HP StorageWorks 4/64 Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000 - Page 31
Fabric OS Commands, aaaConfig
View all HP StorageWorks 4/64 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 31 highlights
Fabric OS Commands Chapter 2 aaaConfig Synopsis Description Notes Manages RADIUS and LDAP configuration information. aaaconfig aaaconfig --show aaaconfig --add | --change server -conf radius|ldap [-p port] [-d domain][-t timeout] [-s secret] [-a chap | pap | peap-mschapv2] aaaconfig --remove server -conf radius|ldap aaaconfig --move server -conf radius|ldap to_position aaaconfig --authspec aaa1[;aaa2 [-backup] aaaconfig --help Use this command to manage the RADIUS and LDAP server configuration for the authentication, authorization and accounting (AAA) services. Use this command to display, add, remove, change, enable or disable RADIUS/LDAP configuration. Switches running Fabric OS v5.2 or later use a local as well as a remote authentication mechanism for validating a login name. Supported authentication protocols include Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP) and, for switches running Fabric OS v5.3.0 or later, Protected Extensible Authentication Protocol (PEAP). In addition, Fabric OS v6.0 provides support for Light-weight Directory Access Protocol (LDAP) authentication against Active Directory for user authentication and authorization. RADIUS/LDAP servers are contacted in the order they appear in the configuration list. The first server returning authentication success or failure causes the authentication request to succeed or fail. If no response is received within the specified timeout, the next RADIUS/LDAP server in the list is contacted. An event entry logs if all RADIUS/LDAP servers fail to respond. When the command succeeds, it triggers an event log (Fabric OS error log) to indicate a server is added, removed, or modified. Refer to the Fabric OS Message Reference manual for specific details. Configuration changes are persistently saved and take effect with the next AAA request. The configuration applies to all switch instances in a platform supporting multiple switch domains. Customers can use centralized RADIUS servers to manage AAA services for a switch, as defined in RFC 2865. Fabric OS v6.1.0 or later is required to configure LDAP while in FIPS mode. Refer to the Fabric OS Administrator's Guide for configuration procedures. This command can be executed when logged in through the console, Telnet or SSH connection. Fabric OS Command Reference 5 53-1000599-02