beautypg.com

Switch user accounts, Radius attributes for g8000 user privileges, Table 1-1 – Blade ICE G8000 User Manual

Page 29: User access levels 29, Table 1-2, Blade os-proprietary attributes for radius 29

background image

RackSwitch G8000 Application Guide

Chapter 1: Accessing the Switch

„

29

BMD00041, November 2008

Switch User Accounts

The user accounts listed in

Table 1-1

can be defined in the RADIUS server dictionary file.

RADIUS Attributes for G8000 user privileges

When the user logs in, the switch authenticates his/her level of access by sending the RADIUS
access request, that is, the client authentication request, to the RADIUS authentication server.

If the remote user is successfully authenticated by the authentication server, the switch will
verify the privileges of the remote user and authorize the appropriate access. The administrator
has an option to allow secure backdoor access via Telnet/SSH. Secure backdoor provides
switch access when the RADIUS servers cannot be reached.

N

OTE

To obtain the RADIUS backdoor password for your G8000, contact Technical Support.

All user privileges, other than those assigned to the Administrator, have to be defined in the
RADIUS dictionary. RADIUS attribute 6 which is built into all RADIUS servers defines the
administrator. The file name of the dictionary is RADIUS vendor-dependent. The following
RADIUS attributes are defined for G8000 user privileges levels:

Table 1-1 User Access Levels

User Account

Description and Tasks Performed

Password

User

The User has no direct responsibility for switch management.
He/she can view all switch status information and statistics but
cannot make any configuration changes to the switch.

user

Operator

The Operator manages all functions of the switch. The Operator
can reset ports.

oper

Administrator

The super-user Administrator has complete access to all com-
mands, information, and configuration commands on the switch,
including the ability to change both the user and operator pass-
words.

admin

Table 1-2 Blade OS-proprietary Attributes for RADIUS

User Name/Access

User-Service-Type

Value

User

Vendor-supplied

255

Operator

Vendor-supplied

252

Admin

Vendor-supplied

6