Brocade Network OS Command Reference v4.1.0 User Manual
Page 54
16
Network OS Command Reference
53-1003115-01
aaa authentication
2
Usage Guidelines
The authentication mode can only be set and cannot be added or deleted. For example, to change
a configuration from “radius local” to radius only, execute the no aaa authentication login
command to resets the configuration to the default mode, and then reconfigure the AAA mode
with the desired setting.
Beginning with Network OS v4.0.0, when the local option is specified as a secondary
authentication service, local authentication is tried only when the primary AAA authentication
service (TACACS+/Radius/LDAP) is either unreachable or not available. Local authentication will
not be attempted if the authentication with the primary service fails.
Examples
To change the AAA server to TACACS+ using the local switch database as a secondary source of
authentication:
switch(config)# aaa authentication login tacacs+ local
Broadcast message from root (pts/0) Tue Apr
5 16:34:12 2011...
To change the AAA server from TACACS+ and local to TACACS+ only (no secondary source):
switch(config)# no aaa authentication login tacacs+ local
switch(config)# aaa authentication login tacacs+
switch(config)# do show running-config aaa
aaa authentication login tacacs+
See Also