XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

151

152

153

154

155

156

157

158

159

160

XYGATE

User Authentication

™

Reference Manual

Chapter 14. Configuring the RADIUS Interface

XYPRO Technology Corporation 124 Proprietary and Confidential

14.8 Testing the RADIUS Interface and User Mapping

Before you run XUA, you should test your configurations.

Important! XUA does not run in warning mode. The initial configuration must be

tested before the software is enabled as the authentication SEEP in Safeguard.

Once configuration is done, you may run XYGATEUA in ACCESS, EXPLAIN, or

SERVER modes. Refer to Chapter 16, “What-if Testing” starting on page 137 for

instructions on how to test XUA in those modes.

Note: Only EXPLAIN mode shows the ID mapping (see example below).

Example: Sample EXPLAIN mode test

1> RUN XYGATEUA EXPLAIN

Access check:logon xypro.qa

User : XYPRO.QA (222,031) on 2011-03-28 16:57:58.656636

User Expires : * None *

Password Expires : * None *

Password May Change : * None *

Password Must Change : * None *

Password Expiry Grace : 15 days

Last Logon : 2011-03-16 17:07:34.522623

Last Unsuccessful Lgn : 2011-03-16 17:07:25.992429

Fail count : * None *

Static fail count : 124

Frozen/Thawed : Thawed

Last Modification Time: 2011-03-16 17:07:34.485872

From User : 255,255 SUPER.SUPER

Requestor : $NONE $NONE.NONE.NONE

Ancestor : $NONE $NONE.NONE.NONE

To User : 222,031 XYPRO.QA

Port : $NONE $NONE.NONE.NONE

Dialog ID : 001 Tag=0 Dialog=On

State : 01 Initial

Options : 0000000000000001

Option 15: Logon

UAGROUP SAFEGUARD-PRIVLOGON Requestor did not match

UAGROUP SN-FTP-LOGON-RSA Requestor did not match

UAGROUP SN-RSA-MAP Target not in TO_USER list

UAGROUP SN-RSA-AUTH-01 Target not in TO_USER list

UAGROUP SN-FTP-LOGON-RADIUS Requestor did not match

UAGROUP RADIUS_AUTHENTICATE Target in TO_USER list

UAGROUP RADIUS_AUTHENTICATE FROM_USER check skipped because of SUPERSUPEROK ON

UAGROUP RADIUS_AUTHENTICATE Selection criteria satisfied

UAGROUP RADIUS_AUTHENTICATE Description: RADIUS Logon with Mapping

subproc check_for_impersonation:begin

Impersonation chars not in password field

UAGROUP RADIUS_AUTHENTICATE AUTHENTICATE_MAXIMUM_ATTEMPTS 3

UAGROUP RADIUS_AUTHENTICATE AUTHENTICATE_FAIL_FREEZE ON

UAGROUP RADIUS_AUTHENTICATE AUTHENTICATE_FAIL_STOP OFF

Password required off - supersuper ok

password_required = off

Process state 01

Begin State_Initial