Support User Manuals

Brocade Communications Systems 53-1002745-02 Marine Radio User Manual

Open as PDF

of 666

Fabric OS Administrator’s Guide 149

53-1002745-02

Remote authentication

5

The passwd command applies only to the boot PROM password when it is entered from the

boot interface.

8. Enter the boot PROM password at the prompt, and then re-enter it when prompted.

The password must be eight alphanumeric characters (any additional characters are not

recorded). Record this password for future use.

9. Enter the saveEnv command to save the new password.

10. Reboot the standby CP blade by entering the reset command.

11. Connect to the active CP blade by serial or Telnet and enter the haEnable command to restore

high availability, and then fail over the active CP blade by entering the haFailover command.

Traffic resumes flowing through the newly active CP blade after it has completed rebooting.

12. Connect the serial cable to the serial port on the new standby CP blade (previously the active

CP blade).

13. Repeat step 3 through step 10 for the new standby CP blade.

14. Connect to the active CP blade over a serial or Telnet connection and enter the haEnable

command to restore high availability.

NOTE

To recover lost passwords refer to the Fabric OS Troubleshooting and Diagnostics Guide.

Remote authentication

Fabric OS supports user authentication through the local user database or one of the following

external authentication services:

• Remote authentication dial-in user service (RADIUS)

• Lightweight directory access protocol (LDAP) using Microsoft Active Directory in Windows or

OpenLDAP in Linux.

• Terminal Access Controller Access-Control System Plus (TACACS+)

Remote Authentication Configuration

A switch can be configured to try one of the supported remote authentication services (RADIUS,

LDAP, or TACACS+) and local switch authentication. The switch can also be configured to use only a

remote authentication service, or only local switch authentication.

Client/server model

When configured to use one of the supported remote authentication services, the switch acts as a

network access server (NAS) and RADIUS, LDAP, or TACACS+ client. The switch sends all

authentication, authorization, and accounting (AAA) service requests to the authentication server.

The authentication server receives the request, validates the request, and sends its response back

to the switch.

previous next