Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 Documentation Web Site: http://www.docs.hp.com: HP-UX AAA Server A.07.00Release Notes > Chapter 1 HP-UX AAA Server A.07.00 Release Notes

What is New in this Version
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

spacerspacerspacer
spacer
spacer
  		 
 

HP-UX AAA Server version A.07.00 includes the following new and changed features:

SQL Access Support for Oracle OCI and ODBC

HP-UX AAA Server A.07.00 now supports SQL Access for Oracle OCI and Open Database Connectivity (ODBC) compliant database client libraries.

SQL Access provides a highly flexible interface to customize the functionality of the AAA Server to meet your business requirements. SQL Access enables the execution of user-defined SQL statements that are mapped to RADIUS transactions. In addition, pre-defined and/or customized functions enable the extension the HP-UX AAA Server functionality and additional control over the HP-UX AAA Server operation.

The ability to integrate the HP-UX AAA Server with an SQL compliant database offers the following benefits:

  • Scalability across multiple HP-UX AAA Servers by using a database as a central repository for user, account, and session information

  • Extension of HP-UX AAA Server functionality by introducing customized behaviors using SQL

  • Session state tracking and session limit enforcement across multiple HP-UX AAA Servers for greater scalability and availability

  • Integration of HP-UX AAA Servers with existing Oracle OCI and ODBC compliant databases for authentication, accounting, and session management

The SQL Access feature consists of the SQL Access AATV, client connector libraries for supported database clients, and a set of reference implementation files that provide a quick and easy way to set up a working environment that provides fully functional reference implementations. These reference implementations can be used as-is, or customized to meet your deployment requirements.

The reference implementation uses SQL statements to retrieve user entries and optionally perform accounting and session management (with or without DHCP) in a multi-server environment.

See the following README files based on your implementation requirements:

  • /opt/aaa/examples/sqlaccess/oracle-1/: to implement SQL Access using the Oracle database server and OCI client

  • opt/aaa/examples/sqlaccess/mysql-1/: to implement SQL Access using the MySQL database server and MySQL Unix ODBC client

See the SQL Access Chapter in the HP-UX AAA Server A.07.00 Administrator’s Guide for more details on the SQL Access feature.

NOTE: The new SQL Access feature provides database connectivity via customer supplied database client or driver libraries. HP provides connectors for specific database client vendors and versions.

Refer to “SQL Access Requirements” in the “Installation Requirements” section of this document for the list of currently provided connectors.

The database server and client libraries are not provided with the HP-UX AAA Server.

Wi-Fi Protected Access 2 (WPA2) Support

HP-UX AAA Server A.07.00 supports Wi-Fi Protected Access 2 (WPA2) enabled RADIUS clients. WPA2 is the official IEEE 802.11i standard that enhances security with Advanced Encryption Standard (AES) for data encryption.

Server Manager Enhancements for Realm Configuration

The Server Manager Add/Modify Local Realms screen includes the following enhancements:

Modified EAP Options

EAP options are now modified to clearly state the EAP method used. For example, MD5 is now listed as EAP-MD5.

Inner and Outer TTLS Realm Support

The Server Manager Add/Modify Local Realms screen enables the creation of the same inner and outer realm by specifying a combination of the following new options:

  • TTLS (EAP-MD5)

  • TTLS (EAP-MSCHAPv2)

  • TTLS (EAP-PAP/CHAP/MSCHAP/MSCHAPv2)

The following rules of mutual exclusivity apply:

  • TTLS options may only be selected with other TTLS options

  • PEAP options may only be selected with other PEAP options

Authentication Method Specification

You can now specify the authentication method for a realm as follows:

  • Enable EAP: for authentication via EAP

  • Enable RADIUS Standard: use standard RADIUS authentication methods (PAP, CHAP, MSCHAP, and MSCHAPv2)

See the HP-UX AAA Server A.07.00 Administrator’s Guide and the Secure LAN Advisor in the Server Manager for more details on the Add/Modify Local Realms screen.

Detailed Error Logging for Improved Troubleshooting

HP-UX AAA Server A.07.00 logs detailed error messages in the server log file. The error messages contain information on the symptom, description, and corrective action for common errors.

Manual Rollover of the Server Log File and Accounting Stream

HP-UX AAA Server A.07.00 log files and accounting stream can be rolled over using the new radsignal command. See the radsignal manpage for more information.

Improved Performance for EAP-TLS

HP-UX AAA Server A.07.00 optimizes Certification Revocation List (CRL) processing. This results in improved performance with EAP-TLS. The performance improvement is more noticeable as the number of entries in the CRL file increases.

Improved Support for Multiple CRLs

HP-UX AAA Server A.07.00 now supports multiple Certificate Revocation Lists (CRLs) in a single CRL file.

Deprecation of Oracle and LDAP Policy

Oracle access via the db_srv daemon is deprecated for this release and may not be supported in future releases. It is recommended to use the SQL Access feature for Oracle database access.

Advanced Policy support via LDAP is deprecated on this release and may not be supported in future releases. It is recommended to use policy configuration via local configuration files.



Product Overview
  		 


Fixes Included in the HP-UX AAA Server A.07.00  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© Hewlett-Packard Development Company, L.P.