Cisco Systems 1.2 Manual De Usuario
RADIUS native authentication is not supported for this release, and cannot be used to create policies in
Cisco UCS Central under the Domain Group root and domain groups. RADIUS may be used to create
global policies for Cisco UCS domains.
Cisco UCS Central under the Domain Group root and domain groups. RADIUS may be used to create
global policies for Cisco UCS domains.
Note
Procedure
Step 1
On the menu bar, click Operations Management.
Step 2
In the Navigation pane, expand Domain Groups > Domain Group root.
Step 3
Under the Domain Groups root node, click Operational Policies.
Step 4
In the Work pane, click Security.
Step 5
In the Work pane, click RADIUS.
Step 6
In the Actions area, click Properties and complete all fields.
You can also right-click RADIUS to access that option.
You can also right-click RADIUS to access that option.
a) In the Properties (RADIUS) dialog box, complete all fields on the General tab.
b) Click OK.
b) Click OK.
Step 7
Click Save.
What to Do Next
Create a RADIUS provider.
Creating a RADIUS Provider
Cisco UCS Central supports a maximum of 16 RADIUS providers. RADIUS native authentication is not
supported for this release, and cannot be used to create policies in Cisco UCS Central under the Domain Group
root and domain groups. RADIUS may be used to create global policies for Cisco UCS domains.
supported for this release, and cannot be used to create policies in Cisco UCS Central under the Domain Group
root and domain groups. RADIUS may be used to create global policies for Cisco UCS domains.
Before You Begin
Perform the following configuration in the RADIUS server:
• Configure users with the attribute that holds the user role and locale information for Cisco UCS Central.
You can choose whether to extend the RADIUS schema for this attribute. If you do not want to extend
the schema, use an existing RADIUS attribute to hold the Cisco UCS user roles and locales. If you prefer
to extend the schema, create a custom attribute, such as the cisco-avpair attribute.
the schema, use an existing RADIUS attribute to hold the Cisco UCS user roles and locales. If you prefer
to extend the schema, create a custom attribute, such as the cisco-avpair attribute.
The vendor ID for the Cisco RADIUS implementation is 009 and the vendor ID for the attribute is 001.
The following syntax example shows how to specify multiples user roles and locales if you choose to
create the cisco-avpair attribute:
create the cisco-avpair attribute:
shell:roles="admin,aaa" shell:locales="L1,abc"
. Use a comma
"," as the delimiter to separate multiple values.
• For a cluster configuration, add the management port IP addresses for both fabric interconnects. This
configuration ensures that remote users can continue to log in if the first fabric interconnect fails and
the system fails over to the second fabric interconnect. All login requests are sourced from these IP
addresses, not the virtual IP address used by Cisco UCS Central.
the system fails over to the second fabric interconnect. All login requests are sourced from these IP
addresses, not the virtual IP address used by Cisco UCS Central.
Cisco UCS Central Software User Manual, Release 1.2
41
Managing Administrative Settings
Configuring RADIUS Providers