beautypg.com

To change a radius server configuration, Enabling and disabling local authentication – HP Brocade 4Gb SAN Switch for HP BladeSystem p-Class User Manual

Page 53

background image

Fabric OS 5.0.0 procedures user guide

53

To change a RADIUS server configuration:

1.

Connect to the switch and log in as admin.

2.

Issue the following command:

To change the order in which RADIUS servers are contacted for service:

1.

Connect to the switch and log in as admin.

2.

Issue the following command:

When the command succeeds, the event log indicates that a server configuration changed.

Enabling and disabling local authentication

It is useful to enable local authentication so that the switch can take over authentication locally if the

RADIUS servers fail to respond because of power outage or network problems. To enable or disable local

authentication, issue the following command:

Specifying

on

enables local authentication; specifying

off

disables it.

When local authentication is enabled and RADIUS servers fail to respond, you can log in to the default

switch accounts (admin and user) or any user-defined account. You must know the passwords of these

accounts.

RADIUS authentication must be enabled when local database authentication is turned off from the on

state; otherwise, an error is returned.

Because local database authentication may be automatically disabled or enabled when enabling or

disabling RADIUS authentication, you should set the local database authentication explicitly to enabled or

disabled after setting the desired RADIUS authentication configuration.

When the command succeeds, the event log indicates that local database authentication is disabled

or enabled.

switch:admin> aaaConfig --change server [-p port] [-s secret] [-t
timeout] [-a pap | chap]

where:

server

Servers are listed by either name or IP address. Enter either the name or IP

address of the server to be changed.

-p port

Optional: enter a server port.

-s secret

Optional: enter a shared secret.

-t timeout

Optional: enter the length of time (in seconds) the server has to respond

before the next server is contacted.

-a pap | chap

Optional: specify that the PAP protocol be used instead of the CHAP

protocol for packets traveling between the switch and the server.

switch:admin> aaaConfig --move server to_position

where:

server

Servers are listed by either name or IP address. Enter either the name or IP

address of the server whose position is to be changed.

to_position

Enter the position number to which the server is to be moved.

switch:admin> aaaConfig --switchdb on | off

See also other documents in the category HP Storage: