HPE Community
HPE Storage Networking - Switches
1830121 Members
11048 Online
109998 Solutions
New Discussion

Cannot remove LDAP server from configuration

 
Biite
Frequent Advisor

‎01-14-2025 02:01 AM - last edited on ‎01-21-2025 10:10 PM by

‎01-14-2025 02:01 AM - last edited on ‎01-21-2025 10:10 PM by

Cannot remove LDAP server from configuration

Hi all,

I seem to have a weird problem here:
I'm trying to remove LDAP servers from a Brocade switch, but removal of the LDAP server fails:

AT1-AIS-SS-101:admin> aaaconfig --remove at1-ais-dc-02 -conf ldap
Configuration not found for LDAP server: at1-ais-dc-02

I directly copied the servername from the output of the 'aaaconfig --show' command.

I'm able to remove other (more recent) LDAP servers though.

Anyone got any brilliant idea's... or maybe a way to fully clear the AAA config on a Brocade switch?

Regards,
Martien
0 Kudos
Reply
6 REPLIES 6
NimaG
HPE Pro

‎01-16-2025 08:06 AM

‎01-16-2025 08:06 AM

Re: Cannot remove LDAP server from configuration

Hello Biite,

I understand that you are trying to remove the LDAP server.
You have already tried:
AT1-AIS-SS-101:admin> aaaconfig --remove at1-ais-dc-02 -conf ldap

And that errors out.

Please check with: aaaconfig --authspec local 

This is the default setting. Authenticates the user against the local database only. Please note, if the password does not match or the user is not defined, the login fails.

Reference: https://techdocs.broadcom.com/us/en/fibre-channel-networking/fabric-os/fabric-os-commands/9-1-x/Fabric-OS-Commands/aaaConfig.html

Thanks!



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
Biite
Frequent Advisor

‎01-16-2025 08:15 AM

‎01-16-2025 08:15 AM

Re: Cannot remove LDAP server from configuration

Hi Nima,

The configuration on the SAN switches currently has 4 LDAP servers configured (2 with LDAPS and 2 with STARTTLS).
I want to remove the 2 LDAP servers with the STARTTLS configuration, but those fail. Even though I used the EXACT name as shown in the output of the 'aaaconfig --show' command.

I've already tried setting the authspec to LOCAL only and then remove the LDAP servers, but that also fails with the same error.

It is not a user validation issue, but it is an LDAP server removal issue.

Regards,
Martien
0 Kudos
Reply
Biite
Frequent Advisor

‎01-19-2025 11:25 PM

‎01-19-2025 11:25 PM

Re: Cannot remove LDAP server from configuration

Will log an HPE support case now, as I see no easy way to resolve.

Regards,
Martien
0 Kudos
Reply
support_s
System Recommended

‎01-27-2025 02:45 AM

‎01-27-2025 02:45 AM

Query: Cannot remove LDAP server from configuration

Hello,

 

Let us know if you were able to resolve the issue.

If you are satisfied with the answers then kindly click the "Accept As Solution" button for the most helpful response so that it is beneficial to all community members.

 

 

Please click on "Thumbs Up/Kudo" icon to give a "Kudo".


Accept or Kudo

0 Kudos
Reply
Biite
Frequent Advisor

‎01-27-2025 03:15 AM

‎01-27-2025 03:15 AM

Re: Cannot remove LDAP server from configuration

HPE case logged, no direct solution. HPE will discuss this now with Brocade/Broadcom.

Regards,
Martien
0 Kudos
Reply
Biite
Frequent Advisor

‎04-14-2025 08:01 AM

‎04-14-2025 08:01 AM

Re: Cannot remove LDAP server from configuration

Hi all,

A quick update: 

  • Broadcom engineering state that this is a bug, initially to be fixed in FOS 10.0 (with a target release date of August 2025)
  • It was stated that older FOS versions need a manual procedure to remove the old LDAP configuration
  • Later message stated that it will be fixed in all open releases (10.0, 9.2.2a, 91.1e), with a tentative target date for FOS 9.x of April.
Regards,
Martien
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.