74
Managing user accounts
12.
In the Edit Dial-in Profile window, click the
Authentication
tab and check only the
Encrypted
Authentication (CHAP)
and
Unencrypted Authentication (PAP, SPAP)
checkboxes; then
click the
Advanced
tab and click
Add
.
13.
In the Add Attributes window, select
Vendor-Specific
and click
Add
.
14.
In the Multivalued Attribute Information window, click
Add
.
15.
In the Vendor-Specific Attribute Information window, click the
Enter Vendor Code
radio button and
enter the value
1588
. Click the
Yes. It conforms
radio button, and then click
Configure
Attribute...
.
16.
In the Configure VSA (RFC compliant) window, enter the following values and click
OK
.
Vendor-assigned attribute number—Enter the value
1
.
Attribute format—Enter
String
.
Attribute value—Enter the login role (Root, Admin, Factory, SwitchAdmin, or User) the user group must
use to log in to the switch.
17.
In the Multivalued Attribute Information window, click
OK
.
18.
In the Edit Dial-in Profile window, remove all additional parameters (except the one you just added,
“Vendor-Specific”) and click
OK
.
19.
In the Add Remote Access Policy window, click
Finish
.
20.
After returning to the Internet Authentication Service window, repeat steps 5 through 19 to add
additional policies for all login types you want to use the RADIUS server. After this is done, you can
configure the switch.
Configuring RADIUS servers on the switch
RADIUS configuration of the switch is controlled by the
aaaConfig
command.
NOTE:
On dual-CP switches (SAN Director 2/128 and 4/256 SAN Director), the switch sends its
RADIUS request using the IP address of the active CP. When adding clients, add both the active and
standby CP IP addresses so that users can still log in the event of a failover.
The following procedures show how to use the
aaaConfig
command to set up a switch for RADIUS
service.
RADIUS configuration is chassis-based configuration data. On platforms containing multiple switch
instances, the configuration applies to all instances. The configuration is persistent across
reboot
and
firmwareDownload
. On a chassis-based system, the command must replicate the configuration to the
standby CP.
Multiple login sessions can invoke the command simultaneously. The last session that applies the change
be the one whose configuration is in effect. This configuration is persistent after an HA failover.
Содержание AE370A - Brocade 4Gb SAN Switch 4/12
Страница 1: ...HP StorageWorks Fabric OS 5 2 x administrator guide Part number 5697 0014 Fifth edition May 2009 ...
Страница 18: ...18 ...
Страница 82: ...82 Managing user accounts ...
Страница 102: ...102 Configuring standard security features ...
Страница 126: ...126 Maintaining configurations ...
Страница 198: ...198 Routing traffic ...
Страница 238: ...238 Using the FC FC routing service ...
Страница 260: ...260 Administering FICON fabrics ...
Страница 280: ...280 Working with diagnostic features ...
Страница 332: ...332 Administering Extended Fabrics ...
Страница 414: ...398 Configuring the PID format ...
Страница 420: ...404 Configuring interoperability mode ...
Страница 426: ...410 Understanding legacy password behaviour ...
Страница 442: ...426 ...
Страница 444: ......
Страница 447: ......