Dell POWEREDGE M1000E User Manual

Page 173

Advertising
background image

Fabric OS Administrator’s Guide

173

53-1002745-02

Remote authentication

5

Configuring Admin Domain lists

If your network uses Admin Domains, you should create Admin Domain lists for each user to
identify the Admin Domains to which the user has access.

Assign the following key-value pairs to the brcd-AV--Pair1 and, optionally, brcd-AV-Pair2 attributes to
grant the account access to the Admin Domains:

HomeAD is the designated home Admin Domain for the account. The valid range of values is
from 0 through 255. The first valid HomeAD key-value pair is accepted by the switch, and any
additional HomeAD key-value pairs are ignored.

ADList is a comma-separated list of Administrative Domain numbers to which this account is a
member. Valid numbers range from 0 through 255. A dash between two numbers specifies a
range.

The following example sets the home Admin Domain for the fosuser4 account to 255 and grants
the account access to Admin Domains 1, 2, 3, and 200 through 255.

user = fosuser4 {

pap = clear "password"

chap = clear "password"
password = clear "password"
service = shell {

set brcd-role = securityAdmin

set brcd-AV-Pair1 = "homeAD=255;ADList=1,2,3";
set brcd-AV-Pair2 = “ADList=200-255”;

}

}

Configuring Virtual Fabric lists

If your network uses Virtual Fabrics, you should create Virtual Fabric lists for each user to identify
the Virtual Fabrics to which the account has access.

Assign the following key-value pairs to the brcd-AV--Pair1 and, optionally, brcd-AV-Pair2 attributes to
grant access to the Virtual Fabrics:

HomeLF is the designated home Virtual Fabric for the account. The valid values are from 1
through 128 and chassis context. The first valid HomeLF key-value pair is accepted by the
switch. Additional HomeLF key-value pairs are ignored.

LFRoleList is a comma-separated list of Virtual Fabric ID numbers to which this account is a
member, and specifies the role the account has on those Virtual Fabrics. Valid numbers range
from 1 through 128. A dash between two numbers specifies a range.

The following example sets the home Virtual Fabric for the userVF account to 30 and allows the
account admin role access to Virtual Fabrics 1, 2, 3, and 4 and securityAdmin access to Virtual
Fabrics 5 and 6.

user = userVF {
pap = clear “password”
service = shell {

set brcd-role = zoneAdmin
set brcd-AV-Pair1 = “homeLF=30;LFRoleList=admin:1,3,4;securityAdmin:5,6”
set brcd-AV-Pair2 = “chassisRole=admin”

}

}

Advertising
Popular Brands
Popular manuals