Brocade Network Advisor SAN User Manual v12.3.0 User Manual

Page 494

Advertising
background image

442

Brocade Network Advisor SAN User Manual

53-1003154-01

AAA Settings tab

11

FIGURE 183

AAA Settings tab - CAC server

3. Set the authorization preference by selecting one of the following options from the

Authorization Preference list:

Local Database — Uses the AD server for authentication and the Management application
local database for authorization.

Primary Authentication Server — Uses the AD server for authentication and authorization.

If you select Primary Authentication Server or LDAP Authorization, CAC authentication uses the
same AD servers for authentication and authorization.

4. Enter the username for the Management application service account configured on the AD

server in the Username field.

5. Enter the password for the Management application service account configured on the AD

server in the Password and Confirm Password fields.

6. Enter the Kerberos SPN in the Kerberos Service Principal Name field.

The SPN name uses the following syntax: <Service_Name>/<Hostname>, where hostname is
the Management application server’s host name with domain name. For example:
NetworkManagementSPN/DCM-VNext-65.JCB.COM

7. Test the established active connection with the server by clicking Test.

The Test Authentication dialog box displays. Test performs the following functions and
verifications:

Obtains the Kerberos Ticket Granting Ticket (TGT) of the currently logged in user from
Windows cached credentials.

Sends the TGT to the AD server to which the Management application server is connected
and requests the session ticket for the SPN configured on AD server.

Kerberos encryptsthe session ticket with the credentials of the AD server user account
mapped to this SPN.

Logs on to the AD of the Management application server using the AD server
single-sign-on (SSO) service account.

Verifies the service ticket by decrypting it using AD server SSO service account credentials.

8. Click Apply to save the configuration.

To display the authentication audit trail, refer to

“Displaying the client authentication audit

trail”

on page 445.

9. Click Close to close the Server Management Console.

Advertising
Popular Brands
Popular manuals