Enabled LDAP authentication and now I'm locked out


Userlevel 2
I thought I was being smart by enabling LDAP authentication, which works, however I don't have enough privileges to do anything on the switch and now for some reason I can't auth locally either.

Is there an equivalent of SU that I'm missing ?

ex.x450.chi.a.1 > unconfigure switch

This user does not have permissions for this command.

5 replies

Userlevel 7
If the switch loses connectivity to the LDAP server it should revert back to the local users. This is assuming the LDAP authentication is being done on the server.
Userlevel 7
Hi Tom,
When you configured your RADIUS server, did you build a profile to allow Admin access?
Take a look at this thread for some more information.

Also this GTAC Knowledge article may have some useful pointers, namely this:

On the radius server a normal user is needed for User access. If the user needs admin rights on the switch the following needs to be added to the radius user. Service-Type = Administrative-User

Userlevel 2
Drew C. wrote:

Hi Tom,
When you configured your RADIUS server, did you build a profile to allow Admin access?
Take a look at this thread for some more information.

Also this GTAC Knowledge article may have some useful pointers, namely this:

On the radius server a normal user is needed for User access. If the user needs admin rights on the switch the following needs to be added to the radius user. Service-Type = Administrative-User

Aha, that did the trick. Thank you!
Userlevel 7
Drew C. wrote:

Hi Tom,
When you configured your RADIUS server, did you build a profile to allow Admin access?
Take a look at this thread for some more information.

Also this GTAC Knowledge article may have some useful pointers, namely this:

On the radius server a normal user is needed for User access. If the user needs admin rights on the switch the following needs to be added to the radius user. Service-Type = Administrative-User

Great! Glad to help!
Userlevel 6
Hi, all!

Also had an issue with some old RADIUS servers, that have to tipe commands (in RADIUS-server) accepted to perform in EXOS.

Thank you!

Reply