Manualshelf

Brocade Fabric OS Command Reference Manual (53-1000240-01, November 2006)

ManualsBrandsHP ManualsComputer AccessoriesHP SN8000B 4-slot Director Enterprise ICL E-LTU
31323334353637383940
2-2 Fabric OS Command Reference Manual
Publication Number: 53-1000240-01
aaaConfig
2
Note: Enter commands in lowercase only; mixed case is for readability.
aaaConfig
Manages RADIUS configuration information.
Synopsis aaaconfig [action][options]
Description Use this command to manage the RADIUS configuration for the authentication, authorization and
accounting (AAA) services. Use this command to display, add, remove, change, enable or disable
RADIUS configuration.
When the command completes, any new configuration is saved persistently. It is effective for the next
AAA request. The configuration applies to all switch instances in a platform supporting multiple switch
domains.
Customers can use centralized RADIUS servers to manage AAA services for a switch, as defined in RFC
2865.
When server is a required operand, it must be either an IP address or a name in dot notation. If a name is
used, DNS must be properly configured
N
ote
This command can be executed when logged in via console, telnet or SSH connection.
N
ote
The execution of this command is subject to Admin Domain restrictions that may be in place.
Operands This command has the following actions and associated options:
--show Displays the current AAA service configuration.
--add server [-p port][-s secret][-t timeout][-a chap | pap]
Add the specified server to the end of RADIUS configuration list, with port as the
RADIUS server port number, secret as the shared secret between the switch and
the RADIUS server, timeout as the response timeout for the RADIUS server, and
PAP or CHAP as the authentication protocol to be used. The server must be
different from the ones in the existing configuration.
--remove server Remove the specified server from the RADIUS configuration list. server must
match one in the existing configuration. To remove the last server, you must
disable RADIUS configuration first.
--change server [-p port][-s secret][-t timeout][-a chap | pap]
Change parameters for the specified server in the existing RADIUS configuration
list, with port as the RADIUS server port number, secret as the shared secret
between the switch and the RADIUS server, timeout as the response timeout for
the RADIUS server, and PAP or CHAP as the authentication protocol to be used.
The server must match one in the existing configuration.
--move server to_position
Move the specified server in the existing RADIUS configuration list from the
current position to the specified new position. This rearranges the order that the
specified RADIUS server is used.
--localonly Enable authentication via the switch-local database only. This is used to select the
switch-local database as the primary AAA service.