Fibre Channel (SAN)

Reply
New Contributor
Posts: 2
Registered: ‎12-30-2011

Need help to configure LDAP AD authentication on Brocade switches

All,

 

Recently my mgmgt asked to configure LDAP on all our existing servers..so would like to know the brief steps to do this...i got steps as below and configured but this is not working...can someone help or correct here ?

 

1: Got the Domain controllers for domain xyz.net

2: updated the Domain controller server IPs  in switch after changed the auth order with ldap as primary & local db as secondary...

3: AD team created a group "SANswitchadmin" in AD level and added all my team indivusal ids to that group...

3: mapped that group to "Admin" in switch level...

 

But these are not working...do we need to give any special permissions or roles to that group we created in AD level where our individual IDs are added ..?

 

If anyone already implemented, let me know what we need to do in AD level and can we map the group to switch role or we need map ADir role ....? if so what ADir role and how it will be linked with each indivudal user domain ID ..?

 

Below is the current config..

 

switcha48k:admin> aaaconfig --show
RADIUS CONFIGURATIONS
=====================
RADIUS configuration does not exist.

LDAP CONFIGURATIONS
===================

Position                 : 1
Server                   : 11.22.33.44
Port                     : 389
Domain                   : XYZ.NET
Timeout(s)               : 3

Position                 : 2
Server                   : 12.34.56.78
Port                     : 389
Domain                   : XYZ.NET
Timeout(s)               : 3

Primary AAA Service: LDAP
Secondary AAA Service: Switch database
ddcfaba48k:admin>

switcha48k:admin> ldapcfg --show

        LDAP Role       |       Switch Role
------------------------------------------------
SANswitchadmin      |       admin
------------------------------------------------


Now when we login with our domain ID and passowrd it is giving access denied error..

External Moderator
Posts: 5,040
Registered: ‎02-23-2004

Re: Need help to configure LDAP AD authentication on Brocade switches

your output example posted show:

 

-->>>Domain                   : XYZ.NET

 

Q.: is this the real Windows Domain ?

TechHelp24
New Contributor
Posts: 2
Registered: ‎12-30-2011

Re: Need help to configure LDAP AD authentication on Brocade switches

Yes it is ,

 

I have tried with both XYZ and XYZ.NET in switch level ldap configuration but still not working...

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook