|
|
When you install CiscoSecure Global Roaming Server (GRS), a grs.ini file is created that contains a list of the options you chose during installation. You can modify the grs.ini file by rerunning the installation program or by using any text editor.
Table B-1 contains a description of the grs.ini file parameters; the table is followed by a complete example grs.ini file.
| Section | Parameter | Explanation |
|---|---|---|
[Superd] | Section listing the parameters for the daemon grs_d. | |
| Kill Child When Quit = 1 | Indicates whether to kill monitored program(s) when quitting CiscoSecure GRS. 1=kill, 0=do not kill. |
[ToBeMonitored] | Section containing a list of programs to be monitored. 1=yes, 0=no. | |
| GRS = 1 | CiscoSecure GRS is monitored, so this section listing monitoring parameters is required. |
[GRS] |
| Monitoring parameters for monitored programs. |
| Auto Restart = 5 | Number of restarts after unexpected termination. The default is 5. |
| Work Directory = /opt/CSCOgrs Program Name = /opt/CSCOgrs/bin/grs -x | Work and Program Name subdirectories. If a full path is not specified, CiscoSecure GRS assumes that Program Name is a subdirectory of the Work directory. |
| Email Recipient = mary@corporation.com | Message is sent to the specified recipient after an unexpected shutdown. If no recipient is specified, no e-mail is sent. |
| Fatal Error Code = -2, -3, -4 | List of exit codes after which grs_d will not auto-restart the program. |
[General] | Section for keys that are globally applicable. | |
| WebMonitorAccessList | Section is for specifying the IP address or host name of the systems that are allowed to access the dynamic information of the application; for example: WebMonitorAccessList= systemname, 111.11.1.1, mysystem.cisco.com |
| RadiusAuthenMonitorPort = 2045 | Port that CiscoSecure GRS monitors for RADIUS1 authentication. Note CiscoSecure GRS monitors several sets of ports for communication: one for TACACS+2, two for RADIUS, and one for dynamic statistics. The keys are set in the [General] section of the grs.ini file. |
| RadiusAcctMonitorPort=2046 | Port that CiscoSecure GRS monitors for RADIUS accounting. |
| TacacsMonitorPort=1024 | Port that CiscoSecure GRS monitors for TACACS+ AAA3. |
| WebMonitorPort=1025 EnableWeb=y | Port that CiscoSecure GRS monitors for dynamic statistics and whether monitoring via a web browser is enabled. The default is y. |
| PartialDomainMatch=1 | Enables partial domain matching. 0=disabled; 1=enabled. The default is 1. |
| SuffixDelimiters=-@ | Characters used to indicate suffixes. |
| PrefixDelimiters=\/! | Characters used to indicate prefixes. |
| SubDomainDelimiters=% | Characters used to indicate subdomains. |
| DebugLevel=None | Amount of information to provide for debugging and troubleshooting. See the "Properties General Tab" section for more information. The default is None. |
| ProcessSuffixFirst=1 | Default is 1. |
| UnknownDomain2Local=0 | Forward packets of unknown domain to local ACS option. Default is 0. |
| DataMonitorRefreshRate=5 | Update rate in milliseconds for DataMonitor to refresh the list of sockets to monitor. Default is 5. |
| CallbacktableSize=1000 MaintenceInterval=1 | Size of the callback table and how often it is maintained. |
[Database] | Section heading for the data store keys. | |
| dbServer = oracle or dbServer = NONE | Name of the data store: |
| dbUserName = secret | Name of the data store account that CiscoSecure GRS connects with. This user needs read permission to run CiscoSecure GRS and write permission to run the data store utilities. For flatfile, use N/A. |
| dbPassword = secret | Password for dbUserName. For flatfile, use N/A. |
| ORACLE_HOME = /export/home/oracle/7.3.4 | Directory in which Oracle software is installed. |
| dbReloadIntervalMinutes = 10 | Interval used by CiscoSecure GRS to automatically reload updated data store records. The default |
| dbTimeOut = 10 | Specifies the time (in seconds) that the data store utilities wait for a data store client/server operation. The default is 10. |
[GUI] | Heading for the GUI5 information section. | |
| GuiPrintCmd=lp | Command used to print from the GUI. |
| GuiBrowserCmd=netscape | Command used to invoke the web browser, if browser access is enabled. |
The following is an example of a grs.ini file:
# Please make sure that all comments start on a FRESH line using a # character. # The # character should be the first character in the line. # # CiscoSecure Global Roaming Service - Configuration File # [Superd] #whether to kill monitored program if being killed KillChildWhenQuit = 1 # List of programs to be monitored, 1 if yes, 0 if no. # Must be the name of sections [ToBeMonitored] GRS = 1 [GRS] AutoRestart=5 WorkDirectory = /opt/CSCOgrs ProgramName = /opt/CSCOgrs/bin/grs -x EmailRecipient=mary@corporation.com FatalErrorCode = -2, -3, -4 [General] WebMonitorAccessList=sparc1, sparc2, 10.2.1.1 # # These are the ports that grs monitors for incoming # connections. # RadiusAuthenMonitorPort=2045 RadiusAcctMonitorPort=2046 TacacsMonitorPort=1024 # This is the port used by GRS to report runtime statistics WebMonitorPort=1025 EnableWeb=y PartialDomainMatch=1 SuffixDelimiters=-@ PrefixDelimiters=\/! SubDomainDelimiters=% # DebugLevel=None [Database] dbServer = oracle1 dbUserName = secret dbPassword = secret ORACLE_HOME = /export/home/oracle/7.3.4 dbReloadIntervalMinutes=10 dbTimeOut = 10 [GUI] GuiPrintCmd=lp GuiBrowserCmd=netscape
To enable partial domain matching, enter the following line in the grs.ini file:
PartialDomainMatch = 1
To disable partial domain matching, enter the following line in the grs.ini file:
PartialDomainMatch = 0
Posted: Wed Feb 24 12:09:51 PST 1999
Copyright 1989-1999©Cisco Systems Inc.