Manualshelf

User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerConnect W-6000
241242243244245246247248249250
244 | Authentication Servers Dell Networking W-Series ArubaOS 6.4.x| User Guide
to the authenticated client, you must configure a server derivation rule as shown in the following sections:
Using the WebUI
1. Navigate to the Configuration > Security > Authentication > Servers page.
2. Select Server Group to display the Server Group list.
3. Select the internal server group.
4. Under Server Rules, click New to add a server derivation rule.
a. For Condition, enter Role.
b. Select value-of from the drop-down list.
c. Select Set Role from the drop-down list.
d. Click Add.
5. Click Apply.
Using the CLI
(host)(config) #aaa server-group internal
set role condition Role value-of
Assigning Server Groups
You can create server groups for the following purposes:
l user authentication
l management authentication
l accounting
You can configure all types of servers for user and management authentication (see Table 44). Accounting is
only supported with RADIUS and TACACS+ servers when RADIUS or TACACS+ is used for authentication.
RADIUS TACACS+ LDAP Internal Database
User authentication Yes Yes Yes Yes
Management authentication Yes Yes Yes Yes
Accounting Yes Yes No No
Table 44: Server Types and Purposes
User Authentication
For information about assigning a server group for user authentication, refer to the Roles and Policies chapter
of the Dell Networking W-Series ArubaOS User Guide.
Management Authentication
Users who need to access the controller to monitor, manage, or configure the Dell user-centric network can be
authenticated with RADIUS, TACACS+, or LDAP servers or the internal database.
Only user record attributes are returned upon a successful authentication. Therefore, to derive a different
management role other than the default mgmt auth role, set the server derivation rule based on the user
attributes.