbout Profiles Resolving Profile and User Attributes Default ProfileAdding a Profile Setting Up ProfilesClick Add to add this attribute/value pair to the list Removing a Profile Administering Profiles September Displaying Statistics Displaying Server Authentication StatisticsStatistics Panel System Authentication Statistics Radius client is sending incorrectly formed packets to Statistics Panel System Accounting Statistics Displaying Server Accounting StatisticsAccounting Statistic Meaning Displaying Radius Client Statistics Resetting Server StatisticsOptionally, sort the messages by clicking a column header Displaying Statistics September Administering Radius Servers Adding a Radius Server Manually Replication PanelAdd Server Window Deleting a Radius Server Enabling a Radius ServerNotifying Replica Radius Servers Publishing Server Configuration InformationDesignating a New Primary Radius Server Recovering a Replica After a Failed DownloadChanging the Name or IP Address of a Server Regenerating a Node Secret Resetting the Radius Database Administering Radius Servers September Using the Radius System Log LoggingLogging Files Controlling Log File Size Level of Logging DetailAccounting Log File Format Using the Accounting LogComma Placeholders First Line HeadingsAcct-Status-Type Standard Radius Accounting AttributesAcct-Input-Packets P e n d i x a Ldap Configuration Interface FileLdap Utilities About the Ldap Configuration InterfaceDownloading the Ldap Utilities Ldap RequestsLdap Version Compliance Configuring the Ldap TCP PortAvailable Attributes Ldap Virtual SchemaLdap Schema Slide 2 Ldap Schema Slide 3 Cn=username,o=radius -w passcode cachedPW Unspecified or 0.0.0.0 RAS IP address When you display Searching for Records Ldap Command ExamplesLdapmodify Option Meaning Modifying RecordsWhere Adding Records Deleting Records Statistics Variables Counter StatisticsStattype server Stattype accounting Stattype authenticationRate Statistics Using the Ldap Configuration Interface September AAA GlossaryDNS Tokencode Radius Servers TLS 104 Glossary September Index Tokencode