Changing RADIUS Server Options

You can change Remote Dial-In User Services (RADIUS) server options from the NetWare® server command line, including the distinguished name of the Dial Access System object and the Dial Access System password for the specified Dial Access System object.

<EM CLASS=VARIABLE>[name = Dial Access System distinguished name] [password = Dial Access System password] [threads = number of threads] [auththreads = number of threads listening to authentication port] [port = UDP port number for RADIUS] [acctPath = RADIUS accounting directory] [fileFormat = [standard|comma] ] [rollOver = [daily|weekly|monthly] ] [serverType = [accounting|authentication] [decrementGraceLogins = [YES|NO] [affinity = NDS server]</EM>

All parameters are optional. The values you specify override the default values.

If you do not specify the name or password on the command line, you will be prompted to provide a name and password at startup. Names can be specified as relative distinguished names, distinguished names, or partial distinguished names. Both typed and typeless names are supported. Refer to the NDS® documentation for details on specifying names.

The default context is set to the current bindery context. After Novell RADIUS Services has been loaded, the default context is set to the Dial Access System name context.

Strings with embedded spaces must be contained in quotation marks. In addition, a quoted parameter must be preceded with a space.

The valid values for the number of threads range between 1 and 127. The default number of threads is 5, which should be satisfactory in most cases.

The default UDP port number is 1645 (the most commonly used). However, a new UDP port number (1812) has been assigned by the Internet Engineering Task Force (IETF) for RADIUS services.

The default path for the RADIUS accounting files is SYS:\ETC\RADIUS\ACCT.

The RADIUS accounting server is typically implemented as a separate process of the RADIUS authentication server. The RADIUS accounting server listens on UDP port number 1813. When an accounting packet is received from a RADIUS client (such as a network access server), the RADIUS accounting server logs the information in an ASCII text file and returns an acknowledgment to the RADIUS client.

The default RADIUS accounting file format is comma-delimited text (standard ASCII file format is optional).

The default period before a RADIUS accounting file is rolled over is daily (weekly and monthly are optional).

By default, the Novell RADIUS Services software runs both the authentication server and the accounting server when you do not specify the ServerType option on the command line. (Running just the authentication server or the accounting server is optional.)

By default, the Novell RADIUS Services software will use the local server for NDS processing. You can use the affinity command line option to specify another server. You cannot specify more than one affinity server. You cannot specify a backup NDS server.