HP StorageWorks 8/80 HP StorageWorks Fabric OS 6.1.x administrator guide (5697 - Page 70
Managing Fabric OS users on the RADIUS server
View all HP StorageWorks 8/80 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 70 highlights
Table 13 Syntax for VSA-based account roles (continued) Item Value Description Vendor type Vendor length Attribute-specific data 1 1 octet, Brocade-Auth-Role; valid attributes for the Brocade-Auth-Role are: SwitchAdmin ZoneAdmin FabricAdmin BasicSwitchAdmin Operator User Admin 2 Optional: Specifies the Admin Domain member list. For more information, see "RADIUS configuration and Admin Domains" on page 71. Brocade-AVPairs1 3 Brocade-AVPairs2 4 Brocade-AVPairs3 5 Brocade-AVPairs4 2 or higher 1 octet, calculated by server, including vendor-type and vendor-length ASCII string Multiple octet, maximum 253, indicating the name of the assigned role and other supported attribute values such as Admin Domain member list. Managing Fabric OS users on the RADIUS server All existing Fabric OS mechanisms for managing local switch user accounts and passwords remain functional when the switch is configured to use the remote authentication dial-in user service (RADIUS). Changes made to the local switch database do not propagate to the RADIUS server, nor do the changes affect any account on the RADIUS server. Windows 2000 IAS For example, to configure a Windows 2000 internet authentication service (IAS) server to use VSA to pass the Admin role to the switch in the dial-in profile, the configuration specifies the Vendor code (1588), Vendor-assigned attribute number (1), and attribute value (admin), as shown in the following: 70 Managing user accounts