User Guide
268 Chapter 6 Configuring authentication
320818-A
Perform this step even if there is only one method defined on the Nortel
SNAS 4050.
To specify the authentication fallback order, use the following command:
/cfg/domain 1/aaa/authorder <auth ID>[,<auth ID>]
When prompted, enter the authentication method IDs in the order in which you
want the methods applied. Use a comma to separate the entries.
To view the currently configured authentication methods and their corresponding
authentication IDs, use the
/cfg/domain 1/aaa/cur command.
For example: You have configured Local database authentication under auth ID 1,
RADIUS authentication under auth ID 2, and LDAP authentication under
auth ID 3. You want the Nortel SNAS 4050 to check the local database first, then
send requests to the LDAP server, then to the RADIUS server. Figure 59 shows
the required command.
Figure 59
Authentication order command
Note: For best performance, set the authentication order so that the
method that supports the biggest proportion of users is applied first.
However, if you use the Nortel SNAS 4050 local database as one of the
authentication methods, Nortel recommends that you set the Local
method to be first in the authentication order. The Local method is
performed extremely fast, regardless of the number of users in the
database. Response times for the other methods depend on such factors
as current network load, server performance, and number of users in the
database.
>> Main# /cfg/domain 1/aaa/authorder
Current value: ""
Enter auth order (comma separated): 1,3,2
>> AAA# apply
Changes applied successfully.