Ldap configuration and microsoft active directory, Figure 12, Examp – Dell POWEREDGE M1000E User Manual
Page 162
162
Fabric OS Administrator’s Guide
53-1002745-02
Remote authentication
5
FIGURE 12
Example of the dictiona.dcm file
d. When selecting items from the Add Return List Attribute, select Brocade-Auth-Role and
type the string Admin. The string will equal the role on the switch.
e. Add the Brocade profile.
f.
In RSA Authentication Manager, edit the user records that will be authenticating using RSA
SecurID.
LDAP configuration and Microsoft Active Directory
LDAP provides user authentication and authorization using the Microsoft Active Directory service or
using Open LDAP in conjunction with LDAP on the switch. This section discusses authentication
and authorization using Microsoft Active Directory. For information about authentication and
authorization using OpenLDAP, refer to
“LDAP configuration and OpenLDAP”
Two operational modes exists in LDAP authentication, FIPS mode and non-FIPS mode. This section
discusses LDAP authentication in non-FIPS mode. For more information on LDAP in FIPS mode,
refer to
Chapter 7, “Configuring Security Policies”
. The following are restrictions when using LDAP in
non-FIPS mode:
•
There is no password change through Active Directory.
•
There is no automatic migration of newly created users from the local switch database to
Active Directory. This is a manual process explained later.
•
Only IPv4 is supported for LDAP on Windows 2000 and LDAP on Windows Server 2003.
For LDAP on Windows Server 2008, both IPv4 and IPv6 are supported.
#######################################################################
# dictiona.dcm
#######################################################################
# Generic Radius
@radius.dct
#
# Specific Implementations (vendor specific)
#
@3comsw.dct
@aat.dct
@acc.dct
@accessbd.dct
@agere.dct
@agns.dct
@airespace.dct
@alcatel.dct
@altiga.dct
@annex.dct
@aptis.dct
@ascend.dct
@ascndvsa.dct
@axc.dct
@bandwagn.dct
@brocade.dct <-------