Re: (ASCEND) Ascend AAC with DBM? pseudo-users for Banners?

To: Chris Shenton <cshenton@it.hq.nasa.gov>
Subject: Re: (ASCEND) Ascend AAC with DBM? pseudo-users for Banners?
From: Dean Frye <dfrye@ascend.com.au>
Date: Fri, 01 May 1998 20:24:12 +1000
Cc: ascend-users@bungi.com
In-Reply-To: <xoi67jrf8yx.fsf_-_@wirehead.it.hq.nasa.gov>
References: <Pat_Barron@transarc.com's message of Thu, 30 Apr 1998 11:45:30 -0400 (EDT)>
Sender: owner-ascend-users@max.bungi.com

At 02:41 PM 4/30/98 -0400, you wrote:
>We currently run the old free Ascend RADIUS server that came with our
>Maxes, and we use the DBM variant for accessing a DBM-ized user
>file. We're now deploying hardware tokens and need the commercial
>Ascend Access Control (AAC) server to talk to the ACE/SecurID
>libraries for authentication. There seem to be some things missing or
>not documented in the AAC versus the old free RADIUS.
>
>The online man page which came with AAC mentions the use of DBM
>versions of the users file and mentions using the "builddbm" utility,
>but this tool and its man page are nonexistent. I cannot find a
>radiusd.dbm binary or any switch on the AAC radiusd to use a DBM
>file. Is it possible the for cost server doesn't do DBM??
>
>(I've got code which manipulates a user DBM and would really rather
>not rewrite to munge a flat text file -- too error-prone. I'm running
>on UNIX, not NT, so can't do the AAC ODBC thing).
>
>
>The AAC manual incidates I can create pseudo users to establish
>pre-login banners for the Max. We need a banner with our standard
>government-speak warning and it's longer than the little one you can
>config on the Max itself. The manual doesn't describe how to do this
>-- pseudo-user name, check-items, return-items. The things I've tried
>don't work.
>
>Can someone clue me in here? 


Chris,


I am not sure what the status of dbm mode user files is with AAC but I can
help with the banner and pools profiles:

initial-banner-<box name>	Password="ascend", User-Service=Dialout-Framed-User
	Reply-Message="This is my message"

I think you can have up to 15 lines or so in the reply message.

pools-<box-name>	Password="ascend", User-Service=Dialout-Framed-User
	Ascend-IP-Pool-Definition="2 10.10.10.1 100"

This will give the box pool 2 starting at 10.10.10.1 for 100 addresses.

Regards,

dean


>
>If I can create a banner pseudouser, can I also create a pseudouser
>which returns to the Max the base address of the IP pool it is allowed
>to hand out? If so, how?

-------------------------------------------------------------
Dean Frye                                      +61.3.96567000
Ascend Communications Australia                   0418 546635
lvl 38/55 Collins St
Melbourne VIC 3000
Ascend Australia Support:             apac.support@ascend.com
++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

References:

(ASCEND) Ascend AAC with DBM? pseudo-users for Banners?

From: Chris Shenton <cshenton@it.hq.nasa.gov>

Prev by Date: Re: (ASCEND) mpNullMessageTimeout
Next by Date: (ASCEND) Terminal adapter+MPP+SecurID = :(
Prev by thread: (ASCEND) Ascend AAC with DBM? pseudo-users for Banners?
Next by thread: Re: (ASCEND) Ascend AAC with DBM? pseudo-users for Banners?
Index(es):
- Main
- Thread