Setting up ldap for fips mode – Dell POWEREDGE M1000E User Manual

Page 619

Advertising
background image

Fabric OS Administrator’s Guide

619

53-1002745-02

FIPS mode configuration

B

Setting up LDAP for FIPS mode

1. Log in to the switch using an account with admin or securityadmin permissions, or an account

with OM permissions for the RADIUS and switch configuration RBAC classes of commands.

2. Enter the dnsConfig command to configure the DNS on the switch.

Example of setting the DNS

switch:admin> dnsconfig

Enter option
1 Display Domain Name Service (DNS) configuration
2 Set DNS configuration
3 Remove DNS configuration
4 Quit
Select an item: (1..4) [4] 2

Enter Domain Name: [] domain.com
Enter Name Server IP address in dot notation: [] 123.123.123.123
Enter Name Server IP address in dot notation: [] 123.123.123.124
DNS parameters saved successfully

Enter option
1 Display Domain Name Service (DNS) configuration
2 Set DNS configuration
3 Remove DNS configuration
4 Quit
Select an item: (1..4) [4] 4

Specify the DNS IP address using either IPv4 or IPv6. This address is needed for the switch to
resolve the domain name to the IP address because LDAP initiates a TCP session to connect to
your Microsoft Active Directory server. A Fully Qualified Domain Name (FQDN) is needed to
validate the server identity as mentioned in the common name of the server certificate.

3. Set the switch authentication mode and add your LDAP server by using the commands shown

in the following example. Provide the Fully Qualified Domain Name (FQDN) of the Microsoft
Active Directory server for the host name parameter while configuring LDAP.

Example of setting up LDAP for FIPS mode

switch:admin> aaaconfig --add GEOFF5.ADLDAP.LOCAL -conf ldap -d adldap.local
-p 389 -t 3
switch:admin> aaaconfig --authspec "ldap;local"
switch:admin> aaaconfig –show
RADIUS CONFIGURATIONS
=====================
RADIUS configuration does not exist.

LDAP CONFIGURATIONS
===================

Position : 1
Server : GEOFF5.ADLDAP.LOCAL
Port : 389
Domain : adldap.local
Timeout(s) : 3

Primary AAA Service: LDAP
Secondary AAA Service: Switch database

Advertising
Popular Brands
Popular manuals