Manualshelf

White Papers

ManualsBrandsDell ManualsConverged InfrastructureStorage Solution Resources
38394041424344454647
Using Windows Active Directory For Account Authentication to PS Series Groups 39
APPENDIX B: CONFIGURING RADIUS ON THE PS SERIES GROUP USING CLI
To configure the PS Series group using the command-line interface log in to the
Command Line Interface for the group using the group IP address and a group
administrator account, such as grpadmin.
Enter the following command to enable RADIUS logins:
grpparams login-radius-auth enable
Enter the following command to add the IP address of the RADIUS server (or servers),
separated by commas and no spaces. The servers will be consulted in the order they
are listed.
grpparams radius-auth-list 123.45.6.789,234.5.67.89
Enter the following command to add the password (secret) you configured in
Overview of Steps
grpparams radius-auth-secrets secret
Optionally, enter the following command to disable the requirement for the EQL-
Admin RADIUS return attribute. Disabling this requirement treats every user who
attempts to log in as though they have group administration permission; effectively,
this allows unrestricted logins from all users in the RADIUS database to the PS Series
group (and is not recommended).
grpparams login-radius-attr disable
Optionally, enter the following command to increase the timeout interval for login
attempts through the RADIUS server. The default is 2 seconds. Increase the timeout
interval if you are having performance issues with login requests.
grpparams radius-auth-timeout 5
Optionally, enter the following command to increase the allowed number of login
retries before blocking the user from logging in again interval for login attempts
through the RADIUS server. The default is 2 seconds. Increase the timeout interval if
you are having performance issues with login requests.
grpparams radius-auth-retries 3
Optionally, verify your RADIUS settings by running the following command and
checking the output:
grpparams show
.
.
.
__________________ Radius Information _______________________
radius-auth-list: login-radius-auth: enabled
radius-auth-retries: 3 radius-auth-timeout: 5secs
login-radius-acct: disabled radius-acct-retries: 1
radius-acct-timeout: 2secs iscsi-radius-auth: disabled
iscsi-local-auth: enabled radius-acct-list:
login-radius-attr: enabled radius-auth-secrets:
radius-acct-secrets: