Fabric os users on the radius server, Windows 2000 ias – Brocade Fabric OS Administrators Guide (Supporting Fabric OS v7.3.0) User Manual
Page 152
Syntax for VSA-based account roles (Continued)
TABLE 25
Item
Value
Description
Vendor ID
1588
4 octet, Brocade SMI Private Enterprise Code
Vendor type
1
1 octet, Brocade-Auth-Role; valid attributes for the Brocade-Auth-Role are:
Admin
BasicSwitchAdmin
FabricAdmin
Operator
SecurityAdmin
SwitchAdminUser
ZoneAdmin
2
Optional: Specifies the Admin Domain or Virtual Fabric member list. For more
information on Admin Domains or Virtual Fabrics, refer to
configuration with Admin Domains or Virtual Fabrics
Brocade-AVPairs1
3
Brocade-AVPairs2
4
Brocade-AVPairs3
5
Brocade-AVPairs4
6
Brocade Password ExpiryDate
7
Brocade Password ExpiryWarning
Vendor length
2 or higher
1 octet, calculated by server, including vendor-type and vendor-length
Attribute-specific data ASCII string Multiple octet, maximum 253, indicating the name of the assigned role and
other supported attribute values such as Admin Domain member list.
Fabric OS users on the RADIUS server
All existing Fabric OS mechanisms for managing local-switch user accounts and passwords remain
functional when the switch is configured to use RADIUS. Changes made to the local switch database
do not propagate to the RADIUS server, nor do the changes affect any account on the RADIUS
server.
Windows 2000 IAS
To configure a Windows 2000 Internet authentication service (IAS) server to use VSA to pass the
admin role to the switch in the dial-in profile, the configuration specifies the Vendor code (1588),
Vendor-assigned attribute number (1), and attribute value (admin), as shown in the below figure.
Fabric OS users on the RADIUS server
152
Fabric OS Administrators Guide
53-1003130-01