beautypg.com

Alcatel-Lucent 8950 AAA User Manual

Page 164

background image

............................................................................................................................................................................................................................................................

Defining a Failure Mode

Using the 8950 AAA Policy Assistant in Server

Management Tool

9-24

365-360-001R6.0

Issue 1, December 2008

............................................................................................................................................................................................................................................................

Setting the Location for Your Attribute Sets

If you choose to define an attribute set for an individual in addition to the set assigned to
all users of this policy, you must store all sets in the same file. The PolicyAssistant
includes a template file (

\run\users.template

) that stores the predefined attribute sets. It is

recommended to add your unique attribute sets to this file.

1. Click Advanced to open the Advanced panel.

2. Enter a name in the File Containing Attribute Sets field. The file must already exist

and be located in the 8950 AAA

run

directory. If the file cannot be found or if the

named Attribute Set cannot be located in the file the PolicyAssistant follows the action
defined above in the Attribute Set Lookup Failure frame.

3. Click Attribute Set Name is defined in the User Profile to identify the user profile as

a source for your attribute sets.

Use this option if your user profile source is one of the sources that store only user
name and password to create unique attribute sets for any of your users.

For example, your user profile source is SecurID and the account for user ‘kyle’ will
be deactivated at the end of the month. Use the process defined in the section

“Creating Attribute Sets” on page 20

to create an attribute set with the name ‘kyle’ that

includes the deactivation attribute under the Items to Verify tab. Click Advanced
button. The Advanced option is displayed, as shown in

Figure 9-15

.

Continue without the Attribute
Set

Continue processing the request, but without the attributes
from the Attribute Set. If authentication and authorization
are successful the Access-Request is sent. However, the
session may not function as intended or may not start at all.
This is the default setting.

Table 9-3 Attribute Set Options

Option

Description

See also other documents in the category Alcatel-Lucent Computer Accessories: