Fibre Channel (SAN)

Reply
New Contributor
james_araujo
Posts: 3
Registered: ‎12-17-2012

Brocade Active Directory Integration requires @fqdn in username?

Hello All,

I am confused as to why I need to append the @fqdn when logging in using ldap authentication.

aaaconfig --show

RADIUS CONFIGURATIONS

=====================

RADIUS configuration does not exist.

LDAP CONFIGURATIONS

===================

Position                 : 1

Server                   : 10.0.0.5

Port                     : 389

Domain                   : fqdn

Timeout(s)               : 1

Position                 : 2

Server                   : 10.0.0.6

Port                     : 389

Domain                   : fqdn

Timeout(s)               : 1

ldapcfg --show

        LDAP Role       |       Switch Role

------------------------------------------------

        brocadeAdminGrp  |     admin

------------------------------------------------

I have a testuser AD account created and is a member of the brocadeAdminGrp...The issue is when i log into the brocade switch I have to append the FQDN like this

testuser@fqdn

If I don't include the @fqdn it will reject the login with denied.

N/A
jalsbroo
Posts: 1
Registered: ‎01-14-2013

Re: Brocade Active Directory Integration requires @fqdn in username?

I too recently ran into a similar problem where a particular LDAP user was unable to login to 2 of the 3 Brocade switches I recently setup for LDAP auth.  After several hours of troubleshooting I realized that if I typed a wrong password then the correct password the user was allowed to SSH into the 2 Brocades using a non-FQDN login.  I found this odd and I could reproduce it every time by typing a bad password then the correct password and get logged in.  Also noticed if I used the user@FQDN it worked every time without problems.  We had 3 other LDAP users that had no problems using only their user name on any of the Brocades.  The 1 switch we could all login to was pointing at a 2008R2 DC where the “problem” switches were pointing to a 2003R2 DC.  Once I pointed the 2 switches to a 2008R2 DC this user can now login using only his user name.  Just wanted to share my findings since I spend about 4 hours today working on it.  Still not sure why only his ID was effected.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.