User Manual v12.3.0 Owner's manual

ManualsBrandsBrocade ManualsSoftwareNetwork Advisor IP

541

542

543

544

545

546

547

548

549

550

492 Brocade Network Advisor IP User Manual

53-1003153-01

AAA Settings tab

NOTE

You can add any number of LDAP servers to the configuration.

4. Rearrange the LDAP servers in the table by selecting a server and clicking the Up or Down

button to move it.

5. Delete a LDAP server by selecting the server and clicking Delete.

6. Test the established active connection with the LDAP server by clicking Test.

The Test Authentication dialog box displays.

7. Enter your user name and password and click OK.

Test attempts to contact the LDAP server by issuing a ping command and verifies the following:

• Verifies connections to the LDAP Server

• Verifies authentication with the LDAP Server

• Verifies user privileges on the Local database

8. Set secondary authentication by selecting one of the following options from the Secondary

Authentication list:

• Local Database

• None

9. Set the fall back condition to secondary authentication by selecting one of the following

options from the Switch to secondary authentication when list:

• LDAP Servers Not Reachable

• LDAP Authentication Failed

• User Not Found in LDAP

10. Set the authorization preference by selecting one of the following options from the

Authorization Preference list:

• Local Database

 Use the LDAP server for authentication and the Management application local

database for authorization.

 The user name in the local database must match the LDAP user name (password does

not need to match) and must have the appropriate roles and AORs. If the

Management application user name and LDAP user name do not match, create the

user and assign the respective roles and AORs (refer to “User Account Management”

on page 189).

• Primary Authentication Server

 Use the LDAP server for authentication and authorization.

 In the LDAP server, create new custom attributes (NmRoles & NmAors) in the AD

server and assign the appropriate Roles and AORs (refer to “Configuring roles and

AORs on the external LDAP server” on page 503).

If this user already exists in the local database, the roles and AORs are overwritten

with the new roles and AORs configured in the LDAP Server.