Configuring ldap, radius, and tacacs, Minimum requirements, Ldap server settings (ldap server) screen – HP Virtual Connect 8Gb 24-port Fibre Channel Module for c-Class BladeSystem User Manual

Virtual Connect users and roles 65

Configuring LDAP, RADIUS, and TACACS+

For local user authentication, a user is added using the VCM CLI or GUI. During login, the VCM performs the

user authentication.
For LDAP authentication, the VCM contacts and external LDAP server on which user accounts have been set
up. During login, VCM sends an authentication request to the server and waits for a login accept or login

reject response from the server.
RADIUS and TACACS+ provide remote user authentication. At login, an external RADIUS or TACACS+

server is contacted by the VCM to authenticate the user login.
During login through the VCM CLI or GUI, the user can specify any one of the following, along with the login
name:

•

LOCAL\<user> OR local\<user>

•

LDAP\<user> OR ldap\<user>

•

RADIUS\<user> OR radius\<user>

•

TACACS\<user> OR tacacs\<user>

Observe the following:

•

The separator character used is backslash "\".

•

The mechanism names local, ldap, radius and tacacs are not case-sensitive.

•

Only the specified mechanism is attempted in the above cases. If <user> is not configured for that

mechanism, then the login fails. VCM does not attempt any other mechanisms for login authentication.

If no mechanism is specified during login (only <user> is given), default login is exercised, as in existing VC

implementations.

Minimum requirements

The RADIUS or TACACS+ server must be set up on a host machine on the management network and

configured with users and VC attributes.

LDAP Server Settings (LDAP Server) screen

This screen enables Administrators to set up an LDAP server to authenticate users accessing the CLI or GUI
based on user name, password, and role.

NOTE:

A user authenticated through LDAP cannot change the LDAP settings, even if the user has

domain privileges.