XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

151

152

153

154

155

156

157

158

159

160

XYGATE

User Authentication

™

Reference Manual

Chapter 14. Configuring the RADIUS Interface

XYPRO Technology Corporation 126 Proprietary and Confidential

Frozen/Thawed : Thawed

Last Modification Time: 2011-03-16 17:07:34.485872

UAGROUP RADIUS_AUTHENTICATE Replying with access YES

UAGROUP RADIUS_AUTHENTICATE Outcome is LOGON

SEEP return 00000,00000,00000

Access result - YES using GROUP RADIUS_AUTHENTICATE

In the Example above, user XYPRO.QA was mapped to alias qa based on the

mapping configuration of the RADIUS_AUTHENTICATE UAGROUP. The status of the

user account was checked with the Safeguard. In this case, the mapping was used

and RADIUS authentication was allowed.

Important! The following is a known issue with Safeguard. If the Safeguard

authentication event is enabled and if the RADIUS_REQUIRE_PASSWORD is set to

ON in the UACONF or UAACL file, then RADIUS authentication will not work correctly

in What-if mode.

14.9 Troubleshooting the XUA and RADIUS Server

If XUA controls logons and the logon or test outcome produce unexpected results, you

can use the TESTRAD script to test the RADIUS server availability outside of XUA.

The TESTRAD program can be invoked from the Guardian space by running

XUA_EXECUTE_RADIUS_PROXY macro. To execute the RADIUS proxy, attach the

XUA segment and run the macro, or run the TESTRAD program from the XUA

installation location. The keyword TRACE can be specified when using the TESTRAD

macro or the macro XUA_EXECUTE_RADIUS_PROXY and trace data will be sent to

the terminal.

RUN TESTRAD TRACE - command turns on tracing.

The TESTRAD HELP command displays usage of the command.

Example 1 How to invoke the help for TESTRAD

Below describes FLAGS that CAN be used with the RADIUS proxy.

--------------------------------------------------------------

Flags From UACONF, or default values when missing.

--------------------------------------------------------------

-c OSH execution of whatever is between the quotes.

-h The DSN or IP address of the RADIUS host.

-p The port the RADIUS server communicates on.

-xproc Single quoted TCP/IP process the proxy server uses.

-xtimeo Proxy server timeout in seconds.

-xdir Location of support files (License, RADIUSSS, etc.)