You can use different authentication protocols through the RADIUS server.
Authentication Protocol |
radiusAuthType |
eDir-Auth-Option |
password_attribute |
---|---|---|---|
PAP |
LDAP |
Leave as blank |
Leave as blank |
CHAP |
CHAP |
Leave as blank |
nspm password |
Token-based Authentication (OTP) |
LDAP |
digipass (for VASCO digipass method) |
Leave as blank |
Ensure that you use the following settings for these authentication protocols:
For PAP, CHAP, and OTP, ensure that you specify an appropriate value for the radiusAuthType attribute for each authentication protocol as indicated in the table.
On SUSE Linux Enterprise Server (SLES) 10, add the default authentication entry in the /etc/raddb/users configuration file. For more information, see Configuring Token Authentication for FreeRADIUS on SLES.
On SLES 11, select digipass as default login sequence for token-based authentication. For more information, see Configuring Token Authentication for FreeRADIUS on SLES
CHAP authentication requires Universal Password. Enable the password_attribute and set it to nspmpassword.