APC AP8861, AP8886, AP88XX Configure the Radius Server, Summary of the configuration procedure

Page 65

Configure the RADIUS Server

Summary of the configuration procedure

You must configure your RADIUS server to work with the Rack PDU.

For examples of the RADIUS users file with Vendor Specific Attributes (VSAs) and an example of an entry in the dictionary file on the RADIUS server, see the Security Handbook.

1.Add the IP address of the Rack PDU to the RADIUS server client list (file).

2.Users must be configured with Service-Type attributes unless Vendor Specific Attributes (VSAs) are defined. If no Service-Type attributes are configured, users will have read-only access (on the Web interface only).

See your RADIUS server documentation for information about the RADIUS users file, and see the Security Handbook for an example.

3.VSAs can be used instead of the Service-Type attributes provided by the RADIUS server. VSAs require a dictionary entry and a RADIUS users file. In the dictionary file, define the names for the ATTRIBUTE and VALUE keywords, but not for the numeric values. If you change numeric values, RADIUS authentication and authorization will fail. VSAs take precedence over standard RADIUS attributes.

Configuring a RADIUS server on UNIX® with shadow passwords

If UNIX shadow password files are used (/etc/passwd) with the RADIUS dictionary files, the following two methods can be used to authenticate users:

If all UNIX users have administrative privileges, add the following to the RADIUS “user” file. To allow only Device Users, change the APC-Service-Type to Device.

DEFAULT

Auth-Type = System

Admin

 

APC-Service-Type =

Add user names and attributes to the RADIUS “user” file, and verify the password against /etc/ passwd. The following example is for users bconners and thawk:

bconners

Auth-Type =

System

Admin

thawk

APC-Service-Type

=

Auth-Type =

System

Device

 

APC-Service-Type

=

Supported RADIUS servers

FreeRADIUS and Microsoft IAS 2003 are supported. Other commonly available RADIUS applications may work but have not been fully tested.

RADIUS and Network Port Sharing

Note: See the Security Handbook for APC Network Management Cards for more information on using

RADIUS.

57

Metered Rack PDU User Guide

Page 64 Page 66
Image 65
Page 64 Page 66
Contents User Guide Contents Log on to the Command Line Interface Web Interface Logs Administration Notification Device IP Configuration Wizard Troubleshooting Introduction Product FeaturesTypes of User Accounts Access Priorities for Logging onNetwork Port Sharing Watchdog FeaturesGetting Started TCP/IP configuration methods Establish Network SettingsDhcp and Bootp configuration INI file utilityOption 43 = 01 04 31 41 50 Command Line Interface Recovering from a Lost Password Function Rack PDU Front PanelFunction Display Tree Example Display Tree Example Network Status LED Load indicator LEDCondition Description 10/100 LEDAbout the Command Line Interface Command Line InterfaceLog on to the Command Line Interface Remote access to the command line interfaceAbout the Main Screen Local access to the command line interfaceIPv4 IPv6 Description Only Using the Command Line InterfaceDescription Command SyntaxCode Message Command Response CodesAlarmcount Network Management Card Command DescriptionsAbout Option Arguments DescriptionClrrst BootOption Argument Description Console Delete DateArgument Description DirEventlog DnsExit FormatHelp Option Argument DefinitionNetstat NtpPortSpeed PingPrompt QuitRadius RebootSystem ResetToDefSnmp, snmpv3 Tcpip6 TcpipWeb UserXferStatus XferININetwork Port Sharing Commands Device Command DescriptionsBkLowLoad BkNearOverDevLowLoad BkOverLoadBkReading DevOverLoad DevNearOverDevReading Argument DefinitionHumReading HumLowHumMin PhOverLoad PhLowLoadPhNearOver PhReading SensorName ProdInfoTempReading TempHighTempMax Whoami Logging On to the Web Interface Web InterfaceSupported Web Browsers URL address formats Error Message Browser Cause of the ErrorSymbol Description Web Interface FeaturesTabs Device status iconsQuick Links Other Web interface featuresNetwork Port Sharing on the Web Interface Group Control using Network Port SharingMetered Rack PDU User Guide Overview view Alarm Status viewAbout the Home Tab Device Management Configuring Load ThresholdsAbout the Device Manager Tab Viewing the Load Status and Peak LoadResetting Peak Load and kWh Configure the Name and Location of the Rack PDUEnvironment Configure Temperature and Humidity SensorsEvent log LogsUse the Event and Data Logs Example event log Rack PDU 4 Device low load Path Logs Data options Data logParameter Description Scp username@hostnameoripaddressdata.txt ./data.txt How to use FTP or SCP to retrieve log filesSetting user access Administration SecurityAuthentication Local UsersRadius Radius Setting DefinitionSummary of the configuration procedure Configure the Radius ServerConfiguring a Radius server on Unix with shadow passwords Supported Radius serversInactivity Timeout TCP/IP and Communication Settings Administration Network FeaturesTCP/IP settings Setting DescriptionAPC Cookie. Tag 1, Len 4, Data 1APC Dhcp response optionsPing Response Port SpeedQuery Type Selected Query Question to Use DNSStatus WebOption Description Telnet 152.214.12.1145000 telnet 152.214.12.114 ConsoleSnmp SNMPv1 SNMPv3 FTP Server Configuring event actions Administration NotificationEvent Actions Types of notificationMetered Rack PDU User Guide Mail notification Active, Automatic, Direct NotificationSend a test message to a configured recipient Snmp Trap Test Snmp trapsSyslog Remote Monitoring ServiceSetting Definition Informational is mapped to Info Identification Administration General OptionsSet the Date and Time ModeDaylight saving Use an .ini FileReset the Rack PDU Event Log and Temperature UnitsChange the default temperature scale Color-code event log textAbout the Rack PDU Configure LinksUse the Wizard Device IP Configuration WizardCapabilities, Requirements, and Installation Select Locally through the serial port, and click Next Configure or reconfigure the TCP/IP settings locallySelect Remotely over the network, and click Next Summary of the procedure How to Export Configuration SettingsContents of the .ini file Retrieving and Exporting the .ini FileDetailed procedures Ftp open ipaddress Event and its error messages Upload Event and Error MessagesMessages in config.ini Errors generated by overridden valuesFile Transfers How to Upgrade FirmwareFirmware File Transfer Methods Benefits of upgrading firmwareUse FTP or SCP to upgrade one Rack PDU Using the Firmware Upgrade UtilityUse Xmodem to upgrade one Rack PDU Using a USB flash drive to upgrade one Rack PDU How to upgrade multiple Rack PDUsUsing the Firmware Upgrade Utility for multiple upgrades Firmware Module Binary File Verify the version numbers of installed firmware Verifying Upgrades and UpdatesVerify the success or failure of the transfer Last Transfer Result codesProblem Solution TroubleshootingRack PDU Access Problems Network Management Card Command Descriptions Appendix a List of Supported CommandsSets manual IPv6 address Device Command Descriptions 990-3429D-001 10/2012 APC Worldwide Customer Support

AP8886, AP88XX, AP8861 specifications

The APC AP8861, part of the AP88XX series, is a highly versatile and advanced power distribution unit (PDU) designed to meet the growing demands of data centers and IT environments. This series encompasses state-of-the-art technologies and features designed to enhance both operational efficiency and reliability.

The AP8861 model is particularly recognized for its modular design, allowing for easy scaling and expansion as data center needs evolve. With a variety of outlet configurations, it can accommodate numerous devices while optimizing power management. The device supports both standard and high-density power distribution, making it suitable for diverse environments, from small server rooms to large-scale data centers.

One of the hallmark features of the AP8861 is its built-in network management capabilities. It allows for real-time monitoring of power consumption, ensuring optimal load balancing and helping prevent overload situations. The device incorporates environmental monitoring through temperature and humidity sensors, enabling administrators to proactively manage operating conditions and mitigate risks to sensitive equipment.

The AP88XX series features advanced Surge Protection, which guards against electrical surges that can damage connected equipment. This is a critical consideration in data centers where the integrity of sensitive electronics is paramount. Additionally, the series supports remote management, allowing IT personnel to monitor and control power distribution from anywhere in the world. This function enhances operational flexibility and facilitates rapid responses to power-related issues.

Another significant characteristic of the AP8861 is its compatibility with APC's software solutions. Integrating seamlessly with IT management platforms enables deeper insights and analytics, leading to informed decision-making regarding power usage and equipment reliability.

The device boasts a high-efficiency design, contributing to reducing overall energy costs. The capability to customize alarm settings for power events and environmental factors further enhances proactive management of the data center environment.

In summary, the APC AP8861 and the entire AP88XX series are engineered for robust performance, enhanced control, and adaptability in power distribution management. Packed with advanced features, this series offers solutions that help businesses optimize their data centers while ensuring maximum uptime and equipment protection, thereby supporting the ever-increasing demands placed on modern IT infrastructures.
Top Page Image Contents