Configuring ldap users on an ad server – Brocade Network OS Administrator’s Guide v4.1.1 User Manual

3. In global configuration mode, set the login authentication mode on the switch to use LDAP only and

verify the change.

switch# configure terminal

Entering configuration mode terminal

switch(config)# no aaa authentication login

switch(config)# aaa authentication login ldap

switch(config)# do

show running-config aaa

aaa authentication login ldap

4. Log in to the switch using an account with valid LDAP/AD only credentials to verify that LDAP/AD is

being used to authenticate the user.

5. Log in to the switch using an account with switch-local only credentials. The login should fail with an

access denied message.

Configuring LDAP users on an AD server

1. Create a user.

a)

Go to Programs > Administrative Tools > Active directory Users and Computers.

b)

Add a user by completing the dialog shown in the following figure.

c)

Save the account information.

d)

From a command prompt, log in using the new user name and enter a password when
prompted.

2. Create a group.

a)

Go to Programs > Administrative Tools > Active directory Users and Computers.

b)

Add a new group.

c)

Save the group information.

3. Assign the group to the user.

a)

Click on the user name.

b)

From the Properties dialog, click the Member Of tab and update the field with the group
name. This group should either match the switch role or it must be mapped with the switch
role on the Brocade switch. In this instance, Domain Users is the primary group and
therefore should not be mapped with the switch role.

Configuring LDAP users on an AD server

302

Network OS Administrator’s Guide

53-1003225-04