Setting the switch authentication mode, Fabric os user accounts – Dell POWEREDGE M1000E User Manual

Page 152

Advertising
background image

152

Fabric OS Administrator’s Guide

53-1002745-02

Remote authentication

5

Setting the switch authentication mode

1. Connect to the switch and log in using an account with admin permissions.

2. Enter the aaaConfig

--

authspec

command.

Fabric OS user accounts

RADIUS, LDAP, and TACACS+ servers allow you to set up user accounts by their true network-wide
identity rather than by the account names created on a Fabric OS switch. With each account name,
assign the appropriate switch access permissions. For LDAP servers, you can use the
ldapCfg

-–

maprole ldap_role name switch_role command to map LDAP server permissions.

--

authspec “ldap; local”

Authenticates management connections
against any LDAP databases first. If LDAP fails
for any reason, it then authenticates against
the local user database.

n/a

On

--

authspec “ldap; local” --backup

Authenticates management connections
against any LDAP databases first. If LDAP fails
for any reason, it then authenticates against
the local user database. The --backup option
states to try the secondary authentication
database only if the primary authentication
database is not available.

n/a

On

--

authspec “tacacs+”

Authenticates management connections
against any TACACS+ databases only. If
TACACS+ service is not available or the
credentials do not match, the login fails.

not
supported

not
supported

--

authspec “tacacs+; local”

Authenticates management connections
against any TACACS+ databases first. If
TACACS+ fails for any reason, it then
authenticates against the local user database.

not
supported

not
supported

--

authspec “tacacs+; local” --backup

Authenticates management connections
against any TACACS+ databases first. If
TACACS+ fails for any reason, it then
authenticates against the local user database.
The --backup option states to try the
secondary authentication database only if the
primary authentication database is not
available.

not
supported

not
supported

--

authspec -nologout

Prevents users from being logged out when
you change authentication. Default behavior is
to log users out when you change
authentication.

n/a

n/a

1.

Fabric OS v5.1.0 and earlier aaaConfig

--switchdb <on | off> setting.

TABLE 17

Authentication configuration options (Continued)

aaaConfig options

Description

Equivalent setting in
Fabric OS v5.1.0 and
earlier

--

radius

--

switchdb

1

Advertising
Popular Brands
Popular manuals