Technical data
BLADE OS 5.1 Application Guide
30
Chapter 1: Accessing the Switch BMD00136, November 2009
RADIUS Attributes for G8000 User Privileges
When the user logs in, the switch authenticates his/her level of access by sending the RADIUS
access request, that is, the client authentication request, to the RADIUS authentication server.
If the remote user is successfully authenticated by the authentication server, the switch will verify
the privileges of the remote user and authorize the appropriate access. The administrator has an
option to allow secure backdoor access via Telnet/SSH/BBI. Secure backdoor provides switch
access when the RADIUS servers cannot be reached. You always can access the switch via the
console port, by using noradius and the administrator password, whether secure backdoor is
enabled or not.
Note – To obtain the RADIUS backdoor password for your G8000, contact Technical Support.
All user privileges, other than those assigned to the Administrator, have to be defined in the
RADIUS dictionary. RADIUS attribute 6 which is built into all RADIUS servers defines the
administrator. The file name of the dictionary is RADIUS vendor-dependent. The following
RADIUS attributes are defined for G8000 user privileges levels:
Operator The Operator manages all functions of the switch. The
Operator can reset ports.
oper
Administrator The super-user Administrator has complete access to all
commands, information, and configuration commands on the
switch, including the ability to change both the user and
operator passwords.
admin
Table 2 User Access Levels
User Account Description and Tasks Performed Password
Table 3 Blade OS-proprietary Attributes for RADIUS
User Name/Access User-Service-Type Value
User Vendor-supplied 255
Operator Vendor-supplied 252
Admin Vendor-supplied 6