Alcatel-Lucent 8950 AAA

Advanced Authentication OptionsUsing the 8950 AAA Policy Assistant in Server

Management Tool

................................................................................................................................... .........................................................................................................................

365-360-001R6.0

Issue 1, December 2008 9-33

.................................................................................................................................... ........................................................................................................................

– UNIX/Linux SHA Detect passwords using UNIX/Linux SHA format

• External Authentication Use information from external source as specified

in Auth-Type attribute

– LDAP Directory Detect passwords within LDAP directory

– Microsoft Active Directory Detect passwords within MS Active Directory

– Windows Security Access Manager Detect passwords within Windows SAM

– UNIX System Detect passwords within UNIX System

– UNIX Password File Detect passwords within UNIX password file

– RSA ACE/Server (SecurID) Detect passwords within RSA ACE/Server

– Secure Computing SafeWord Server Detect passwords within Secure Computing

SafeWord Server

• EAP Authentication Use information from EAP source as specified in

Auth-Type attribute

– EAP MDS Detect MDS passwords

– EAP TLS Detect TLS passwords

– EAP LEAP Detect all LEAP passwords

– EAP LEAP (NT password) Detect NT passwords

– EAP LEAP (Plain text password) Detect plain text passwords

– EAP LEAP (MD4 password) Detect MD4 passwords

– EAP MS CHAP V2 Detect all MS CHAP V2 passwords

– EAP MS CHAP V2 (NT password) Detect NT passwords

– EAP MS CHAP V2 (Plain text

password) Detect plain text passwords

– EAP MS CHAP V2 (MD4 password) Detect MD4 passwords

Tunnelled EAP

• Available EAP Tunnel Types Automatically process EAP authentication requests

tunneled through tunnel types

– PEAP Allow PEAP tunnel type

– PEAP with Generic Token Card

installed Allow PEAP with Generic Token Card tunnel type

–TTLS Allow TTLS tunnel type

Table 9-4 Advanced Authentication Option

Tab/Group/Option Description