Manualshelf

Brocade OS Command Reference Manual Supporting Fabric OS v6.0.0 (53-1000599-01, October 2007)

ManualsBrandsHP ManualsStorageHP StorageWorks Multiprotocol Base 8-port Router
31323334353637383940
Fabric OS Command Reference 5
53-1000599-01
Chapter
2
Fabric OS Commands
aaaConfig
Manages RADIUS and LDAP configuration information.
Synopsis aaaconfig
aaaconfig --show
aaaconfig --add | --change server -conf radius|ldap [-p port] [-d domain][-t timeout] [-s secret]
[-a chap | pap | peap-mschapv2]
aaaconfig --remove server -conf radius|ldap
aaaconfig --move server -conf radius|ldap to_position
aaaconfig --authspec aaa1[;aaa2 [-backup]
aaaconfig --help
Description Use this command to manage the RADIUS and LDAP server configuration for the authentication,
authorization and accounting (AAA) services. Use this command to display, add, remove, change,
enable or disable RADIUS/LDAP configuration.
Switches running Fabric OS v5.2 or above use a local as well as a remote authentication
mechanism for validating the user. Supported authentication protocols include Password
Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP) and, for
switches running Fabric OS v5.3.0 or above, Protected Extensible Authentication Protocol (PEAP). In
addition, Fabric OS v6.0 and above provides support for Light-weight Directory Access Protocol
(LDAP) authentication against Active Directory for user authentication and authorization.
RADIUS/LDAP servers are contacted in the order they appear in the configuration list. The first
server returning authentication success or failure will cause the authentication request to succeed
or fail. If no response is received within the specified timeout, the next RADIUS/LDAP server in the
list is contacted. An event entry logs if all RADIUS/LDAP servers fail to respond.
When the command succeeds, it triggers an event log (Fabric OS error log) to indicate a server is
added, removed, or modified. Refer to the Fabric OS Message Reference manual for specific
details.
Configuration changes are persistently saved and take effect with the next AAA request. The
configuration applies to all switch instances in a platform supporting multiple switch domains.
Notes Customers can use centralized RADIUS servers to manage AAA services for a switch, as defined in
RFC 2865.
This command can be executed when logged in through the console, telnet or SSH connection.
The execution of this command is subject to Admin Domain restrictions that may be in place.