Партнёры:
Хостинг:
NAME
auth.props - Sun Ray enterprise appliance authentication
daemon configuration file
DESCRIPTION
The auth.props file contains the Sun Ray authentication
manager's configuration options. Many of these options are
not supported and should not be set to values other than
their default values.
OPTIONS
The following options are supported:
adminConfigFile=filename
This file contains the administrative database confi-
guration information.
allowAnnotations=boolean
UNSUPPORTED. If this option is true then any applica-
tion can connect from any IP address and annotate a
session. Annotations are restricted to keywords pre-
fixed by "x_". Values are not restricted.
allowFWLoad=boolean
This option specifies whether or not the utload com-
mand is allowed to download firmware to appliances
connected to this authentication manager.
allowLANConnections=boolean
UNSUPPORTED. If this option is true then appliance
connections will be allowed from localhost as well as
from non-Sun Ray interconnect interfaces.
cbport=portNumber
UNSUPPORTED. The authentication manager listens on
this port for connections from the utsessiond daemon
and other programs, such as utload.
cbtimeout=seconds
UNSUPPORTED. This option specifies the read timeout in
seconds for programs that connect to the cbport.
controllers=maximum
UNSUPPORTED. This option specifies the maximum number
of spare threads that are available for handling new
connections from applications such as utload(1M).
enableGroupManager=boolean
UNSUPPORTED. Flag to turn on the group manager func-
tion.
enableLoadBalancing=boolean
Flag to turn on group manager load balancing.
enableMulticast=boolean
UNSUPPORTED. Flag to enable/disable use of multicast
in group manager. If disabled, group manager will use
broadcast.
forceSessionLocation=boolean
UNSUPPORTED. Flag to force use of sessionHost and ses-
sionPort settings from this file regardless of the
wishes of the various authentication modules.
gmDebug=level
UNSUPPORTED. Group manager debugging level.
gmKeepAliveInterval=seconds
UNSUPPORTED. The group manager uses this as the time
in seconds between broadcast keepalive messages.
gmport=port
UNSUPPORTED. The group manager uses this port to send
and receive keepalive/discovery messages from other
auth managers.
gmSignatureFile=file
The group manager can "sign" messages to other group
managers based on the contents of a signature file.
Other group managers with the same signature file con-
tents are "trusted". To be usable, the file must be
owned by 'root' and must not be readable, writable, or
executable by anyone else; it must contain at least 8
bytes, at least two of which are letters and at least
one which is a non-letter printable character.
log=filename
UNSUPPORTED. This option specifies a file that con-
tains the log messages.
logAddTimeStamp=boolean
UNSUPPORTED. Add your own timestamp to syslog mes-
sages. This may be appropriate for debugging or in
cases where a remote syslog server is being used and
higher resolution timestamps are required.
logFacility=value
The logFacility can be one of the following:kern,
user, mail, daemon, auth, syslog, lpr, news, uucp,
cron, local0, local1, local2, local3, local4, local5,
local6, local7
Log files
Log priorities for different utauthd message classes
can be one of the following: emerg, alert, crit, err,
warning, notice, info, debug, OFF.
The message classes are:
logPriClientError=value
logPriDebug=value
logPriNotice=value
logPriWarning=value
logPriConfigError=value
logPriUnexpectedError=value
maxStarting=maximum
UNSUPPORTED. This option specifies the maximum number
of threads that can be simultaneously initiating a
session. Additional threads wanting to start or verify
a session will have to wait for some other thread to
finish starting or verifying a session.
moduleDif=directorName
UNSUPPORTED. This option specifies the location of the
authentication modules.
multicastTTL=integer
UNSUPPORTED. Time-to-live parameter for forwarding
multicast packets. If set above one, keepalive mes-
sages can pass through routers.
noClaimSleepTime=seconds
UNSUPPORTED. The amount of time in seconds to sleep
after a token has been offered to all of the authenti-
cation modules and before notifying the appliance that
the authentication failed.
policy=filename
This option specifies the location of the authentica-
tion policy specification.
port=portNumber
The utauthd daemon listens on this port for connec-
tions from Sun Ray appliances.
remoteSelect=boolean
If true, the remote server selection option of the
utselect(1) command is enabled by default.
reportAllDesktopEvents=boolean
UNSUPPORTED. If this option is true then all desktop
events will be reported instead of being filtered to
just those events that change the "exists" state of
the appliance.
restrictSunrayIfs=boolean
UNSUPPORTED. Flag to restrict communication between
group managers on different hosts to travel over Sun
Ray network interfaces. If false, group managers will
communicate over all interfaces.
selectAtLogin=boolean
If true, this option enables a session startup mode
where a utselect(1) screen is presented to the user
before the CDE login screen. This allows the user to
select a Sun Ray server before logging in.
sessionHost=hostname
UNSUPPORTED. This option specifies the host name of
the server that is running the default utsessiond for
this authentication manager.
sessionPort=portNumber
UNSUPPORTED. This option specifies the port number of
the server that is running the default utsessiond for
this authentication manager.
sessionTypesFile=filename
This option specifies a file that contains mappings
from session types to the associated session startup
and shutdown commands.
smtimeout=seconds
UNSUPPORTED. This option specifies the read timeout in
seconds for reading messages from the utsessiond dae-
mon.
termAddrIsSecret=boolean
UNSUPPORTED. If this option is true then the IP
address and port of appliances will not be reported in
the dynamic status information provided on port cbport
in response to the string.
terminateEnable=boolean
UNSUPPORTED. This option enables some experimental
code in utauthd.
timeout=seconds
UNSUPPORTED. Appliances are required to send some sort
of message to the authentication manager at least once
every time period specified by seconds.
tokenDir=directory
UNSUPPORTED. This option specifies a directory that
contains the mappings from logical token names to ses-
sion identifiers. The persistent storage of these map-
pings allows the utauthd daemon to recover its state
after restarting. Note that this state is reset on
reboot of the system.
token.equiv=filename
UNSUPPORTED. This option specifies a file that con-
tains mappings from one raw token name to another.
useLocalPolicy=boolean
In a group environment this is set to false to provide
a global group policy (which is extracted from the
datastore).
Default for a single system is true.
When configured for a Group, the entry is false. If it
is true, it indicates that only local policies will be
used. The global Policy entry in LDAP database will be
ignored.
Checked by utpolicy -G.
workers=maximum
UNSUPPORTED. This option specifies the maximum number
of spare threads that are available for handling new
connections from Sun Ray appliances.
FILES
The following files are used:
/etc/init.d/utsvc
This is the system startup script that invokes
the daemon /opt/SUNWut/utsessiond. The session
manager performs the actual session switching
function.
/etc/opt/SUNWut/auth.props
The authentication manager's configuration file.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
| Availability | SUNWutr |
|_____________________________|_____________________________|
SEE ALSO
utauthd(1M), utpolicy(1M), utsessiond(1M), utselect(1)
|
Закладки на сайте Проследить за страницей |
Created 1996-2025 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |