Radius (Steel Belted Radius) configuration for attribute/value

EK 365
EK 365 used Ask the Experts™
on
Hi, I am trying to have SAN switches authenticated with SBR. Authentication is fine but after logging in any command results in following error :

no chassis permission

So I researched and found SBR has to set up some attribute and values (around p.164):
http://www.brocade.com/content/dam/common/documents/content-types/administration-guide/fos-740-adminguide.pdf
http://www.manualslib.com/manual/390261/Brocade-Communications-Systems-1606.html?page=146#manual

However, the following dictionary files give me "invalid" syntax error on line 23,24. Please help!

"brocade.dct" [Read only] 24 lines, 966 characters
VALUE   Brocade-AVPairs1        ChassisRole     admin
     1  ##########################################################
     2  # brocade.dct - Brocade Company - Brocade Switch dictionary - 3/9/1999  #
     3  # update: 07/25/2006                                                     #
     4  ##########################################################
     5  #
     6  # Use the Radius specification attributes
     7  @radius.dct
     8  #
     9
    10
    11  #ATTRIBUTE  Brocade-Auth-Role 26 [vid=1588 type1=1 len1=+2 data=string] r
    12  ## VALUE can be Admin, BasicSwitchAdmin, FabricAdmin, Operator, SecurityAdmin
    13  ## SwitchAdmin, User and ZoneAdmin
    14
    15  MACRO Brocade-VSA(t,s) 26 [vid=1588 type1=%t% len1=+2 data=%s%]
    16
    17  ATTRIBUTE Brocade-Auth-Role  Brocade-VSA(1, string)  r
    18  ATTRIBUTE Brocade-AVPairs1  Brocade-VSA(2, string)  r
    19  ATTRIBUTE Brocade-AVPairs2  Brocade-VSA(3, string)  r
    20  ATTRIBUTE Brocade-AVPairs3  Brocade-VSA(4, string)  r
    21  ATTRIBUTE Brocade-AVPairs4  Brocade-VSA(5, string)  r
    22
    23  VALUE   Brocade-Auth-Role       Admin  
    24  VALUE   Brocade-AVPairs1        ChassisRole     Admin
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
Found solution myself:

Remove all additions on dct file - brocade.dct; Change it back to original.
Go to GUI -> Profile -> Set profiles for SAN with below values and orders:

Brocade-Auth-Role; Admin
Brocade-AVPairs1: HomeLF=128;LFRoleList=admin:1-128
Brocade-AVPairs2: ChassisRole=admin

Apply Profile on Location Group which Radius client (SAN) is pointing to.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial