ClearBox Server v1.2 Developer's Guide |
Advanced Extension ConfigurationAdvanced server extension settings are stored in settings.ini file that must be located in the same folder with the server extension. Edit is before starting the server. All settings except for secrets shared with client may be left without changes. Start with defining RADIUS/TACACS+ clients. For every client add a section with client IP address and define necessary keys (see Client section). If you choose to authenticate users with a database, fill Users table. Database structure and fields usage are explained here. The file has the following sections and keys: [Authentication]AuthenType. Describes how the server should authenticate users. Possible values are:
DBType. Specifies what type of database server extension should use. Is valid if AuthenType is DB. Possible values are:
AuthenDomain. Used when AuthenType is NTSAM or AD. Specifies the domain controller or computer name that contains account database. If AuthenType is NTSAM and AuthenDomain is . (dot) then local computer account database is used. PAPAuthen. (true/false) Specifies whether users can authenticate through PAP or not. CHAPAuthen. (true/false) Specifies whether users can authenticate through CHAP or not. MSCHAPAuthen. (true/false) Specifies whether users can authenticate through MS-CHAP or not. MSCHAP2Authen. (true/false) Specifies whether users can authenticate through MS-CHAPv2 or not. [Database]DBPath. Used when DBType is MSAccess and contains path to the database file. DSN. Used when DBType is ODBC and specifies system data source name (DSN). DBUser. Used when DBType is ODBC or (DBType is MSSQL and DBSecurity is mssql) and specifies database user name. DBPassword. Used when DBType is ODBC or (DBType is MSSQL and DBSecurity is mssql) and specifies database user password. DBServer. Used when DBType is MSSQL and specifies MS SQL server name. DBCatalog. Used when DBType is MSSQL and specifies MS SQL database name. DBSecurity. Specifies how should server extension authenticate on MS SQL server. Possible values are:
[Accounting]LogFilePath. Specifies the base part of the accounting log file name. It may start with .\ to specify that the file should be located in the same folder with the server or be an absolute path. The actual file name will be extended with a suffix defined by Rollover key and LogFileExtension parameter. LogFileExtension. Specifies an extension that accounting log file name set by LogFilePath will have. Rollover. Defines how often the server closes old log file and creates a new. Possible values are:
MaxFileSize. Specifies maximum size (in bytes) accounting log file may have. If Rollover is ONSIZE and log file is larger than this threshold, new file is created. LogInterim. (true/false. Specifies whether the server should log interim accounting records if LogType is Livingston.) LogType. Possible values are:
Separator. Specifies the character that separates values in CSV accounting logging. LogNames. (true/false) Used when LogType is CSV. When it's true, server writes logged attributes names at the first line of accounting log file. LoggedRADIUSAttributes. Specifies list of RADIUS attributes names that should be logged. Every name should be delimetered by Separator. If this key is present, LoggedTACACSAttributes key is ignored. (See list of RADIUS attributes.) LoggedTACACSAttributes. Specifies list of TACACS+ attributes names that are logged in CSV-files. (See list of TACACS attribute names.) [<client IP address>]radAuthenKey. Defines a secret shared with a RADIUS client for authentication transactions. radAcctKey. Defines a secret shared with a RADIUS client for accounting transactions. tacKey. Defines a secret shared with a TACACS+ client.
© 2001-2003 XPerience Technologies. www.xperiencetech.com |
Created by chm2web html help conversion utility. |