Fabric os users on the radius server, Windows 2000 ias, Figure 10 – Dell POWEREDGE M1000E User Manual

154

Fabric OS Administrator’s Guide

53-1002745-02

Remote authentication

5

Fabric OS users on the RADIUS server

All existing Fabric OS mechanisms for managing local-switch user accounts and passwords remain
functional when the switch is configured to use RADIUS. Changes made to the local switch
database do not propagate to the RADIUS server, nor do the changes affect any account on the
RADIUS server.

Windows 2000 IAS

To configure a Windows 2000 internet authentication service (IAS) server to use VSA to pass the
admin role to the switch in the dial-in profile, the configuration specifies the Vendor code (1588),
Vendor-assigned attribute number (1), and attribute value (admin), as shown in

Figure 10

.

FIGURE 10

Windows 2000 VSA configuration

Linux FreeRADIUS server

For the configuration on a Linux FreeRADIUS server, define the

values outlined in

Table 19

in a vendor dictionary file called dictionary.brocade.

After you have completed the dictionary file, define the permissions for the user in a configuration
file. For example, to grant the user jsmith admin permissions, you would add the following
statement to the configuration file:

swladmin Auth-Type := Local, User-Password == "myPassword"
Brocade-Auth-Role = "admin",
Brocade-AVPairs1 = "HomeLF=70",

TABLE 19

Entries in dictionary.brocade file

Include

Key

Value

VENDOR

Brocade

1588

ATTRIBUTE

Brocade-Auth-Role

1 string Brocade

Brocade-AVPairs1, 2, 3, 4

2, 3, 4, 5 string
Admin Domain or Virtual Fabric member list

Brocade-Passwd-ExpiryDate

6 string MM/DD/YYYY in UTC

Brocade-Passwd-WarnPeriod

7 integer in days