Ldap Virtual Schema, Available Attributes | RSA Security 6.1

199.198.197.196

196.197.198.199

If the [LDAPAddresses] section is omitted or empty, RSA RADIUS Server listens for LCI requests on all bound IP interfaces.

3Specify the same port number using the -poption on the LDAP command line. For example:

ldapsearch -V 2 -p 354 -D "cn=admin,o=radius" -w radius -s sub -T -b "radiusclass=Client,o=radius" radiusname=*

LDAP Virtual Schema

The LDAP server uses the virtual schema (illustrated in Figures 26–29) to format configuration data so that this data can be understood by the

RSA RADIUS Server database.

NOTE: radiusstatus items can be read, but they cannot be modified.

radiusclass= securid-user

1...n

radiusname=

MYPROFILE

Available Attributes:

Login-Limit <number> Profile <string>

Available Child Objects: radiuslist=reply radiuslist=check


radiusclass=			radiusclass=
profile			client
	1...n			1...n
radiusname=			radiusname=
MYPROFILE			MYRASCLIENT

		Available Attributes:
		Shared-Secret <string>
		Acct-Shared-Secret <string>
		IP-Address nnn.nnn.nnn.nnn
		Product <string>
		Inactivity-Timeout <seconds>

radiusclass=

server

Available Attributes: Server-Password <string> Server-Password-Enabled 01 Default-Reject-Msg <string> Unknown-User-Msg <string> Lists-Mismatch-Msg <string> Invalid-Lists-Msg <string> Auth-Methods <meth1>; <meth2>; ...

Log-Max-Days <number>

radiusclass=

rsa_cached_passwords

(read-only)

Available Attribute: cached-password

Available Reply		Available Check
Attributes:		Attributes:
All reply list attributes		All check list attributes
from dictionaries		from dictionaries

Figure 26 LDAP Schema (Slide 1 of 4)

RSA RADIUS Server 6.1 Administrator’s Guide Using the LDAP Configuration Interface

85

Image 97

RSA Security 6.1 manual Ldap Virtual Schema, Available Attributes

Contents

RSA Radius Server 6.1 Administrator’s Guide Contact Information Trademarks Distribution Contents Chapter Installing the RSA Radius Server Chapter Administering Profiles Glossary Index Audience About This GuideWhat’s In This Manual Syntax Conventions RSA Radius Server Documentation Related DocumentationVendor Information Requests for Comments RFCs Third-Party Products Getting Support and ServiceBefore You Call for Customer Support About RSA Radius Server RSA Radius Server Features About RSA Radius Server September RSA Radius Server Overview RSA Radius Authentication Radius Packets Radius Server Configuration Radius ConfigurationRadius Client Configuration Radius Shared Secrets Replication Secret Radius SecretNode Secret Radius Ports Authentication Accounting Comma-Delimited Log Files Accounting Sequence Tunneled Accounting Dictionaries AttributesVendor-Specific Attributes Make/Model Field Attribute Lists Checklist AttributesUpdating Attribute Information Return List Attributes Attribute ValuesMulti-Valued Attributes Orderable Attributes Default ValuesSystem Assigned Values Echo Property Centralized Configuration Management Designating a New Primary Radius Server Replacing a Replica Radius Server Changing the Name or IP Address of a Server Recovering a Replica After a Failed Download Before You Begin Installing the RSA Radius ServerRequired Files Data Migration/Registration System Requirements Installing on Windows If you are installing a Replica RSA Radius Server, click Installing the RSA Radius Server Uninstalling the RSA Radius Server Software Installer Syntax Installing on Solaris Path Reppkg Installing the RSA Radius Server Software Enter RSA administration port Stopping and Starting the Radius Daemon Migration Log File Linux Server System Requirements Installing on Linux Should be overwritten Installing the RSA Radius Server Software Enter RSA administration port Etc/init.d/sbrd stop # ./uninstallrsa.sh Running RSA Radius Administrator Using RSA Radius Administrator RSA Radius Administrator Menus Navigating in RSA Radius AdministratorFile Menu Panel Menu See , Administering Radius Clients on Web Menu RSA Radius Administrator ToolbarHelp Menu Adding an Entry RSA Radius Administrator Windows Sample Add Window Editing an Entry Sample Edit Window Cutting/Copying/Pasting Records Resizing Columns Using Context MenusChanging Column Sequence Sorting Information Displaying Version Information Accessing Online HelpAdding a License Key Add a License for Server Window Exiting the RSA Radius Administrator Radius Clients Panel Administering Radius Clients Add Radius Client Window Adding a Radius Client Secret to display the characters in the shared secret Deleting a Radius Client Verifying a Shared SecretPage Administering Radius Clients September Adding a Checklist or Return List Attribute for a Profile Administering ProfilesAbout Profiles Resolving Profile and User Attributes Default Profile Adding a Profile Setting Up Profiles Click Add to add this attribute/value pair to the list Removing a Profile Administering Profiles September Displaying Statistics Displaying Server Authentication Statistics Statistics Panel System Authentication Statistics Radius client is sending incorrectly formed packets to Statistics Panel System Accounting Statistics Displaying Server Accounting Statistics Accounting Statistic Meaning Displaying Radius Client Statistics Resetting Server Statistics Optionally, sort the messages by clicking a column header Displaying Statistics September Administering Radius Servers Adding a Radius Server Manually Replication Panel Add Server Window Deleting a Radius Server Enabling a Radius Server Notifying Replica Radius Servers Publishing Server Configuration Information Designating a New Primary Radius Server Recovering a Replica After a Failed Download Changing the Name or IP Address of a Server Regenerating a Node Secret Resetting the Radius Database Administering Radius Servers September Logging Using the Radius System LogLogging Files Controlling Log File Size Level of Logging Detail Accounting Log File Format Using the Accounting Log Comma Placeholders First Line Headings Acct-Status-Type Standard Radius Accounting Attributes Acct-Input-Packets P e n d i x a Ldap Configuration Interface File Ldap Utilities About the Ldap Configuration Interface Downloading the Ldap Utilities Ldap Requests Ldap Version Compliance Configuring the Ldap TCP Port Available Attributes Ldap Virtual Schema Ldap Schema Slide 2 Ldap Schema Slide 3 Cn=username,o=radius -w passcode cachedPW Unspecified or 0.0.0.0 RAS IP address When you display Searching for Records Ldap Command Examples Ldapmodify Option Meaning Modifying Records Where Adding Records Deleting Records Counter Statistics Statistics VariablesStattype server Stattype accounting Stattype authentication Rate Statistics Using the Ldap Configuration Interface September AAA Glossary DNS Tokencode Radius Servers TLS 104 Glossary September Index Tokencode