Filter
Top Products
154 Fabric OS Administrator’s Guide
53-1002745-02
Remote authentication
5
Fabric OS users on the RADIUS server
All existing Fabric OS mechanisms for managing local-switch user accounts and passwords remain
functional when the switch is configured to use RADIUS. Changes made to the local switch
database do not propagate to the RADIUS server, nor do the changes affect any account on the
RADIUS server.
Windows 2000 IAS
To configure a Windows 2000 internet authentication service (IAS) server to use VSA to pass the
admin role to the switch in the dial-in profile, the configuration specifies the Vendor code (1588),
Vendor-assigned attribute number (1), and attribute value (admin), as shown in Figure 10.
FIGURE 10 Windows 2000 VSA configuration
Linux FreeRADIUS server
For the configuration on a Linux FreeRADIUS server, define the
values outlined in Table 19 in a vendor dictionary file called dictionary.brocade.
After you have completed the dictionary file, define the permissions for the user in a configuration
file. For example, to grant the user jsmith admin permissions, you would add the following
statement to the configuration file:
swladmin Auth-Type := Local, User-Password == "myPassword"
Brocade-Auth-Role = "admin",
Brocade-AVPairs1 = "HomeLF=70",
TABLE 19 Entries in dictionary.brocade file
Include Key Value
VENDOR Brocade 1588
ATTRIBUTE Brocade-Auth-Role 1 string Brocade
Brocade-AVPairs1, 2, 3, 4 2, 3, 4, 5 string
Admin Domain or Virtual Fabric member list
Brocade-Passwd-ExpiryDate 6 string MM/DD/YYYY in UTC
Brocade-Passwd-WarnPeriod 7 integer in days