User Guide

242 Chapter 6 Configuring authentication

320818-A

To configure the current authentication scheme to retrieve user group information

from a different authentication scheme, use the following command:

/cfg/domain 1/aaa/auth #/adv

The Advanced menu displays.

The Advanced menu includes the following options:

Configuring RADIUS authentication using the CLI

To configure the Nortel SNAS 4050 domain to use an external RADIUS server for

authentication, use the following command:

/cfg/domain 1/aaa/auth <auth ID>

where auth ID is an integer in the range 1 to 63 that uniquely identifies the

authentication method in the Nortel SNAS 4050 domain. If you do not specify the

auth ID in the command, you are prompted for it.

When you first create the method for the domain, you must enter the

authentication ID. After you have created the method and defined a name for it,

you can use either the ID or the name to access the method for configuration.

/cfg/domain 1/aaa/auth #/adv

followed by:

groupauth <auth IDs>

Specifies one or more preconfigured LDAP or Local

database authentication schemes (not including the

current one) that will be used to retrieve the user’s

group information after the user has been

authenticated.

To specify more than one authentication method to use

for authorization, enter the auth IDs separated by a

comma (,).

secondauth <auth ID>

Specifies a second authentication service to be used

after the first one succeeds. The feature supports

single sign-on to backend servers in cases where the

first authentication method is token based or uses

client certificate authentication.

Note: Not supported in Nortel Secure Network Access

Switch Software Release 1.0.