Filter
Top Products
Fabric OS Administrator’s Guide 175
53-1002745-02
Remote authentication
5
Adding an authentication server to the switch configuration
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the aaaConfig
--add command.
At least one authentication server must be configured before you can enable the RADIUS, LDAP, or
TACACS+ service.
If no RADIUS, LDAP, or TACACS+ configuration exists, turning on the authentication mode triggers
an error message. When the command succeeds, the event log indicates that the configuration is
enabled or disabled.
Enabling and disabling remote authentication
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the aaaConfig
--authspec command to enable or disable RADIUS, LDAP, or TACACS+.
You must specify the type of service as one of RADIUS, LDAP, or TACACS+. Local is used for
local authentication if the user authentication fails on the authentication server.
Example enabling RADIUS
switch:admin> aaaconfig --authspec "radius;local" --backup
Example enabling LDAP
switch:admin> aaaconfig --authspec "ldap;local" --backup
Example enabling TACACS+
switch:admin> aaaconfig --authspec "tacacs+;local" --backup
Deleting an authentication server from the configuration
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the aaaConfig
--remove command.
When the command succeeds, the event log indicates that the server is removed.
Changing an authentication server configuration
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the aaaConfig
--change command.
Changing the order in which authentication servers are contacted for service
1. Connect to the switch and log in using an account with admin permissions.
2. Enter the aaaConfig
--move command.
When the command succeeds, the event log indicates that a server configuration is changed.