BladeSystem - General

1752610 Members

4064 Online

108788 Solutions

New Discussion

Virtual Connect LDAP Integration questions

Norman had a customer question:

**************

Curious about the TACACS+ support with respect to VCEM.

Seems like customers must choose between TACACS+ or LDAP, with a fall-back to local accounts if authentication fails.

Have a customer who’s network team uses TACACS+, but the server team would likely use LDAP.

First question: Can a customer’s VCEM installation support multiple methods (TACACS+, LDAP, local, etc.).

Second question: Do we have any instructions on how to integrate VCEM with TACACS+? (customer request)

****************

Info from Lionel:

*************

You don’t have to choose between TACAS+ or LDAP, you can enable both and set an authentication method for each user role. You can even set an order between different authentication methods so if a method fails, the next method is tried.

Back to your VCEM questions, the local access to VCM is not changed because you are under the control of VCEM so all authentication methods enabled under VCM are still available. VCEM only locks the VC Domain to make sure no configuration change can take place but concerning the local authentication, it’s the same as a standalone VC Domain.

The authentication order for each role is by default in the following order:

Domain: local > ldap > radius > tacacs

Network: tacacs > radius > local
Server: ldap > local

Storage: radius > local

So what your customer is asking is already the first default authentication method used today by VC for each network/server role.

**************

Any other help for Norman?

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Virtual Connect LDAP Integration questions

Virtual Connect LDAP Integration questions