How to configure BMAS 3.5 and 3.6.
Novell Cool Solutions: Feature
Digg This -
Posted: 27 Sep 2002
Versions: BorderManager 3.5 and 3.6
Before you Start
- Ensure that NWADMN32 has been launched at least once.
- The BorderManager snapins will need to be installed and are located in SYS:PUBLIC\BRDRMGR\SNAPINS\SETUP.EXE.
- In order to perform the initial configurations, ensure that you are logged in as ADMIN and not an ADMIN Equivalent.
Launch NWADMN32 from the drive mapping that was specified during the BorderManager snapins install.
Dial Access System Create - Dial Access System (DAS) | Enter a Dial Access System Name | Check Define Additional properties | Create Clients Tab | Add | Enter Client Address of Access Server | Select Client Type according to Access Server | Enter Shared Secret Username Resolution Tab | Either select Use NDS find to resolve usernames or Use lookup contexts list to resolve usernames Miscellaneous Tab | Change Dial Access System Password - This password will be used to load radius from the server console Dial Access Profile Create - Dial Access Profile (DAP) | Enter a Dial Access Service Profile Name | Check Define Additional properties | Create Attributes Tab | Enter the attributes specified by the manufacturer for the Access Server ie. Framed-Protocol PPP Service-Type Framed
NOTE - Before proceeding with ActivCard and the Login Policy Object please note this. If you are only using NDS authentication, you do not need to proceed any further. The Login Policy Object only needs to be implemented when you have more than one form of authentication.
ActivCard Container Object | Create | ActivCard Container | Enter a name or accept the default name | Check Define additional properties | OK Highlight ActivCard Container | Details Import Device Images | Import Device Images Configuring Tokens Highlight a Token | Details Assignment Tab | Associate this token with a user Password Tests - Test to ensure token is synchronized Unlock Code - Test to ensure token is synchronized *Consult the ActivCard documentation for further information Login Policy Object View | Go Up a Level | Select Root and press OK Highlight the Security Container | Create | Login Policy (LPO) Rules | Add | Select the Object Name Radio Button and browse to the Dial Access System Object | OK Methods Tab | Add - This rule will allow the use of NDS passwords Method Enforcement | Choose either mandatory or Acceptable | OK User List | Add - Either choose a user, users, container or group * If ActivCard is to be used, the following changes will need to be made: Methods Tab | Add | Object Name | Browse to the ActivCard Container | OK Method Enforcement | Choose either mandatory, Required if assigned or Acceptable Order the rules by highlighting a rule and use UP or Down Loading Radius From the server console issue the following: LOAD RADIUS NAME=(DAS Name) PASSWORD=(DAS Password)
NOTE - The following command will need to be issued before any changes are made to the LPO. From the server console issue the following: RADSTOP
For more info see TID 10017913
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com