RackSwitch G8000 Application Guide
Chapter 1: Accessing the Switch
29BMD00041, November 2008
Switch User Accounts
The user accounts listed in Table 1-1 can be defined in the RADIUS server dictionary file.
RADIUS Attributes for G8000 user privileges
When the user logs in, the switch authenticates his/her level of access by sending the RADIUS
access request, that is, the client authentication request, to the RADIUS authentication server.
If the remote user is successfully authenticated by the authentication server, the switch will
verify the privileges of the remote user and authorize the appropriate access. The administrator
has an option to allow secure backdoor access via Telnet/SSH. Secure backdoor provides
switch access when the RADIUS servers cannot be reached.
NOTE – To obtain the RADIUS backdoor password for your G8000, contact Technical Support.
All user privileges, other than those assigned to the Administrator, have to be defined in the
RADIUS dictionary. RADIUS attribute 6 which is built into all RADIUS servers defines the
administrator. The file name of the dictionary is RADIUS vendor-dependent. The following
RADIUS attributes are defined for G8000 user privileges levels:
Table 1-1 User Access Levels
User Account Description and Tasks Performed Password
User The User has no direct responsibility for switch management.
He/she can view all switch status information and statistics but
cannot make any configuration changes to the switch.
user
Operator The Operator manages all functions of the switch. The Operator
can reset ports.
oper
Administrator The super-user Administrator has complete access to all com-
mands, information, and configuration commands on the switch,
including the ability to change both the user and operator pass-
words.
admin
Table 1-2 Blade OS-proprietary Attributes for RADIUS
User Name/Access User-Service-Type Value
User Vendor-supplied 255
Operator Vendor-supplied 252
Admin Vendor-supplied 6
