Справочник Пользователя для HP (Hewlett-Packard) 11I V1
Introduction to AAA Server
HP-UX AAA Server Features
Chapter 1
15
HP-UX AAA Server Features
General Features
•
Compliant with RADIUS protocol RFC 2865 and 2866 standards
•
Supports multiple vendor NASs with a single server (multi-vendor dictionary that
includes Nortel®, Cisco®, Lucent®, and others)
includes Nortel®, Cisco®, Lucent®, and others)
•
Configurable dictionary that allows the definition of new vendors and vendor-specific
attributes and values
attributes and values
•
Dictionary includes attributes from RFCs 2865, 2866, 2867, 2868, and 2869
•
Vendor-specific attribute translation
•
Configurable attribute-value pruning behavior (based on dictionary and clients file
definitions)
definitions)
•
Various configurable (through aaa.config) internal queue and buffer sizes
•
Persistent user session table and automatic recovery of session information after a server
reload occurs
reload occurs
•
Engine support of loadable plug-in modules
Authentication Features
•
Distributed authentication (proxy) by realms (RADIUS type authentication)
•
Support for PAP authentication protocol by all supported authentication types
•
Support for CHAP (clear text password required in the user profile)
•
Support for MS-CHAP
•
Support for EAP authentication for wireless LAN access points and switches (including
EAP-MD5, EAP-TLS, EAP-TTLS, EAP-PEAP, EAP-GTC, and EAP-LEAP)
EAP-MD5, EAP-TLS, EAP-TTLS, EAP-PEAP, EAP-GTC, and EAP-LEAP)
•
Authentication of users with profiles defined in a flat text file that the server loads into
memory (clear text or UNIX-style encrypted passwords)
memory (clear text or UNIX-style encrypted passwords)
•
Authentication of users defined in a /etc/passwd file
•
Authentication using multiple sets of user definition and realm definition files (users and
authfile files) keyed by network access server (NAS)
authfile files) keyed by network access server (NAS)