Linux, Adding the attribute to the server, Creating the user – HP StorageWorks 2.128 SAN Director Switch User Manual

Page 47

Advertising
background image

Fabric OS 5.x administrator guide

47

Linux

The following procedures work for FreeRADIUS on Solaris and Red Hat Linux. FreeRADIUS is a freeware

RADIUS server that you can find at the following web site:

www.freeradius.org

.

Follow the installation instructions at the web site. FreeRADIUS runs on Linux (all versions), FreeBSD,

NetBSD, and Solaris. If you make a change to any of the files used in this configuration, you must stop the

server and restart it for the changes to take effect.
FreeRADIUS installation places the configuration files in

$PREFIX/etc/raddb

. By default, the

PREFIX

is

/usr/local

.

Configuring RADIUS service on Linux consists of the following tasks:

Adding the HP attribute to the server

Creating the user

Enabling clients

Adding the attribute to the server

1.

Create and save the file

$PREFIX/etc/raddb/dictionary.brocade

with the following

information:

This defines the vendor ID as 1588, the vendor attribute 1 as

Brocade-Auth-Role

, and it is a string

value.

2.

Open the file

$PREFIX/etc/raddb/dictionary

in a text editor and add the following line:

$INCLUDE dictionary.brocade

As a result, the file

dictionary.brocade

is located in the RADIUS configuration directory and

loaded for use by the RADIUS server.

Creating the user

Open the

$PREFIX/etc/raddb/user

file in a text editor and add user names and roles for users who

will be accessing the switch and authenticating RADIUS. The user logs in using the role specified with

Brocade-Auth-Role

. The valid roles include root, factory, admin, switchAdmin, and user. You must

use quotation marks around

“password”

and

“role”

.

For example, to set up an account called JohnDoe with the admin role:

The next example uses the local system password file to authenticate users. (This does not work when

using NIS for authentication. The only way to enable authentication with the password file is to force the

HP StorageWorks switch to authenticate using PAP; this requires the

-a pap

option with the

aaaConfig

command.) For example:

#
# Brocade FabricOS v5.0.1 dictionary
#
VENDOR Brocade

1588

#
# attribute 1 defined to be Brocade-Auth-Role

# string defined in user configuration

#
ATTRIBUTE

Brocade-Auth-Role

1 string Brocade

JohnDoe Auth-Type := Local, User-Password == “johnPassword” Brocade-Auth-Role =
“admin”

JohnDoe Auth-Type := System, Brocade-Auth-Role = “admin”

Advertising
This manual is related to the following products:

StorageWorks 2.64 Core Switch, StorageWorks 2.16N FF and 2.16N SAN Switch, StorageWorks 2.16V SAN Switch, StorageWorks 2.8V SAN Switch, Brocade 4Gb SAN Switch for HP BladeSystem p-Class

Popular Brands
Popular manuals