Users Guide
125 | aaa server-group Dell Networking W-Series ArubaOS 6.4.x| User Guide
aaa server-group
aaa server-group <group>
allow-fail-through
auth-server <name> [match-authstring contains|equals|starts-with <string>] [match- fqdn
<string>] [position <number>] [trim-fqdn]
clone <group>
load-balance
no ...
set role|vlan condition <attribute> contains|ends-with|equals|not-equals|starts-with
<string> set-value <set-value-str> [position <number>]
Description
This command allows you to add a configured authentication server to an ordered list in a server group, and
configure server rules to derive a user role, VLAN ID or VLAN name from attributes returned by the server
during authentication.
Syntax
Parameter Description Default
<group>
Name that identifies the server group. The name must be
32 characters or less.
—
allow-fail-through
When this option is configured, an authentication failure
with the first server in the group causes the controller to
attempt authentication with the next server in the list. The
controller attempts authentication with each server in the
ordered list until either there is a successful
authentication or the list of servers in the group is
exhausted.
disabled
auth-server <name>
Name of a configured authentication server. —
match-authstring
This option associates the authentication server with a
match rule that the controller can compare with the
user/client information in the authentication request. With
this option, the user/client information in the
authentication request can be in any of the following
formats:
<domain>\<user>
<user>@<domain>
host/<pc-name>.<domain>
An authentication request is sent to the server only if
there is a match between the specified match rule and
the user/client information.You can configure multiple
match rules for an authentication server.
—
contains
contains: The rule matches if the user/client information
contains the specified string.
—