Ldap virtual schema, Option on the ldap command line. for example – RSA Security 6.1 User Manual
Page 97
RSA RADIUS Server 6.1 Administrator’s Guide
Using the LDAP Configuration Interface
85
199.198.197.196
196.197.198.199
If the [LDAPAddresses] section is omitted or empty, RSA RADIUS Server
listens for LCI requests on all bound IP interfaces.
3
Specify the same port number using the
-p
option on the LDAP command
line. For example:
ldapsearch -V 2 -p 354 -D "cn=admin,o=radius" -w radius
-s sub -T -b "radiusclass=Client,o=radius" radiusname=*
LDAP Virtual Schema
The LDAP server uses the virtual schema (illustrated in
) to format
configuration data so that this data can be understood by the
RSA RADIUS Server database.
NOTE: radiusstatus items can be read, but they cannot be modified.
Figure 26
LDAP Schema (Slide 1 of 4)
1...n
1...n
Available Attributes:
Login-Limit <number>
Profile <string>
Available Child Objects:
radiuslist=reply
radiuslist=check
radiusclass=
profile
radiusname=
MYPROFILE
1...n
radiusclass=
securid-user
radiusname=
MYPROFILE
radiusclass=
server
Available Attributes:
Server-Password <string>
Server-Password-Enabled 0|1
Default-Reject-Msg <string>
Unknown-User-Msg <string>
Lists-Mismatch-Msg <string>
Invalid-Lists-Msg <string>
Auth-Methods <meth1>; <meth2>; ...
Log-Max-Days <number>
radiusclass=
rsa_cached_passwords
(read-only)
Available Attribute:
cached-password
Available Check
Attributes:
All check list attributes
from dictionaries
Available Reply
Attributes:
All reply list attributes
from dictionaries
radiusclass=
client
radiusname=
MYRASCLIENT
Available Attributes:
Shared-Secret <string>
Acct-Shared-Secret <string>
IP-Address nnn.nnn.nnn.nnn
Product <string>
Inactivity-Timeout <seconds>