Brocade Network Advisor SAN User Manual v12.1.0 User Manual

Page 382

Advertising
background image

332

Brocade Network Advisor SAN User Manual

53-1002948-01

AAA Settings tab

11

If you configure the external LDAP server as the primary authentication server, make the
following preparations first:

Make sure that the external LDAP server and its user accounts have been properly
configured (refer to

“Creating an AD user account”

on page 158). For example, you must

define roles and areas of responsibility (AOR) in the external server to match the
Management application roles and AOR.

Make sure to configure the custom attributes “NmRoles” and “NmAors” on the LDAP
server (refer to

“Configuring roles and AORs on the external LDAP server”

on page 159).

NmRoles defines the Management application user roles (such as Host Administrator, IP
System Administrator, Network Administrator, Operator, Report User Group, SAN System
Administrator, Security Administrator, Security Officer, and Zone Administrator). NmAors
defines the areas of responsibility (such as, All Fabrics, All IP Products).

3. Add or edit a LDAP server by referring to

“Configuring an LDAP server”

on page 333.

The LDAP Servers and Sequence table displays the following information:

Network Address — The network address of the LDAP server.

Authentication Type — The authentication type (such as, CHAP).

Security — Whether or not security is enabled.

TCP Port — The TCP port number of the LDAP server.

TimeOut (Sec) — The timeout value in seconds specified when sending an authentication
request to the server. Default is 3.

Attempts — The number of attempts made to reach a server before determining it is
unreachable. Default is 3.

4. Rearrange the LDAP servers in the table by selecting a server and click the Up or Down button

to move it.

5. Delete a LDAP server by selecting the server and click Delete.

6. Test the established active connection with the LDAP server by clicking Test.

The Test Authentication dialog box displays.

7. Enter your user name and password and click OK.

Test attempts to contact the LDAP server by issuing a ping command and verifies the following:

Verifies connections to the LDAP Server

Verifies authentication with the LDAP Server

Verifies user privileges on the Local database

8. Set secondary authentication by selecting one of the following options from the Secondary

Authentication list:

Local Database

None

9. Set the fall back condition to secondary authentication by selecting one of the following

options from the Switch to secondary authentication when list:

LDAP Servers Not Reachable

LDAP Authentication Failed

User Not Found in LDAP

Advertising
Popular Brands
Popular manuals