HP Digital NetRider Uživatelský manuál Strana 470

  • Stažení
  • Přidat do mých příruček
  • Tisk
  • Strana
    / 536
  • Tabulka s obsahem
  • KNIHY
  • Hodnocené. / 5. Na základě hodnocení zákazníků
Zobrazit stránku 469
Managing SecurID
22-24 Managing Access Server Security
SecurID Realms
SecurID servers do not provide any authorization data; therefore, any authorization
information comes from the SecurID realm or the port characteristics.
If a SecurID card is in a new PIN mode and the new PIN is coming from the access
server, the new pin is displayed for 10 seconds and then erased.
Minimal Setup for SecurID
The minimal configuration requires the following commands to set up the remote ports
used for communication with SecurID. These features must be assigned in order for
any communication with SecurID or SecurID accounting to take place.
The following example shows the command used to set up SecurID security:
LOCAL> CHANGE SECURID REALM
realm-name
This command defines and initializes a new SecurID realm:
LOCAL> CHANGE SECURID REALM JONAS.COM AUTHEN HOST
ip-addr
Optional Setup for SecurID
The commands in the following example can be used to configure additional security
parameters for SecurID. The commands in these examples will define a SecurID
accounting node, define the maximum timeout period for SecurID reply, and define the
interval between retries of an authentication request.
Local> CHANGE SECURID TIMEOUT
seconds
This command defines the maximum timeout for SecurID reply.
Local> CHANGE SECURID INTERVAL
seconds
Local> CHANGE SECURID REALM
realm-name
INCLUDE
This command causes the realm name to be included as part of a user name sent to
SecurID. Realm name inclusion is used for SecurID proxy authentication service. See
the
Network Access Server Command Reference
for more information on this
command.
Zobrazit stránku 469
1 2 ... 465 466 467 468 469 470 471 472 473 474 475 ... 535 536

Komentáře k této Příručce

Žádné komentáře