HP StorageWorks 8/80 HP StorageWorks Fabric OS 6.2 administrator guide (5697-0 - Page 86
Fabric OS users on the RADIUS server
View all HP StorageWorks 8/80 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 86 highlights
Table 14 Syntax for VSA-based account roles (continued) Item Value Description Vendor length Attribute-specific data 2 or higher 1 octet, calculated by server, including vendor-type and vendor-length ASCII string Multiple octets, maximum 253, indicating the name of the assigned role and other supported attribute values such as Admin Domain member list. Fabric OS users on the RADIUS server All existing Fabric OS mechanisms for managing local switch user accounts and passwords remain functional when the switch is configured to use RADIUS. Changes made to the local switch database do not propagate to the RADIUS server, nor do the changes affect any account on the RADIUS server. Windows 2000 IAS For example, to configure a Windows 2000 internet authentication service (IAS) server to use VSA to pass the Admin role to the switch in the dial-in profile, the configuration specifies the Vendor code (1588), Vendor-assigned attribute number (1), and attribute value (admin), as shown in Figure 1. Figure 1 Windows 2000 VSA configuration Linux FreeRadius server For the configuration on a Linux FreeRadius server, define the following in a vendor dictionary file called dictionary.brocade. Include the values outlined in Table 15. Table 15 Dictionary.brocade file entries Include Key Value VENDOR Brocade 1588 ATTRIBUTE Brocade-Auth-Role Brocade-AVPairs1, 2, 3, 4 Brocade-Passwd-ExpiryDate Brocade-Passwd-WarnPeriod 1 string Brocade 2, 3, 4, 5 string Admin Domain or Virtual Fabric member list 6 string MM/DD/YYYY in UTC 7 integer in days 86 Managing user accounts