After NMAS, Novell RADIUS, and the token login method have been installed, you must configure Novell RADIUS on your NMAS server.
Perform the following procedures in order:
Start ConsoleOne.
Right-click an Organizational Unit container object, click New, click Object, then click RADIUS:Dial Access System.
Specify the object name.
Click OK.
Specify the password.
Click OK.
Start ConsoleOne.
From the Security Container, double-click the Login Policy object.
Click the Rules tab (if it isn't already open).
Click the plus sign (+) to add a login rule.
Click the browse button at the end of the Service Object field, then select the DAS object.
On the User list tab, click +, then select the user or container that you want the rule to apply to.
On the Sequences tab, click +, select the token method, then select Mandatory.
Click OK until you return to ConsoleOne.
Start ConsoleOne.
Double-click the DAS object.
On the Clients page, click Add.
For Address, type the IP address of your iChain proxy server.
For Vendor Type, use the drop-down list to select Novell.
Type and confirm a secret for this client.
Click OK.
On the User Resolution page, click the Use Lookup Contexts List to Resolve User Name option if the users are not in the same context as the DAS object.
Click Add.
Browse and select the container where the User objects reside.
In the Object Name field, type a name for the object.
Click OK, then click OK again.
Start ConsoleOne.
Right-click an Organizational Unit container object, click New, click Object, then click RADIUS:Profile.
Click OK.
Specify the object name.
Click OK.
Start ConsoleOne.
Double-click the DAP object.
On the Attributes page, click Add.
Select the Novell eDirectory Name attribute.
Select the check box next to Novell eDirectory attribute.
Select FDN (Fully Distinguished Name).
IMPORTANT:It is critical that you select FDN so that name resolution works properly. Otherwise, the users who use this profile will get a 403 User Name Mismatch error when they try to access Web pages.
Click OK twice.
Start ConsoleOne.
Double-click a User object.
Click the Login Methods tab, then select the Token method you previously installed.
Follow the partner’s instructions for enabling this method.
Start ConsoleOne.
Double-click a User object.
Click the Dial Access Services tab.
Select a Dial Access Control.
Browse and select the DAS object you want to assign to this user.
Click Add.
Browse and select the DAP object.
Click OK twice.
From the NMAS server console, type RADIUS to start the RADIUS services.