Changing a User Name and Password

Managing Kerberos

Once the network manager has set up the access server, users can change their own passwords on the master KDC for their realm.

Example: Sample Kerberos User Authentication Session

The following example shows a sample session for changing a password. The way that message 468 wraps may appear differently on your terminal screen.

Local> kpasswd

Username> smith

Old password> oldpassword (not echoed)

New password> newpassword (not echoed)

Verification> newpassword (not echoed)

Local -468- Attempting to change Kerberos password for user smith@finance.acme.com

Local -469- Kerberos password has been changed

Local>

Alternative Password Command

Instead of the KPASSWD command, you can also use the DEFINE KERBEROS PASSWORD COMMAND as described in the Network Access Server Command Reference.

User Authentication Counters

This section describes the user authentication counters. These counters display information that is useful for detecting problems.

Network Access Server User Authentication Counters

The following example shows how to display the user authentication counters for the access server:

Local> SHOW SERVER AUTHENTICATION COUNTERS
		Total	Total
		attempts	failures
User authentication (all realms):		16	0
	Total	Valid	Error
	Packets	Packets	Packets
	Sent	Received	Received
Realm: mfg.acme.com	8	8	0
Realm: sales.acme.com	7	6	1
Realm: finance.acme.com	1	1	0
Time since counters last zeroed:			1 01:55:14

Managing Access Server Security 22-11

Page 457

Image 457

HP NetRider manual Changing a User Name and Password, User Authentication Counters, Alternative Password Command

Contents

Software and Version Revision/Update Information Digital Equipment Corporation 199 7. All rights reserved Contents User Interface Managing Load Hosts Configuring LAT Characteristics Vii TCP/IP Network Characteristics Managing AppleTalk Configuring Basic Device Characteristics Configuring Modem Signals Configuring and Managing Interactive Devices Xiii Configuring and Managing LAT Services Configuring LPD Printers Configuring and Managing Slip Ports Configuring for Snmp Access Configuring and Managing 3270 Terminal Emulation TN3270 Configuring and Managing Point-to-Point Protocol PPP Ports Managing IPX Managing Dial Services Managing Access Server Security Xxiii Accounting Glossary Index Page Preface Using This ManualOverview Purpose Convention Meaning ConventionsUppercase Text Associated Documents To Order Contact How to Order Additional DocumentationDigital Equipment Corporation Correspondence Online ServicesDocumentation Comments FAXPage Introduction Chapter Dnas ManagementThis Chapter Configuration Tasks Configuration Tasks for System AdministratorsTo Configure Refer to Default Settings System Management Tasks Management Tasks for System AdministratorsTo Manage Refer to User Tasks Accessing Online HelpLocal Help Tutorial Power Loss Storage of Configuration Settings and Changes in MemoryMemory Types Types of Commands That Operate on Configuration Settings Commands to Display and Change Configuration SettingsReference Nvram Chapter Management Tools Levels of Access Server Commands Access Server CommandsCommand Provides Access to Commands to Enable Level Disable Command Result Command DefinitionsUser Groups Example Enabling Privileged Commands Privileged CommandsExample Changing the Privileged Password Local SET Server Privileged Password Help Command Help Tutorial CommandExample Accessing Online Help Information Help Console Port Example Show Server CommandDisplaying Port Parameters Local Show Server Remote Console Port Features of the Remote Console PortDescription Communications Utilities for Remote Console Sessions OpenVMS Utility Terminal Server Manager Network Control Program NCPUsage Considerations Use of SET HOST/MOP from a DECnet/OSI OpenVMS Node $ MCR NCP NCP Connect Node Shrimp Service Password Fedcba Badcfe Use of CCR from an Ultrix DECnet Node Telnet Remote Console CharacteristicDescription Characteristics of the Telnet Remote Console Port Functions Access Server ManagerRelated Information Page Chapter User Interface Command Groups and Menus Creating a Command Group Using Command GroupsExample Defining a Command Group Step Action Displaying a Command Group Executing a Command GroupPurging a Command Group Displaying a List of Enabled Menus Using MenusEntering Menu Mode Example Show Menu Command Example Assigning a Default Menu Assigning a Default Menu to a PortLocal Define Port 2 Default Menu Hosts Menu Windows Figure Windows on Access Server Menus Defining Menus Local Change Menu Services from MainMain Menu Defining Menu Choices Main Menu Display Example Sample Definition of a Menu Selection Displaying a Selected Menu Exiting from a Menu Using Menus to Set Up a Captive PortDisplaying a Menu Definition Example Displaying a Menu Definition Purging Menu Lines and Entire Menus Example Commands to Purge Entire Menus and Menu LinesLocal Purge Menu Main Line Local Purge Menu Hosts Chapter Managing Load Hosts ∙ DSV$CONFIGURE ∙ Dsvconfig Load Host Procedures Executing DSV$CONFIGURE Backward Compatibility of DSV$CONFIGUREDefining Symbols Example Starting DSV$CONFIGURE and Displaying Help ADD CommandCommand Description Component Server Delete Command Modify and SET CommandsExample DSV$CONFIGURE ADD Command Connect and USE Commands List and Show CommandsExample Delete Command for DSV$CONFIGURE Example List Command for DSV$CONFIGURE Local CTRL/D Local Show User Context-Sensitive Help for DSV$CONFIGURE Dsvconfig Menu DECserver Configuration Procedure IP Address Configuration Via Bootp Using a BOOTP/TFTP Server Remote Connection Password Upline Dumping Upline Dumps with BOOTP/TFTP HostsUpline Dumps with MOP Hosts For TSM Users Terminal Server Manager TSMPage Chapter Initializing the Access Server Do This Preparing LAT Services for Initialization Preparing Telnet Listeners for Initialization Disabled Using the Initialize Command Initializing the Access ServerDefault Mode for the Initialize Command Login Methods Specifying a Delay Value with Initialize Specifying an Image Name When InitializingSpecifying Initialization from a Load Host Updating Flash RAM Specifying the Disable Option with Initialize Using the Diagnose Option with InitializeInitialize Diagnose Option Tests Test Performs NCP Initialization Commands Using NCP to Initialize the Access ServerNCP Initialization Description Commands NCP Reference Determining Boot Protocols Booting from the NetworkLoading the Software Image Reference Procedure Booting Using Console Commands Option Definition Associated Options Boot Command Options Option Definition Associated Options Page Chapter Configuring LAT Characteristics Preparing to Change LAT Characteristics LAT CharacteristicsLAT Characteristic Summary Characteristic Default Range Refer to Section Disabled Service Groups EnabledPasscheck Queue Limit Command To Use Displaying LAT CharacteristicsLAT Characteristics Display Example Configure Announcements Example Announcements Characteristic Changing the Circuit Timer Circuit Timer CharacteristicIncreasing the Circuit Timer Decreasing the Circuit Timer Identification String in a Login Procedure Display Identification CharacteristicChanging the Server Identification String Removing an Identification String Keepalive Timer Default Values Keepalive Timer CharacteristicKeepalive Timer Example Local Change Server Keepalive Multicast Timer Default Values Multicast Timer CharacteristicChanging Multicast Timer Values Example Local Change Server Multicast Timer Default Access Server Name Access Server Name CharacteristicChanging the Access Server Name Local Change Server Name Printing Changing the Access Server Node Limit Node Limit CharacteristicLocal Change Server Node Limit Access Server Number Values Access Server Number CharacteristicChanging the Access Server Number Local Change Server Number Changing the Passcheck Characteristics Passcheck CharacteristicPasscheck Characteristic Example Local Change Server Passcheck Enabled Special Queue Limit Values Queue Limit CharacteristicChanging the Queue Limit Local Change Server Queue Limit None Changing the Retransmit Limit Characteristic Retransmit Limit CharacteristicRetransmit Limit Values Local Change Server Retransmit Limit Access Server Mapping Responder CharacteristicDatagram Types Datagram Name Description Local Change Server Responder Enabled Changing the Responder Characteristic Viewing Service Groups Service GroupsChanging Access Server Service Groups Changing Service Groups Examples Chapter TCP/IP Network Characteristics TCP/IP Network Characteristics Setting the Internet Address Configuring the Internet Address and Subnet MaskTasks Alternative Learning IP Information Internet Address Class Default Subnet Mask Setting an Internet Subnet Mask Configuring the Internet Address and Subnet Mask Internet Address and Subnet Mask Display Example Displaying the Internet Address and Subnet MaskLocal Show Internet Displaying DNS Characteristics Configuring Domain Name System DNS CharacteristicsLocal Show Internet Name Resolution Internet DNS Character Display Example DNS Field Description Displaying the DNS Counters Local Show Internet Name Resolution CountersDNS Counter Display Example Configuring and Using Default Name Resolution Domain Example Configuring the Default Name Resolution Domain Local Connect SALES.REVENUE Using Trailing Dots Name Resolution Modes Changing the Name Resolution ModeChanging the Time Limit Changing the Retry Limit Configuring a List of Internet Name Servers Configuring a List of Commonly Used Internet HostsIf Using a Name Server Configuring a Root Name Server Name Resolution and Gateways Configuring a Name Server for a Different Domain Pass Description Assigning DNS Server Addresses Automatically Configuring a Default Gateway Configuring a List of Internet Gateway AddressesDefault Gateway Definition Example Displaying a List of Gateway Addresses Defining Subnets Available Through a Specific Gateway Defining Networks Available Through a Specific GatewayDefining Hosts Available Through a Specific Gateway Subnet Definition Through a Specific Gateway Example Displaying the List of Internet ARP Entries Configuring a List of Internet ARP EntriesDefining an ARP Entry Sample List of Internet ARP Entries What the Timer Does Setting the TCP Keepalive TimerSetting the Timer Disabling the Timer Timer Characteristics Display Displaying Timer CharacteristicsRetry Set Example Local Change Internet TCP Keepalive Retry Displaying the Internet Counters Using the Show CommandInternet Counters Display Example Local Show Internet Counters Bytes Data Retransmitted Total number Internet Counter Display Fields Field Description 24 TCP/IP Network Characteristics Bootp Server Configuration Learning IP Information From a Bootp ServerLearning Operation Local Define Internet Enabled Setting Up IP Configuration LearningLocal List Internet Local Define Internet Address None Using a Bootp Server Using a Dhcp Server Bootp and Dhcp DifferencesLearning IP Information From a Dhcp Server Dhcp Client Operation IP Address Assignment Dhcp Proxy Operation Configuring Default Values Displaying the Dhcp SettingTo Do This Use This Command Enabling and Disabling Dhcp Assigning Wins Server Addresses What Is Wins Autoconfigure?What Does Wins Do? Operation Assigning Wins Addresses Displaying Wins CharacteristicsWins Address Example Wins Display Example Field Description Page Chapter Managing AppleTalk Overview Local Define Appletalk Enabled Configuring AppleTalk on an Access ServerAppleTalk Address Format Enabling AppleTalk Local Define Appletalk Disabled Setting AppleTalk Address Cache SizeDisabling AppleTalk Local Define Appletalk address Cache size n Configuring AppleTalk on an Access Server Commands Displaying AppleTalk CharacteristicsDisplaying AppleTalk Characteristics Example Fields in the AppleTalk Characteristics Display Displaying AppleTalk Counters CommandDisplaying AppleTalk Counters Example Fields in the AppleTalk Counters Display DDP Rtmp NBPZIP Aarp Values Displaying AppleTalk Status Example Displaying AppleTalk StatusFields in the AppleTalk Status Display Field Value Description AppleTalk is fully operational Displaying AppleTalk Routes Example Displaying AppleTalk RoutesFields in the AppleTalk Routes Display Local Show Appletalk Routes Field Value Description Displaying AppleTalk ARP Entries Example Displaying AppleTalk ARP EntriesFields in the AppleTalk ARP Display Local Show Appletalk ARP Entries Field Value Description Page Chapter Configuring Basic Device Characteristics Basic Device Characteristic Summary Configuring Basic Device CharacteristicsCharacteristic Default Allowed Refer to Values Section Logout Longbreak Output Flow LongbreakParity Speed Displaying Port Characteristics Example Displaying Basic Device CharacteristicsLocal Show Port Defining the Access Characteristic Example Configuring the Access CharacteristicCharacteristic Device Type Examples Local Define Port 5 Access Remote Autobaud Settings Matching the Port and Device CharacteristicsSetting For These Devices Character Size Parity Setting Check Performed Per Character Example Setting the Stop Bits for a Device Example Changing the Parity SettingsExample Changing the Port Speed Device Type Applies to Device TypesExample Changing the device Type Local Change Port 5 Type Hardcopy When to Use Configuring the Flow Control CharacteristicFlow Control Types ∙ XON/XOFF ∙ DSR ∙ CTS Example Enabling DSR Flow Control Example Enabling XON/XOFF Flow ControlExample Enabling CTS Flow Control Example Disabling Flow Control Flow Control DirectionExample Enabling Input Flow Control Example Enabling output Flow Control Specifying Dsrlogout Specifying the Automatic Logout CharacteristicsSpecifying Longbreak Logout Example Enabling Dsrlogout Example Changing the Inactivity Timeout Period Specifying the Inactivity TimerSpecifying Inactivity Logout Example Enabling Inactivity Logout Chapter Configuring Modem Signals Port Configuration DTE/DCE Device Configuration Access Servers and Modem Control Determining the Supported Modem SignalsAccess Server Types and Supported Modem Signals Network Access Server Modem Signals Supported Type Set Types of Modem Signal Modem Signals DescriptionModem Signal Description Dsrs Logging Out the Port with Dsrlogout or Longbreak Logout Specifying Modem Control and Signal ControlComputer Interface Local Define Port 5 Modem Control Enabled Local Logout Port Example Enabling Signal ControlExample Enabling Modem Control Determining When to Use a Signal Set Specifying Signal SelectExample Enabling Signal Select Example Enabling Signal Check Specifying Signal CheckLocal Change Port 7 Signal Check Enabled Specifying Dtrwait Local Change Port 3 Dtrwait EnabledEnabling Dtrwait Example Specifying Ring Specifying Alternate Speed Specifying Dialup Configuring a Dial-In Modem on a Full Modem Control Server Sample Modem ConfigurationsConfiguring a Dial-In Modem on a Modem Control Server Modem Control Configuring a Dial-Out Modem on a Full Modem Control Server Configuring a Dial-Out Modem on a Modem Control Server Establishing a Connection Modem Control Sequences Response to Momentary Loss of CTS Disconnecting Port Characteristic Effects on the DTR and DSR Signals Configuring DTR and DSR SignalsEnabled Characteristic DTR and DSR Actions Signal Control Dtrwait Signal CHECK, Dtrwait Dsrlogout Signal ControlCheck For More Information Chapter ∙ Managing Users ∙ Managing Sessions Configuring an Interactive Device for LAT Sessions Configuring an Interactive Device for LAT Sessions Configuring LAT Group Codes for Interactive Devices Sample Network Configuration Specifying Autoconnect Local Change Port 5 Autoconnect EnabledExample Enabling Autoconnect Local Change Port 5 Autoprompt Disabled Specifying the Default ProtocolSpecifying Autoprompt Example Disabling Autoprompt Specifying Failover Configuring Port QueuingExample Disabling Port Failover Example Enabling Queuing on a Port Option Displays Entries For Displaying Access Server Queue Entries Show Queue ALL Display Example Removing Entries from the Access Server QueueEffect on the Queue Example Remove Queue Local Change Port 5 Remote Modification Enabled Configuring Port Characteristics Configuring a Device on Port 6 for Internet Hosts Example Configuring an Interactive Device for Telnet Sessions Reference How to Configure Configuring a Session Management TD/SMP TerminalLocal Change Port 2 Multisessions Enabled Benefits and Restrictions Summary Command Descriptions Local Mode Command Restrictions During Session Management Logging In with Multisessions On-Demand Loading Configuration Example Configuring On-Demand Loading for Asian TerminalsDisable Switch Character Local Change Port 5 ON-DEMAND Loading Enabled Buffer Size Configuring for Block-Mode Terminals Specifying the Telnet Client Session Profile Profile CharacteristicsProfiles Types Profiles Session Character Binary Characteristics Characters Terminal Type Switch Specifying Echo Characteristics Modifying Telnet Session CharacteristicsSpecifying the Binary Characteristic Example Specifying Echo Characteristics Mapping Keyboard Characters to Telnet Functions Specifying Character Size Telnet Keymapping Functions Function Description DefaultLocal Change Port 5 Telnet Client AO None Specifying Autosynch Specifying AutoflushSpecifying Telnet Client Newline Example Disabling Autoflush Specifying Flow Control Local Change Port 5 Telnet Client Flow Control DisabledExample Specifying Telnet Client Newline Examples Enabling Flow Control Example Configuring Message Verification Specifying the Switch CharacterSpecifying Message Verification Specifying a Preferred Terminal Type Example Configuring Switch CharacterExample Specifying Terminal Type Local Change Port Telenet Client Terminal VT321 Minimal Setup for Local User Accounts Managing Access Server User AccountsOptional Setup for Local User Accounts SHOW/LIST/MONITOR Useraccount Display Authorization Profile Information Service Permissions Access Service Types and Access LevelsService Type Description Service Type User Access Command Description Variables Comments Clause User Account Command Parameters Variable Definition Access Command Variables Specifying Preferred Service for LAT or Telnet Resources Providing a Contact Name and Access Server LocationManaging Users Examples Configuring Port Username Example Enabling a Preferred Telnet ServiceSpecifying the Port Username For the Telnet Protocol Example Defining Keys as Switches Specifying Keys to Switch Between SessionsLocal Change Port 5 Forward Switch F Backward Switch B Defining the Break Key Specifying a Key to Switch to Local Mode Example Disabling a Local Switch Example Configuring a Key as a SwitchSpecifying Broadcast Example Disabling Broadcast Messages Example Broadcast ALL Specifying Loss NotificationExample Disabling Loss Notification Specifying Verification Specifying Message CodesSpecifying Lock Example Disabling Verification Displaying Information About the Users Example Configuring LockExample Show Users Display Local Show Users SHOW/LIST/MONITOR Users Display Headings Specifying User GroupsHeading Description Local SET Port Groups Example Assigning User Groups Example Initiating a Session to a LAT Service Initiating a Session to a LAT ServiceManaging Sessions Initiating a Session to an Internet Host Example Initiating a Session with an Internet Host Sending Telnet Functions to a Remote Telnet ServerLocal Open Sales Local Telnet Sales Local Send Telnet AO Example Changing the Server Session Limit Controlling the Number of SessionsLocal Change Server Session Limit Local Change Port 5 Session Limit Example Show Sessions Display Displaying Session InformationLocal Show Sessions Port 1,2 SHOW/MONITOR Sessions Display Fields Local Show Port 4 Sessions 1 Characteristics Displaying Session CharacteristicsDisplaying Session Status Local Show Port 14 Session 1 Status SHOW/MONITOR Port Sessions Status Display Fields Flow Control commands to enable Terminating Sessions Page Prerequisites Chapter Configuring and Managing LAT Services Configuration Parameters Configuring a Port to Offer a LAT Service Assigning a Service Name Configuring Access to a LAT ServiceEnabling Announcements Assigning a Port Name Assigning an Identification StringExample Clearing the Identification String Port Naming Guidelines Password Limit Specifying the Service PasswordExample Assigning a Service Password Example Clearing the Service Password Example Configuring a PC As a Terminal and LAT Service Configuration of Specific Types of Devices As LAT Services Example Configuring a Computer As a LAT Service on Port Configuring a Computer As a LAT ServiceLocal Define Port 2 Dedicated None Dialup Enabled Dsrlogout Example Configuring a Dial-In and Dial-Out Modem Configuring a Modem As a LAT Service Setting Up a LAT Remote Print Queue on an OpenVMS Host Configuring a Printer As a LAT ServiceExample Configuring a Printer As a LAT Service on Port Privileges for Running Latcp Configuring a Logical Device to Connect a Specific Port Creating a Logical Device to Access a Printer ServiceUsing a Remote Printer Command File LTLOAD.COM Setting Up a LAT Remote Print Queue on an Ultrix System Configuration of Specific Types of Devices As LAT Services Configuring a Printer with Unannounced Availability Configuring a Printer with Unannounced Availability More Examples Problem Solving Verifying the LAT ServiceExample Verifying the LAT Service Local Connect LAT Adevice Destination PORT5 Displaying Services Characteristics Displaying Information About a Service SHOW/LIST/MONITOR Service Characteristics Display Fields Example Show Service Characteristics DisplayLocal Show Service Printer Characteristics Displaying Services Status SHOW/LIST/MONITOR Service Status Display Headings Example Show Service Status DisplayLocal Show Service Develop Status Displaying Services Summary SHOW/LIST/MONITOR Service Summary Display Headings Example Show Service Summary DisplayLocal Show Services ALL Summary Page Chapter Configuring and Managing Telnet Servers Configuring a Printer for Access Through a Telnet Listener Sample Device ConfigurationsLocal Define Port 4 Access Remote Autobaud Disabled Break Local Define Port 4 Dedicated None Dsrlogout Disabled Flow Configuring a Modem for Access Through a Telnet Listener Configuring a Computer for Access Through a Telnet ListenerSample Device Configurations Example Configuring a Dial-Out Modem 890-1234 Local Change Telnet Configuring Personal Computer Access to a Printer Sample ConfigurationSwitching Modes Local Change Port 5 Interrupts Enabled Break Local Setting User Priority for Devices Using Dynamic Access Partner Guidelines Configuring a File Transfer Partner Configuring a TCP/IP Remote Print Queue on an Ultrix System Configuring a Remote Print QueuePrinter Port Telnet Server Characteristics Characteristic Setting # lprsetup Configuring a TCP/IP Remote Print Queue on a Unix System Configuring a Telnet Listener Mapping Event Indications to Keyboard Characters Configuring Telnet Server Session CharacteristicsEvent Indications Event Indication Description Local Change Port 5 Telnet Server Character Specifying Newline Characteristics Local Change Port 5 Telnet Server Transmit Character Size Example Setting Character Size in a Specific Direction Displaying Telnet Server Characteristics Managing Your Access Server As a Telnet Listener NodeExample Show Port Telnet Server Characteristics Display Displaying Telnet Listeners Removing One of Many Devices Assigned to a Telnet Listener Removing a Telnet ListenerExample Removing a Telnet Listener Reassigning a Port Example TCP Messages to Poll Client User Location Data Supplying User Location Data to Telnet Servers When To Use Raw TCP Configuring a Raw TCP ListenerConfiguring Raw TCP Example Configuring Raw TCP Example Raw TCP Display Displaying Raw TCP Characteristics Chapter Configuring LPD Printers Supported File Types LPD OperationControl and Data Files This File Contains LPD Operation Operation Configuring Remote Hosts Configuring LPDAssociating a Printer With a Port If Printing From Then This Host Characteristic Description Setting Port Characteristics Displaying Printer Characteristics Printer Configuration ExamplePrinter Display Example Local Show Printer ALL Speedy Local Show Printer Speedy Status Chapter Configuring and Managing Slip Ports Configuring and Managing Slip Ports Packet Forwarding to and from Slip Hosts Network Configuration Containing Slip Hosts Displaying Slip Characteristics Example Displaying Slip CharacteristicsLocal Show Port 5 Slip Characteristics Assigning a Host Internet Address Managing Internet Addresses for Slip HostsRadius Specified Slip Host Address Local Change Port Slip Host Address How a Port Automatically Obtains the Slip Host Address Changing the MTU Managing the Maximum Transmission UnitRelationship of the TCP Maximum Segment Size and the MTU Fragmentation Define Port Default Protocol Slip Dsrlogout Enabled Example Configuring a PC As a Terminal and Slip Host Configuring a Device As a Dedicated Slip Host Configuring a Dedicated Slip Port Configuring a Dial-In Modem for Use with a Slip Host Prerequisites Establishing Terminal Sessions with a PC Enabling a Slip Session from the PC Establishing a Slip SessionAfter Making a Connection Enabling Cslip Compressed SlipDisabling Cslip Automatic Cslip Show Port Slip Counters Display Displaying Slip CountersSlip Counters Display Fields Local Show Port 5 Slip Counters Local Change Port 2 Slip Disabled Disable Slip ExampleDisabling Slip Page Chapter Configuring for Snmp Access Supported Specifications Supported Snmp FeaturesSnmp Community Names Supported Snmp Operations Supported MIB Variables Supported MIBsMIB Description Supported Management Information Base Variables Default Community Name Public Configuring the Access Server for Snmp AccessEnabling and Disabling Snmp Displaying Information About Snmp Configuring a Community Name with an Address Configuring a Community Name for Access by Any NMSExample Configuring Community Names for Access by Any NMS One IP Address for a Community Name Example Configuring Snmp Trap Messages Configuring Community Names to Send Trap MessagesThis Event Occurs When Local Clear Snmp Community Server Trap Disabled Sample Snmp ConfigurationDisabling Trap Messages for a Community Name Removing Community Names Example Removing the Community Name Internet Address Removing an Address from a Community NameLocal Clear Snmp Community Bugs Local Change Snmp Community Server Address ANY Configuring the NMS Chapter Managing the Access Server Distributing Devices on Access Servers Managing Your Access Server As Part of the LAT NetworkControlling the Number of Known Service Nodes Checking LAT Service Accessibility Viewing LAT Node Status Information Reducing Memory UsageExample Show Node Status Display Local Show Node Peach Status SHOW/LIST/MONITOR Node Status Display Fields Viewing LAT Node Counters Information TSHOW/LIST/MONITOR Node Counters Display Fields Example SHOW/LIST/MONITOR Node Counters DisplayLocal Show Node Peach Counters Field Description Ports with Limited View Viewing LAT Node Summary Information Node Summary Display Fields Example Node Summary DisplayLocal Show Node ALL Summary Displaying Access Server Counters Displaying Information About the Access ServerSpecifying the Prompt Local Change Server Prompt Engineering SHOW/LIST/MONITOR Server Counters Display Fields Example Show Server Counters DisplayEthernet Data Link Counters Local Show Server Counters Field Description Field Description Field Description LAT protocol Counters Example Show Server Status Display Displaying Access Server StatusLocal Show Server Status MOP Field Description Memory used for storing service and node Field Description Field Description Displaying Access Server Summary Information SHOW/LIST/MONITOR Server Summary Display Fields Example Show Server Summary DisplayLocal Show Server Summary Checking Port Status and Counters Displaying Port Characteristics Local Show Port 1 Characteristics Example Show Port Characteristics DisplayDisplaying Port Counters SHOW/MONITOR Port Counters Display Fields Example Show Port Counters DisplayLocal Show Port 1 Counters Example Show Port Status Display Displaying Port StatusSHOW/MONITOR Port Status Display Fields Local Show Port 1 Status Field Description Example Show Port Summary Display Displaying Port SummaryLocal Show Ports ALL Summary SHOW/LIST/MONITOR Port Summary Display Fields Configuring and Managing 3270 Terminal Emulation TN3270 Definition Supported Ascii Terminals Keyboards Definition and Description of a Keyboard MapServer-Specific Keyboard Maps Setting Up an Ascii Terminal Configuring Basic 3270 Terminal Emulation Terminal Model Setup Parameters Terminal Setup ParametersIndicating the 3270 Model Number Specifying the Type of Ascii Terminal Used for Emulation Status Line Indicator Connecting to an IBM HostIBM Host Communications Entering and Editing Data Message Description Status Line Messages Status Line Indicator Display Displaying and Customizing Keyboard Maps Default Server-Wide Terminal Types and Keyboard MapsServer-Wide Keyboard Maps Customization Local Show TN3270 Terminal Predefined Terminal Type Default Keyboard Map Default Server-Wide Terminal Type and Keyboard MapsDefining New Server-Wide Terminal Types and Keyboard Maps Local Show TN3270 Keymap VT220 Rules for Customizing Keyboard Maps Customizing Server-Wide Keyboard MapsLocal Change TN3270 Terminal PC100DCA Keymap Newkeys Local Change TN3270 Keymap Newkeys Clear CTRL/W Local Show TN3270 Terminal Keyboard Map and Terminal Type Selecting and Customizing Keyboard Maps for a PortPredefined Terminal Device Associated Keyboard Map VT100, Ansi Local Change Port 2 TN3270 Terminal VT420 Customizing a Default Keyboard Map for a PortLocal Change Port TN3270 Keymap Newline Ctrl/J Following example shows a partial display of a keymap Example Show Port TN3270 Keymap Command ASCII-to-EBCDIC and EBCDIC-to-ASCII Translation Tables Command Enables You to Display and ModifySHOW/SET TN3270 Atoe SHOW/SET TN3270 Etoa Command Frees Nvram Space Used By TN3270 Commands That Free Nvram SpaceGuidelines for Managing the Use of Nvram for TN3270 Storage Requirements for TN3270 Definitions in Nvram Local Define Port TN3270 Nvram Limit Limiting Nvram Usage TN3270 Access Server Characteristics Commands to Manage TN3270 Terminal EmulationCommand Description Default Description Default TN3270 Port Characteristics Displays Show CommandsPage Configuring and Managing Point-to-Point Protocol PPP Ports Enabling PPP for Mixed Traffic Enabling PPP on an Access Server PortExample Enabling PPP for Mixed Traffic Enabling Ports with Modems for PPP Enabling Dedicated PPP Traffic Establishing and Ending a PPP Session Using the Connect PPP CommandLocal Connect PPP Displaying LCP Characteristics Displaying PPP CharacteristicsExample Displaying LCP Characteristics Local Show Port 5 PPP LCP Characteristics Field Description Values Default Fields in the LCP Characteristics Display Displaying Ipcp Characteristics Ipcp Characteristics Display Fields Example Ipcp Characteristics DisplayIpcp Field Description Values Default Example Atcp Characteristics Display Atcp CharacteristicsAtcp Characteristics Display Field Values Local Show Port 5 PPP Atcp Characteristics Field Description Values Default Displaying LCP Status Displaying PPP StatusExample LCP Status Display Local Show Port 5 PPP LCP Status Fields in the LCP Status Display Example Ipcp Status Display Displaying Ipcp Status Fields in the Ipcp Status Display Example Atcp Status Display Displaying Atcp StatusLocal Show Port 5 PPP Atcp Status Fields in the Atcp Status Display Displaying PPP Counters Example Commands to Display LCP CountersDisplaying LCP Counters Local Show Port 5 LCP Counters Fields in the LCP Counters Display Displaying Ipcp Counters Fields in the Ipcp Counters Display Example Command to Display the Ipcp CountersLocal Show Port 5 Ipcp Counters Displaying Atcp Counters Fields in the Atcp Counters Display Example Command to Display the Atcp CountersLocal Show Port 5 Atcp Counters Field Description Chapter Managing IPX IPX Description Access Server Configuration Login Procedures Getting Started Checklist Software Requirements Hardware and Software RequirementsHardware Requirements References PC Remote Access Software Setting Up Your PCNovell Workstation Software Novell Utilities for Local Execution Configuring the Port for an Attached Device Setting Up the Network Access ServerLocal Change IPX Internal ipx-net Local Change IPX Enabled Enabling IPX Configuring the Port for Login to the Local Prompt Configuring the Port for the Login MethodActivating PPP Configuring the Port for PPP/IPXCP Data Link Configuring the Port Dedicated to PPPEnabling PPP/PAP Password Authentication Passwords Disabling PPP/PAP Password AuthenticationLocal Change Port n LCP Authentication Disable Port PPP IPX Commands for LCP Summary of DECserver IPX Management CommandsPort n LCP SHOW/MONITOR Port n Description Port PPP Commands for PPP Negotiation Status Port PPP IPX Commands for IpxcpPort n Ipxcp Display the values of the Ipxcp counters Characteristics Server IPX CommandsDisplay the values of the PPP counters Learn SNAP802 Dial-In Modems Modem ConsiderationsDial-Out PC Modems Recommended Serial Port Baud Rate Novell Operation Novell Client/Server Operation Novell Client/Server Operation Operational Checkout and Diagnosis Verifying Configuration Local Define IPX Disabled Using the Define CommandDisabling IPX Standard Ethernet Frame TypesRAW802 SAP802 IPX Characteristics Display Displaying IPX CharacteristicsIPX Characteristics Display Fields Local Show IPX Characteristics Field Description Displaying IPX Status Using the Show IPX CommandIPX Status Display Fields in the IPX Status Display Displaying IPX Counters Use the Show IPX Counters commandIPX Counters Display IPX Counters Display Fields Field Description Field Description Displaying IPX Routes Using the Show IPX Routes CommandIPX Routes Display IPX Routes Display Fields Using the Zero Command Resetting CountersZero Command Options Option DescriptionPage Chapter Managing Dial Services Command Groups Dial Services Command GroupsEntering the SET Privileged command Server Configuration Display Checking the Current Server Settings Defining a Dialer Script String Type Default Value UsageDefining Dialer Script Strings Dialer String Descriptions Example Set Dialer Script Name Steps Assigning the Dialer Script to a PortDetermining the Current Dialer Script Dialer Script Generic14400 Preferred Service Callhome Example The Show Port Command DisplayAssigning a Dialer Script to a Port Example Defining the Dialer Script Example Show New Port Configuration Verifying Dialer Script ConfigurationLocal Change Port 2 Dialer Script dickens Local Show Port Dialer Script Dickens Showing the Current Dialer Service Characteristics Defining the Dialer Service Example Show Dialer, Port Security Enabled Showing Dialer Service StatusLocal Show Dialer Attradeshow Characteristics Example Show Dialer Status Status Meaning Show Dialer Status Display FieldsLocal Show Dialer Attradeshow Status Displaying Dialer Counters Modifying the Dialer ServiceExample Show Dialer Counters Attradeshow Characteristic Description Comments Dialer Service CharacteristicsUser Account Characteristics Characteristic DescriptionComments Username Mode Command VariablesMode Configuring for Interactive Dial-Back Configuring Interactive Dial RequestsInteractive Dial-Back Dial Service Example Security Profile Information Configuring Dynamic Access Changing PPP Characteristics ExamplesConfiguring Call-Back Framed Dial Requests Framed Dial Requests Page ∙ Radius Chapter Managing Access Server Security Security Type Descriptions Radius AuthorizationKerberos Realm Definition User Accounts SecurIDStage Description Common Terminology Across Security Realms UDP Ports Security ServerRadius Accounting Managing Kerberos Configuration PrerequisitesKerberos Host Requirements Network Access Server Requirements Configuration of User AuthenticationConfiguring Kerberos Settings Case Sensitivity Example Definition of Kerberos Settings Port Configuration Displaying Kerberos SettingsExample Sample Show Port Command Local show kerb characteristics Example Authentication with a Complete User Name User Authentication ProcedureUsername smith.su@finance.acme.com Password not echoed User Authentication Counters Changing a User Name and PasswordExample Sample Kerberos User Authentication Session Alternative Password Command Setting the User Authentication Counters to Zero Port User Authentication CountersLocal Show Port 1 Authentication Counters Local Zero Server Authentication Counters Managing Radius Minimal Setup for RadiusVariables Local Change Radius Timeout seconds Optional Setup for RadiusExample Including the Realm Name Local Change Radius Interval seconds Example Defining Realm Default Authorization Attributes Radius User AuthorizationsExample Defining Password Authentication Type Number Setting User Permissions User Access to the Access ServerValue Description General Session Attributes Additional Radius AttributesGeneral Session Definition Attributes Framed Session Attributes Definition Framed Session Attributes Interactive session Definition Attributes Interactive Session Attributes Radius Overhead Definition Attributes Radius General Non-Session AttributesDigital Vendor-Specific Attributes Digital Vendor-Specific Attributes Radius Accounting Definition Attributes Radius Accounting Attributes Radius Optional Radius User Attributes Managing SecurID Using the Secret KeywordSecurID Prompts SecurID Ports Optional Setup for SecurID Minimal Setup for SecurIDLocal Change Securid Timeout seconds SecurID Realms SecurID User Authorizations Noprivileged level of Decserver Example Setting the Server Realm Managing Local Access Server SecurityDefining the Realm Local SET Server Realm JONAS.COM Displaying RADIUS, SECURID, and Kerberos Characteristics Determining Security ConfigurationExample Showing Radius Characteristics Example Showing the Server Realm Example Showing SecurID Displaying Security Summary Example Displaying Kerberos CharacteristicsExample Showing the Security Summary Showing the User Port Authorization Profile Showing the Authentication CountersExample Showing the User Port Authorization Profile Showing Security Counters Activating Autolink Example Configuring the Port Specifying an Authentication Method Enabling Autolink AuthenticationExample Enabling Autolink Authentication Authentication Example Setting Autolink Timers Setting Autolink TimersChap Username Using a Login Script Timeouts Specifying Dedicated Service for LAT or Telnet Resources Specifying Other Security FeaturesKerberos Requirement LAT Protocol Requirement Local Change Port 5 Signal Control Enabled Specifying PasswordsTelnet Requirement Local Change Port 5 Dedicated SALE.MKT.DEC.COM Login Password Definition Example Specifying Password LimitLocal Change Server Login Password Total Local Change Port 5,6,7 Password Enabled Example Changing the Server Password Attempt Limit Page Accounting Accounting Log File Accounting Description What Events Are Logged? Contents of Log Entry Types Event Field Descriptions Above Ping Autolink Local Access For nondedicated/preferred case, whatever you Session Disconnect Event The number of bytes of successfully When Events Are Logged User Privilege Level Modified Events Password Modified EventsSnmp Community Modified Events Defining the Accounting Log Size Managing AccountingExample Defining the Accounting Log Size Changing the Accounting Console Changing the Accounting ThresholdExample Changing the Accounting Threshold Example Changing the Accounting Console Example Displaying Accounting Characteristics Displaying Accounting CharacteristicsLocal Show Accounting Characteristics Example Displaying the Accounting Log Displaying the Accounting LogLocal Show Accounting LOG LAT Remote View of the Accounting Log Using the Accounting Console Logging Feature 57600 Example Telnet Remote View of the Accounting Log# Telnet x.x.x.x # Telnet x.x.x.x 2001 ACCT.LOG Cable and Adapter Hardware Appendix a Cable and Adapter RecommendationsCable and Adapter Table Cable and Adapter Recommendations Glossary Authentication trap AuthenticationBootptab file American Standard Code for Information Interchange Circuit timer BOOTP/TFTP ServerCommand line recall and edit Broadcast Cyclic Redundancy Check Dedicated serviceDatagram Data Set Ready Domain names DequeueDomain Name System Downline loading Failover Event loggingFlow control Gateway Internet Bootstrap Protocol Installation Verification ProcedureImage Initialization Internet Protocol Keepalive timerIP datagram Kerberos LAT architecture LAT serviceLAT Control Program LAT network Maintenance Operation Protocol Local serviceMulticast timer Local name server Network access server Name resolutionName server Network Control Program Preferred service Nonvolatile Random Access MemoryODL Font Protocol On-Demand Loading Font Protocol Print spooler Random Access MemoryPrivileged status Qualifier Service circuit-ID ServiceService node Remote print queue Service session Service ratingSession Session management Subnet identifier Switch charactersSubnet mask Synchronous Terminal Server Manager Terminal Device/Session Management ProtocolTerminal session Time To Live Virtual circuit User Datagram ProtocolWide Area Network XON/XOFF characters Index Symbols Internet Host 7-13 Telnet Listener Broadcast Telnet Listener DSV$CONFIGURE 4-4,4-6Cslip Delete Index-4 IBM Index-6 Appletalk Characteristics 8-5 DSV$CONFIGURE Index-8 Index-9 BOOTP/TFTP Internet TCP Keepalive Retry Session Port Session Status 11-27 Queue ALL Internet TCP Keepalive Timer 7-19 PortAppletalk Status 8-5 Queue AppleTalk ARP display 8-14 AppleTalk routes display Index-14