RSA Security 6.1 manual Ldap Version Compliance, Configuring the Ldap TCP Port

Page 96

Znsldapssl32v30.dll (if you are on a Windows host)

Zlibldap30.so (if you are on a Solaris host)

To run the LDAP utilities, execute them from this directory. If you set the path environment variable to point to this directory, you can run them any location on the system.

NOTE: The examples that follow assume you are using the LDAP utilities provided as part of the Sun ONE Directory SDK. If you are using LDAP utilities from another source, the command options you use may be different. Consult the documentation for your LDAP utilities for more information.

LDAP Version Compliance

The LDAP server software that has been incorporated into RSA RADIUS Server is compliant with version 2 of the LDAP specification. Therefore, we suggest using the -V 2 command line option to direct the utilities to use version 2 features. For example:

ldapmodify -c -V 2 -p 354 -D "cn=admin,o=radius" -w radius -f filename

Configuring the LDAP TCP Port

To avoid conflicts with LDAP services that may already be installed, the default TCP port number for communication between RSA RADIUS Server and the LDAP client is 667. If you are certain that there will not be any conflicts, you can change this port number to 389, the standard LDAP TCP port.

You can configure RSA RADIUS Server to use a different TCP port to communicate with the LDAP client. In the following example, port 354 is assigned.

1In the radius.ini configuration file, create an [LDAP] section if one does not exist, and set the TCPPort field to the port number you want to use. For example:

[LDAP] Enable = 1 TCPPort = 354

2If you want to specify the interfaces on which you want RSA RADIUS Server to listen for LCI requests, add a [LDAPAddresses] section to the radius.ini file. This section should contain a list of IP addresses, one per line:

[LDAPAddresses]

84

Using the LDAP Configuration Interface

September 2005

Page 95 Page 97
Image 96
Page 95 Page 97
Contents RSA Radius Server 6.1 Administrator’s Guide Contact Information Trademarks Distribution Contents Chapter Installing the RSA Radius Server Chapter Administering Profiles Glossary Index About This Guide AudienceWhat’s In This Manual Syntax Conventions Related Documentation RSA Radius Server DocumentationVendor Information Requests for Comments RFCsGetting Support and Service Third-Party ProductsBefore You Call for Customer Support RSA Radius Server Features About RSA Radius ServerRSA Radius Server Overview About RSA Radius Server SeptemberRSA Radius Authentication Radius Packets Radius Configuration Radius Server ConfigurationRadius Client Configuration Shared Secrets RadiusRadius Secret Replication SecretNode Secret Authentication Radius PortsAccounting Accounting Sequence Comma-Delimited Log FilesTunneled Accounting Attributes DictionariesVendor-Specific Attributes Make/Model FieldChecklist Attributes Attribute ListsUpdating Attribute Information Attribute Values Return List AttributesMulti-Valued Attributes Default Values Orderable AttributesSystem Assigned Values Echo PropertyCentralized Configuration Management Replacing a Replica Radius Server Designating a New Primary Radius ServerRecovering a Replica After a Failed Download Changing the Name or IP Address of a ServerInstalling the RSA Radius Server Before You BeginRequired Files Data Migration/RegistrationInstalling on Windows System RequirementsInstalling the RSA Radius Server If you are installing a Replica RSA Radius Server, clickUninstalling the RSA Radius Server Software Installing on Solaris Installer SyntaxPath Installing the RSA Radius Server Software ReppkgEnter RSA administration port Stopping and Starting the Radius Daemon Migration Log File Installing on Linux Linux Server System RequirementsShould be overwritten Installing the RSA Radius Server Software Enter RSA administration port Etc/init.d/sbrd stop # ./uninstallrsa.sh Using RSA Radius Administrator Running RSA Radius AdministratorNavigating in RSA Radius Administrator RSA Radius Administrator MenusFile Menu See , Administering Radius Clients on Panel MenuRSA Radius Administrator Toolbar Web MenuHelp Menu RSA Radius Administrator Windows Adding an EntryEditing an Entry Sample Add WindowCutting/Copying/Pasting Records Sample Edit WindowUsing Context Menus Resizing ColumnsChanging Column Sequence Sorting InformationAccessing Online Help Displaying Version InformationAdding a License Key Exiting the RSA Radius Administrator Add a License for Server WindowAdministering Radius Clients Radius Clients PanelAdding a Radius Client Add Radius Client WindowSecret to display the characters in the shared secret Verifying a Shared Secret Deleting a Radius ClientPage Administering Radius Clients September Administering Profiles Adding a Checklist or Return List Attribute for a ProfileAbout Profiles Default Profile Resolving Profile and User AttributesSetting Up Profiles Adding a ProfileClick Add to add this attribute/value pair to the list Removing a Profile Administering Profiles September Displaying Server Authentication Statistics Displaying StatisticsStatistics Panel System Authentication Statistics Radius client is sending incorrectly formed packets to Displaying Server Accounting Statistics Statistics Panel System Accounting StatisticsAccounting Statistic Meaning Resetting Server Statistics Displaying Radius Client StatisticsOptionally, sort the messages by clicking a column header Displaying Statistics September Administering Radius Servers Replication Panel Adding a Radius Server ManuallyAdd Server Window Enabling a Radius Server Deleting a Radius ServerPublishing Server Configuration Information Notifying Replica Radius ServersRecovering a Replica After a Failed Download Designating a New Primary Radius ServerChanging the Name or IP Address of a Server Regenerating a Node Secret Resetting the Radius Database Administering Radius Servers September Using the Radius System Log LoggingLogging Files Level of Logging Detail Controlling Log File SizeUsing the Accounting Log Accounting Log File FormatFirst Line Headings Comma PlaceholdersStandard Radius Accounting Attributes Acct-Status-TypeAcct-Input-Packets Ldap Configuration Interface File P e n d i x aAbout the Ldap Configuration Interface Ldap UtilitiesLdap Requests Downloading the Ldap UtilitiesConfiguring the Ldap TCP Port Ldap Version ComplianceLdap Virtual Schema Available AttributesLdap Schema Slide 2 Ldap Schema Slide 3 Cn=username,o=radius -w passcode cachedPW Unspecified or 0.0.0.0 RAS IP address When you display Ldap Command Examples Searching for RecordsModifying Records Ldapmodify Option MeaningWhere Adding Records Deleting Records Statistics Variables Counter StatisticsStattype server Stattype authentication Stattype accountingRate Statistics Using the Ldap Configuration Interface September Glossary AAADNS Tokencode Radius Servers TLS 104 Glossary September Index Tokencode
Top Page Image Contents