Manualshelf

Deployment Guide

ManualsBrandsDell ManualsserversDell Brocade 5100
161162163164165166167168169170
Multiple login sessions can invoke the aaaConfig command simultaneously. The last session that
applies the change is the one whose configuration is in effect. This configuration is persistent after an
HA failover.
The authentication servers are contacted in the order they are listed, starting from the top of the list
and moving to the bottom.
Adding an authentication server to the switch configuration
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the aaaConfig --add command.
At least one authentication server must be configured before you can enable the RADIUS, LDAP, or
TACACS+ service.
If no RADIUS, LDAP, or TACACS+ configuration exists, turning on the authentication mode triggers
an error message. When the command succeeds, the event log indicates that the configuration is
enabled or disabled.
Enabling and disabling remote authentication
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the aaaConfig --authspec command to enable or disable RADIUS, LDAP, or TACACS+.
You must specify the type of service as one of RADIUS, LDAP, or TACACS+. Local is used for local
authentication if the user authentication fails on the authentication server.
Example for enabling RADIUS
switch:admin> aaaconfig --authspec "radius;local" -backup
Example for enabling LDAP
switch:admin> aaaconfig --authspec "ldap;local" -backup
Example for enabling TACACS+
switch:admin> aaaconfig --authspec "tacacs+;local" -backup
Deleting an authentication server from the configuration
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the aaaConfig --remove command.
When the command succeeds, the event log indicates that the server is removed.
Changing an authentication server configuration
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the aaaConfig --change command.
Changing the order in which authentication servers are contacted for service
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the aaaConfig --move command.
Adding an authentication server to the switch configuration
170 Fabric OS Administrators Guide
53-1003130-01