Fabric OS Administrator’s Guide 157
53-1002745-02
Remote authentication
5
Configuring RADIUS service on Linux consists of the following tasks:
• Adding the Brocade attributes to the server
• Creating the user
• Enabling clients
Adding the Brocade attributes to the server
1. Create and save the file $PREFIX/etc/raddb/dictionary.brocade with the following information:
# dictionary.brocade
#
VENDOR Brocade 1588
#
# attributes
#
ATTRIBUTE Brocade-Auth-Role 1 string Brocade
ATTRIBUTE Brocade-AVPairs1 2 string Brocade
ATTRIBUTE Brocade-AVPairs2 3 string Brocade
ATTRIBUTE Brocade-AVPairs3 4 string Brocade
ATTRIBUTE Brocade-AVPairs4 5 string Brocade
ATTRIBUTE Brocade-Passwd-ExpiryDate 6 string Brocade
ATTRIBUTE Brocade-Passwd-WarnPeriod 7 string Brocade
This information defines the Brocade vendor ID as 1588, Brocade attribute 1 as
Brocade-Auth-Role, Brocade attribute 6 as Brocade-Passwd-ExpiryDate, and Brocade attribute
7 as Brocade-Passwd-WarnPeriod.
2. Open the file $PREFIX/etc/raddb/dictionary in a text editor and add the line:
$INCLUDE dictionary.brocade
As a result, the file dictionary.brocade is located in the RADIUS configuration directory and
loaded for use by the RADIUS server.
Creating the user
1. Open the $PREFIX/etc/raddb/user file in a text editor.
2. Add the user names and their permissions for users accessing the switch and authenticating
through RADIUS.
The user logs in using the permissions specified with Brocade-Auth-Role. The valid permissions
include root, admin, switchAdmin, zoneAdmin, securityAdmin, basicSwitchAdmin, fabricAdmin,
operator, and user. You must use quotation marks around “password” and “role”.
Example of adding a user name to the RADIUS authentication
For example, to set up an account called JohnDoe with admin permissions with a password
expiry date of May 28, 2008 and a warning period of 30 days:
JohnDoe Auth-Type := Local
User-Password == "johnPassword",
Brocade-Auth-Role = "admin",
Brocade-Passwd-ExpiryDate = "05/28/08",
Brocade-Passwd-WarnPeriod = "30"
Example of using the local system password to authenticate users
The next example uses the local system password file to authenticate users.
To Next Page
Loading...
Need help?
General