System information

ManualsBrandsD-Link ManualsComputer equipmentDWS-1008

131

132

133

134

135

136

137

138

139

140

134

DWS-1008 CLI Reference Guide

D-Link Systems, Inc.

AAA Commands

set authentication console (continued)

method1 At least one of up to four methods that MSS uses to process accounting

method2 records. Specify one or more of the following methods in priority order. If

method3 the ﬁrst method does not succeed, MSS tries the second method, and

method4 so on. A method can be one of the following:

• local - Stores accounting records in the local database on the

switch. When the local accounting storage space is full, MSS

overwrites older records with new ones.

• server-group-name - Stores accounting records on one or

more Remote Authentication Dial-In User Service (RADIUS)

servers. You can also enter the names of existing RADIUS

server groups as methods.

• none - For users with administrative access only, MSS

performs no authentication, but prompts for a username and

password and accepts any combination of entries, including

blanks.

Note: The authentication method none you can specify for administrative

access is different from the fallthru authentication type none, which

applies only to network access. The authentication method none allows

access to the switch by an administrator. The fallthru authentication type

none denies access to a network user.

Defaults: By default, authentication is deactivated for all console users, and the default

authentication method in a console authentication rule is none. MSS requires no

username or password, by default. These users can press Enter at the prompts for

administrative access.

Note: D-Link recommends that you change the default setting unless the switch is in a secure

physical location.

Access: Enabled

Usage: You can conﬁgure different authentication methods for different groups of users. If you

specify multiple authentication methods in the set authentication console command,

MSS applies them in the order in which they appear in the command, with these

results:

• If the ﬁrst method responds with pass or fail, the evaluation is ﬁnal.

• If the ﬁrst method does not respond, MSS tries the second method, and so

on.

• However, if local appears ﬁrst, followed by a RADIUS server group, MSS

ignores any failed searches in the local database and sends an

authentication request to the RADIUS server group.

Examples: To set the console port so that it does not enforce username-password

authentication for administrators, type the following command:

DWS-1008# set authentication console * none

success: change accepted.