Dell PowerConnect W Clearpass 100 Software 3.9 Deployment Guide - Page 492
Database Module Configuration, advanced.eap = 1, RADIUS Services, Authentication, EAP & 802.1X
View all Dell PowerConnect W Clearpass 100 Software manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 492 highlights
Table 60 Authentication Module Configuration Settings (Continued) Value Description mschap.ntlm_auth The module can perform authentication itself, or use a Windows Domain Controller. This configuration directive tells the module to call the ntlm_auth program, which will do the authentication, and return the NT-Key. Note that you MUST have "winbindd" and "nmbd" running on the local machine for ntlm_auth to work. See the ntlm_auth program documentation for details. Database Module Configuration Table 61 Database Modeule Configuration Settings Value Description sql.case_insensitive_usernames = 0 Set this option to 1 to match usernames in the local user database without regard to case. This will allows basic RADIUS authentication to work when the case of the username provided by the NAS is different from the case of the username in the local user database. Note that this may have unexpected effects in certain authorization or accounting contexts, or when creating user accounts. This option does not control how external authentication servers perform username matches; these may be case-sensitive or caseinsensitive depending on the type of server and its configuration. The default and recommended setting is to perform case-sensitive username matching. sql.num_sql_socks = 5 The number of SQL connections to make to the database server. sql.connect_failure_retry_delay = 60 The number of seconds to delay retrying on a failed database connection (per socket). sql.safe_characters = not set A list of characters that may be stored in database fields without being escaped. This may be set to the value "all" to indicate all standard ASCII characters. This string should not include any ASCII characters with a value of 128 or more as this could result in a string with an invalid UTF-8 encoding being sent to the database. sql.simultaneous_stale_time = 86400 The "stale time" determines how much time must elapse without any interim accounting updates before an open session is considered "stale" and will no longer count towards a user's session limit. Stale sessions are displayed in the Active Sessions list using a different state icon. This parameter is measured in seconds; the default corresponds to a value of 24 hours. override.session.radutmp = yes Set this parameter to "yes" to enable session limits in the case where guest accounts are limited to a maximum of one or more concurrent sessions. It is important to ensure that when this configuration option is in effect, the NAS is able to reliably send accounting stop messages. Otherwise, sessions will not be closed and this can lead to the same account being denied access when they are not actually logged in. When this occurs, the user's previous session will be shown as active in the active session list; it can be closed manually here. EAP Module Configuration Set the advanced.eap = 1 option to enable additional EAP types to be selected in the RADIUS Services > Authentication>EAP & 802.1X>EAP Configuration form. 492 | Reference ClearPass Guest 3.9 | Deployment Guide