OmniSwitch 6800/6850/9000 Network Configuration Guide March 2008 xix
Chapter 25 Managing Authentication Servers ......................................................................25-1
In This Chapter ..............................................................................................................25-1
Authentication Server Specifications ............................................................................25-2
Server Defaults ..............................................................................................................25-3
RADIUS Authentication Servers ...........................................................................25-3
TACACS+ Authentication Servers ........................................................................25-3
LDAP Authentication Servers ................................................................................25-3
Quick Steps For Configuring Authentication Servers ..................................................25-4
Server Overview ............................................................................................................25-5
Backup Authentication Servers ..............................................................................25-5
Authenticated Switch Access .................................................................................25-5
Authenticated VLANs ............................................................................................25-6
Port-Based Network Access Control (802.1X) ......................................................25-7
ACE/Server ...................................................................................................................25-8
Clearing an ACE/Server Secret ..............................................................................25-8
RADIUS Servers ...........................................................................................................25-9
RADIUS Server Attributes .....................................................................................25-9
Standard Attributes ..........................................................................................25-9
Vendor-Specific Attributes for RADIUS ......................................................25-11
Configuring Functional Privileges on the Server ..........................................25-12
RADIUS Accounting Server Attributes ........................................................25-13
Configuring the RADIUS Client ..........................................................................25-14
TACACS+ Server .......................................................................................................25-15
TACACS+ Client Limitations ..............................................................................25-15
Configuring the TACACS+ Client .......................................................................25-16
LDAP Servers .............................................................................................................25-17
Setting Up the LDAP Authentication Server .......................................................25-17
LDAP Server Details ............................................................................................25-18
LDIF File Structure .......................................................................................25-18
Common Entries ............................................................................................25-18
Directory Entries ...........................................................................................25-19
Directory Searches .........................................................................................25-20
Retrieving Directory Search Results .............................................................25-20
Directory Modifications ................................................................................25-20
Directory Compare and Sort ..........................................................................25-21
The LDAP URL ............................................................................................25-21
Password Policies and Directory Servers ......................................................25-22
Directory Server Schema for LDAP Authentication ............................................25-23
Vendor-Specific Attributes for LDAP Servers ..............................................25-23
LDAP Accounting Attributes ........................................................................25-24
Dynamic Logging ..........................................................................................25-26
Configuring the LDAP Authentication Client .....................................................25-27
Creating an LDAP Authentication Server .....................................................25-28
Modifying an LDAP Authentication Server ..................................................25-28
Setting Up SSL for an LDAP Authentication Server ....................................25-28
Removing an LDAP Authentication Server ..................................................25-29
Verifying the Authentication Server Configuration ....................................................25-29