Click on the
icon or select Modify from the Entry menu.
The Modify Attributes window is displayed.
If you wish to change the name of the entry, use the Rename function.
Each type of RADIUS entry has a number of attributes associated with it. Some of these attributes are mandatory (marked with an "M") and need to be given a value, others are optional (marked with an "O") and can be left without a value. In this window you can assign values to the attributes.
Some attributes accept multiple values, others can only have one value. This is defined in the schema by the SINGLE-VALUE keyword. If you try to add more than one value to a single-valued attribute, an error message is displayed.
- To add a new value to an attribute:
- From the Choose Attribute window, select the attribute for \
which you want to add a value.
- Type the attribute's value in the text field.
There are three ways of adding an attribute to the directory:
- Click the Add button to add the value of the attribute to
the entry.
The value appears in the entry definition next to the attribute.
- Click the Chk Add button.
The value is added to the entry definition, and the name of the
attribute is added to the Radius Check Data optional attribute which
matches the grpCheckInfo attribute.
For example, if you select the User ID attribute from the Choose
Attribute list and type the value charles in the text window, when you
click on Chk Add, the value charles is added to the User ID attribute,
and uid is added to the Radius Check Data attribute.
- Click the Rpl Add button.
The value is added to the entry definition, and the name of the
attribute is added to the Radius Reply Data optional attribute which
matches the grpReplyInfo attribute.
- To add an additional value to an attribute, repeat steps 1 and 2.
The additional value is added to the entry definition.
When an attribute has more than one value, an arrow is displayed next
to the attribute name in the entry definition. Click on the arrow to
collapse or expand the attribute definition.
- To delete an attribute or alternative value from the entry:
- Select the attribute or value in the entry definition.
There are three ways of deleting an attribute from the directory:
- Click the Delete button.
- Click the Chk Del button.
The value is removed from the entry definition, and the name of the
attribute is removed from the Radius Check Data optional attribute
which matches the grpCheckInfo
attribute.
- Click the Rpl Del button.
The value is removed from the entry definition, and the name of the
attribute is removed from the Radius Reply Data optional attribute
which matches the grpReplyInfo
attribute.
If you delete the only value for an optional attribute, the attribute is
removed from the entry definition.
If you delete the only value for a mandatory attribute, only the value is
cleared from the entry definition. The attribute will remain. If you click
Done, you are prompted to supply values for any mandatory
attributes without values.
- To modify an attribute's value:
- In the entry definition, select the value of the attribute you want to
modify.
The attribute's value appears in the text field.
- Modify the value and click the Modify button.
The modified value appears in the entry definition.
- To clear the text field:
- When you have finished the modifications click Done.
grpCheckInfo
The grpCheckInfo attribute, contains a list of attributes that must be checked by the RADIUS server against the information supplied by the remote user. If the grpCheckInfo attribute is not present, or if it does not contain any attributes, then all the attributes in the remote user's entry are checked before access is granted to the user.
grpReplyInfo
The grpReplyInfo attribute, contains a list of attributes returned by the RADIUS server with an access-accept or access-reject response. It can contain connection parameters such as a PPP or SLIP profile.
© Copyright 1998 Sun Microsystems, Inc.
901 San Antonio Road, Palo Alto, California 94303 U.S.A.