Reference Guide
Brocade Fabric OS Command Reference 9
53-1004112-02
aaaConfig
"tacacs+;local"
Enables the current TACACS+ configuration as the primary AAA service and the
switch-local database as the secondary AAA service. If "tacacs+" and "local" are specified,
and if the AD servers are reachable and the user credentials are correct, the user
authentication succeeds. If the user provides credentials from the switch database, AD
authentication fails but login would still succeed through the switch database.
-backup
For use with the "radius;local", "ldap;local", and "tacacs+;local" options only. The backup
option states to try the secondary AAA service only if none of the primary AAA services are
available.
-nologout
If -nologout is not specified, a change in the authentication mechanism may result in the
termination of existing sessions. All existing sessions are terminated if the new
authentication mechanism is one of the following: RADIUS only, LDAP only, TACACS+
only, or Local. If -nologout is specified, there will be no effect on the existing sessions
regardless of the chosen authentication mechanism.
--help
Displays the command usage.
Examples To display the current RADIUS, LDAP, and TACACS+ configurations:
switch:admin> aaaconfig --show
RADIUS CONFIGURATIONS
=====================
Position Server Port Timeout(s) Auth-Protocol
1 192.168.233.48 1812 3 CHAP
2 192.168.233.44 1812 3 CHAP
3 radserver 1812 5 CHAP
LDAP CONFIGURATIONS
===================
LDAP configuration does not exist.
TACACS+ CONFIGURATIONS
=====================
TACACS+ configuration does not exist.
Primary AAA Service: Switch database
Secondary AAA Service: None
To move the RADIUS server "radserver" from position 3 to position 1:
switch:admin> aaaconfig --move radserver -conf radius 1
To configure the RADIUS server 192.168.233.48 as an LDAP server:
switch:admin> aaaconfig --change 192.168.233.48 \
-conf ldap -p 3002 -s newsecret -t 1