Manualshelf

Reference Guide

ManualsBrandsDell ManualsAccess PlatformsBrocade G620
31323334353637383940
8 Brocade Fabric OS Command Reference
53-1004112-02
aaaConfig
--move server option
Moves the specified server from the current position in a RADIUS, LDAP, or TACACS+
configuration list to the specified position. If the specified position is the same as the current
position, no change takes place. Valid options include the following:
-conf radius | ldap | tacacs+
Specifies the server configuration as RADIUS, LDAP, or TACACS+. This operand is
required.
to_position
Specifies the new position for the server. The value for to_position is an integer, and must
be within the range of server positions in the current configuration. Use the --show option to
determine current server positions. This operand is required.
--authspec "aaa1[;aaa2" [-backup] [-nologout]
Replaces the configuration with the specified AAA service. Each service can be specified
only once in the list, for example, "radius; local; radius" is invalid. No edit option is provided.
The --authspec option takes as an argument a semicolon-separated list of AAA services.
Services must be enclosed in double quotation marks.
The following AAA services and service pairs are valid:
"local"
Default setting. Authenticates the user against the local database only. If the password does
not match or the user is not defined, the login fails.
"radius"
When "radius" is specified, the first RADIUS server is contacted. If the RADIUS server is not
reachable, the next RADIUS server is contacted. If the authentication fails, the authentication
process does not check for the next server in the sequence.
"ldap"
When "ldap" is specified, the first Active directory (AD) server is contacted. If the AD server
is not reachable, the next AD server is contacted. If the authentication fails, the
authentication process does not check for the next server in the sequence.
"tacacs+"
When "tacacs+" is specified, the first Active directory (AD) server is contacted. If the AD
server is not reachable, the next AD server is contacted. If the authentication fails, the
authentication process does not check for the next server in the sequence.
"radius;local"
Enables the current RADIUS configuration as the primary AAA service and the switch-local
database as the secondary AAA service. If "radius" and "local" are specified, and if the
RADIUS servers are reachable and the user credentials are correct, the user authentication
succeeds. If the user provides credentials from the switch database, the RADIUS
authentication fails but login succeeds through the switch database.
"ldap;local"
Enables the current LDAP configuration as the primary AAA service and the switch-local
database as the secondary AAA service. If "ldap" and "local" are specified, and if the AD
servers are reachable and the user credentials are correct, the user authentication succeeds.
If the user provides credentials from the switch database, AD authentication fails but login
would still succeed through the switch database.