Login Domain

Version:

Location in GUI: Admin » AAA » Authentication » AAA

Diagram

Classes

aaa (apic.fabric_policies)

Name	Type	Constraint	Mandatory	Default Value
login_domains	List	`[login_domains]`	No

login_domains (apic.fabric_policies.aaa)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
realm	Choice	`local`, `tacacs`, `ldap`, `radius`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
auth_choice	Choice	`CiscoAVPair`, `LdapGroupMap`	No	`CiscoAVPair`
ldap_group_map	String	Regex: `^[a-zA-Z0-9_.:-]{1,31}$`	No
tacacs_providers	List	`[tacacs_providers]`	No
ldap_providers	List	`[ldap_providers]`	No
radius_providers	List	`[radius_providers]`	No

tacacs_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

ldap_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

radius_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

Examples

Example 1: In this example we configure a login_domain named yourDomainRadius which adds 2 radius providers with a clear priority to define the order of usage.

apic:
  fabric_policies:
    aaa:
      login_domains:
        - name: yourDomainRadius
          realm: radius
          description: login domain radius
          radius_providers:
            - hostname_ip: 10.10.10.1
              priority: 1
            - hostname_ip: 10.10.10.2
              priority: 2

Example 2: In this example we configure a login_domain named yourDomainTacacs which adds 2 tacacs providers with a clear priority to define the order of usage.

apic:
  fabric_policies:
    aaa:
      login_domains:
        - name: yourDomainTacacs
          realm: tacacs
          description: login domain tacacs
          tacacs_providers:
            - hostname_ip: 11.11.11.1
              priority: 1
            - hostname_ip: 11.11.11.2
              priority: 2

Example 3: In this example we configure the local login domain and add a description to it.

apic:
  fabric_policies:
    aaa:
      login_domains:
        - name: yourLocalDomain
          description: Local Domain
          realm: local

Location in GUI: Admin » AAA » Authentication » AAA

Diagram

Classes

aaa (apic.fabric_policies)

Name	Type	Constraint	Mandatory	Default Value
login_domains	List	`[login_domains]`	No

login_domains (apic.fabric_policies.aaa)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
realm	Choice	`local`, `tacacs`, `ldap`, `radius`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
auth_choice	Choice	`CiscoAVPair`, `LdapGroupMap`	No	`CiscoAVPair`
ldap_group_map	String	Regex: `^[a-zA-Z0-9_.:-]{1,31}$`	No
tacacs_providers	List	`[tacacs_providers]`	No
ldap_providers	List	`[ldap_providers]`	No
radius_providers	List	`[radius_providers]`	No

tacacs_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

ldap_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

radius_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

Examples

Example 1: In this example we configure a login_domain named yourDomainRadius which adds 2 radius providers with a clear priority to define the order of usage.

apic:
  fabric_policies:
    aaa:
      login_domains:
        - name: yourDomainRadius
          realm: radius
          description: login domain radius
          radius_providers:
            - hostname_ip: 10.10.10.1
              priority: 1
            - hostname_ip: 10.10.10.2
              priority: 2

Example 2: In this example we configure a login_domain named yourDomainTacacs which adds 2 tacacs providers with a clear priority to define the order of usage.

apic:
  fabric_policies:
    aaa:
      login_domains:
        - name: yourDomainTacacs
          realm: tacacs
          description: login domain tacacs
          tacacs_providers:
            - hostname_ip: 11.11.11.1
              priority: 1
            - hostname_ip: 11.11.11.2
              priority: 2

Example 3: In this example we configure the local login domain and add a description to it.

apic:
  fabric_policies:
    aaa:
      login_domains:
        - name: yourLocalDomain
          description: Local Domain
          realm: local

Location in GUI: Admin » AAA » Authentication » AAA

Diagram

Classes

aaa (apic.fabric_policies)

Name	Type	Constraint	Mandatory	Default Value
login_domains	List	`[login_domains]`	No

login_domains (apic.fabric_policies.aaa)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
realm	Choice	`local`, `tacacs`, `ldap`, `radius`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
auth_choice	Choice	`CiscoAVPair`, `LdapGroupMap`	No	`CiscoAVPair`
ldap_group_map	String	Regex: `^[a-zA-Z0-9_.:-]{1,31}$`	No
tacacs_providers	List	`[tacacs_providers]`	No
ldap_providers	List	`[ldap_providers]`	No
radius_providers	List	`[radius_providers]`	No

tacacs_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

ldap_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

radius_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

Examples

apic:
  fabric_policies:
    aaa:
      login_domains:
        - name: tacacs
          realm: tacacs
          description: login domain tacacs
          tacacs_providers:
            - hostname_ip: 1.1.1.1
              priority: 1
        - name: radius
          realm: radius
          description: login domain radius
          radius_providers:
            - hostname_ip: 3.3.3.1
              priority: 1
        - name: ldap
          realm: ldap
          description: login domain ldap
          auth_choice: LdapGroupMap
          ldap_group_map: test-users-map
          ldap_providers:
            - hostname_ip: 2.2.2.2
              priority: 1

Location in GUI: Admin » AAA » Authentication » AAA

Diagram

Classes

aaa (apic.fabric_policies)

Name	Type	Constraint	Mandatory	Default Value
login_domains	List	`[login_domains]`	No

login_domains (apic.fabric_policies.aaa)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
realm	Choice	`local`, `tacacs`, `ldap`, `radius`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
auth_choice	Choice	`CiscoAVPair`, `LdapGroupMap`	No	`CiscoAVPair`
ldap_group_map	String	Regex: `^[a-zA-Z0-9_.:-]{1,31}$`	No
tacacs_providers	List	`[tacacs_providers]`	No
ldap_providers	List	`[ldap_providers]`	No
radius_providers	List	`[radius_providers]`	No

tacacs_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

ldap_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

radius_providers (apic.fabric_policies.aaa.login_domains)

Name	Type	Constraint	Mandatory	Default Value
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
priority	Integer	min: `0`, max: `16`	No	0

Examples

apic:
  fabric_policies:
    aaa:
      login_domains:
        - name: tacacs
          realm: tacacs
          description: login domain tacacs
          tacacs_providers:
            - hostname_ip: 1.1.1.1
              priority: 1
        - name: radius
          realm: radius
          description: login domain radius
          radius_providers:
            - hostname_ip: 3.3.3.1
              priority: 1
        - name: ldap
          realm: ldap
          description: login domain ldap
          auth_choice: LdapGroupMap
          ldap_group_map: test-users-map
          ldap_providers:
            - hostname_ip: 2.2.2.2
              priority: 1