/etc/radius/dictionary file

Edit online

The dictionary file contains descriptions of the attributes that are defined by the RADIUS protocol and supported by the AIX RADIUS Server.

It is used by the RADIUS daemon when validating and creating packet data. Vendor-specific attributes should also be added here. The dictionary file can be modified using any editor. There is no SMIT interface.

The following is part of a sample dictionary file:

########################################################################
#                                                                      #
#   This file contains dictionary translations for parsing             #
#   requests and generating responses.  All transactions are           #
#   composed of Attribute/Value Pairs.  The value of each attribute    #
#   is specified as one of 4 data types.  Valid data types are:        #
#                                                                      #
#   string - 0-253 octets                                              #
#   ipaddr - 4 octets in network byte order                            #
#   integer - 32 bit value in big endian order (high byte first)       #
#   date - 32 bit value in big endian order - seconds since            #
#                                   00:00:00 GMT,  Jan.  1,  1970      #
#                                                                      #
#   Enumerated values are stored in the user file with dictionary      #
#   VALUE translations for easy administration.                        #
#                                                                      #
#   Example:                                                           #
#                                                                      #
#   ATTRIBUTE         VALUE                                            #
#   ---------------   -----                                            #
#   Framed-Protocol = PPP                                              #
#   7               = 1     (integer encoding)                         #
#                                                                      #
########################################################################
ATTRIBUTE       User-Name                       1       string
ATTRIBUTE       User-Password                   2       string
ATTRIBUTE       CHAP-Password                   3       string
ATTRIBUTE       NAS-IP-Address                  4       ipaddr
ATTRIBUTE       NAS-Port                        5       integer
ATTRIBUTE       Service-Type                    6       integer
ATTRIBUTE       Framed-Protocol                 7       integer
ATTRIBUTE       Framed-IP-Address               8       ipaddr
ATTRIBUTE       Framed-IP-Netmask               9       ipaddr
ATTRIBUTE       Framed-Routing                  10      integer
ATTRIBUTE       Filter-Id                       11      string
.
.
.

Note: Any attribute that is defined in the default.policy file or the default.auth file (or for a specific user_id.policy or user_id.auth file), must be a valid RADIUS attribute as defined in the local AIX dictionary configuration file. If an attribute is not found in the dictionary, the radiusd daemon does not load and an error message is logged.

Note: If the dictionary, the default.policy file and the default.auth file, for the system is modified, you must restart the RADIUS daemons by running the stopsrc command and the startsrc command or by using SMIT.