Configuring role-based authentication settings – HP Virtual Connect 4Gb Fibre Channel Module for c-Class BladeSystem User Manual
Page 157
Configuring the Virtual Connect domain using the CLI 157
To add LDAP directory groups:
>add ldap-group MyNewGroup description="This is my test group"
roles=domain,server,network
To remove LDAP directory groups:
>remove ldap-group MyGroup
To enable or disable local users:
>set ldap localusers=disabled
To display LDAP settings and directory groups:
>show ldap
>show ldap-group
Configuring RADIUS authentication support for users
To set RADIUS properties:
>set radius serveraddress=192.168.0.110 enabled=true serverkey=xyz1234
To add RADIUS groups:
>add radius-group MyNewGroup Description="Test Group" Roles=domain,server
To remove RADIUS groups:
>remove radius-group MyGroup
To display RADIUS settings and groups:
>show radius
>show radius-group
IMPORTANT:
The RADIUS or TACACS+ server must be set up on a host machine on the
management network and configured with users and VC attributes. For more information, see the
HP Virtual Connect for c-Class BladeSystem User Guide on the Installing tab of the HP
BladeSystem Technical Resources website
Configuring TACACS+ authentication support for users
To set TACACS+ properties:
>set tacacs serveraddress=192.168.0.110 enabled=true serverkey=xyz1234
To display TACACS+ settings:
>show tacacs
IMPORTANT:
The RADIUS or TACACS+ server must be set up on a host machine on the
management network and configured with users and VC attributes. For more information, see the
HP Virtual Connect for c-Class BladeSystem User Guide on the Installing tab of the HP
BladeSystem Technical Resources website
Configuring role-based authentication settings
To set the authentication order:
>set role domain Order=ldap,radius,tacacs
To display the authentication order: