OR tacacs: Observe the following:"> HP Virtual Connect Firmware Minimum requirements, LDAP Server Settings (LDAP Server) screen, NOTE:, •LDAP:<user> OR ldap:<user, •LOCAL:<user> OR local:<user

For LDAP authentication, the VCM contacts and external LDAP server on which user accounts have been set up. During login, VCM sends an authentication request to the server and waits for a login accept or login reject response from the server.

RADIUS and TACACS+ provide remote user authentication. At login, an external RADIUS or TACACS+ server is contacted by the VCM to authenticate the user login.

During login through the VCM CLI or GUI, the user can specify any one of the following, along with the login name:

LOCAL:<user> OR local:<user>LDAP:<user> OR ldap:<user>RADIUS:<user> OR radius:<user>TACACS:<user> OR tacacs:<user> Observe the following:

When the domain is in FIPS mode, RADIUS and TACACS user authentication cannot be used. The screens are disabled.

The separator character used is a colon ":".The mechanism names local, ldap, radius and tacacs are not case-sensitive.

Only the specified mechanism is attempted in the above cases. If <user> is not configured for that mechanism, then the login fails. VCM does not attempt any other mechanisms for login authentication.

If no mechanism is specified during login (only <user> is given), default login is exercised, as in existing VC implementations.

Minimum requirements

The RADIUS or TACACS+ server must be set up on a host machine on the management network and configured with users and VC attributes.

LDAP Server Settings (LDAP Server) screen

This screen enables Administrators to set up an LDAP server to authenticate users accessing the CLI or GUI based on user name, password, and role.

NOTE: A user authenticated through LDAP cannot change the LDAP settings, even if the user has domain role permissions.

Virtual Connect users and roles 70