Brocade Fabric OS Command Reference Manual Supporting Fabric OS v7.0.0 (April 2011)

ManualsBrandsHP ManualsStorageHP StorageWorks Director 2/64

8 Fabric OS Command Reference

53-1001764-01

aaaConfig

"radius;local"

Enables the current RADIUS configuration as the primary AAA service and the

switch-local database as the secondary AAA service. If "radius" and "local" are

specified, and if the RADIUS servers are reachable and the user credentials are

correct, the user authentication succeeds. If the user provides credentials from the

switch database, the RADIUS authentication fails but login succeeds through the

switch database.

"ldap;local"

Enables the current LDAP configuration as the primary AAA service and the

switch-local database as the secondary AAA service. If "ldap" and "local" are

specified, and if the AD servers are reachable and the user credentials are

correct, the user authentication succeeds. If the user provides credentials from the

switch database, AD authentication fails but login would still succeed through the

switch database.

-backup

For use with the "radius;local" and "ldap;local" options only. The backup option

states to try the secondary AAA service only if none of the primary AAA services

are available.

-nologout

If -nologout is not specified, a change in the authentication mechanism may

result in the termination of existing sessions. All existing sessions are terminated if

the new authentication mechanism is one of the following: RADIUS only, LDAP

only, or Local. If -nologout is specified, there will be no effect on the existing

sessions regardless of the chosen authentication mechanism.

--help

Displays the command usage.

EXAMPLES To display the current RADIUS configuration:

switch:admin> aaaconfig --show

RADIUS CONFIGURATIONS

=====================

Position Server Port Secret Timeout(s) Auth-Protocol

1 192.168.233.48 1812 sharedsecret 3 CHAP

2 192.168.233.44 1812 sharedsecret 3 CHAP

3 radserver 1812 private 5 CHAP

LDAP CONFIGURATIONS

===================

LDAP configuration does not exist.

Primary AAA Service: Switch database

Secondary AAA Service: None

To move the RADIUS server "radserver" from position 3 to position 1:

switch:admin> aaaconfig --move radserver -conf radius 1

To configure the RADIUS server 192.168.233.48 as an LDAP server:

switch:admin> aaaconfig --change 192.168.233.48 \

-conf ldap -p 3002 -s newsecret -t 1

To add an AD/LDAP server to the configuration:

switch:admin> aaaconfig --add 194.72.68.335 \

-conf ldap -p 3002 -d brocade.com -t 1