configure identity-management kerberos snooping server
Description
Adds or deletes a Kerberos server to the Kerberos server list.
Syntax Description
ip_address |
Specifies a Kerberos server IP address to add or delete. |
all |
Specifies that all Kerberos server list entries are to be deleted. |
Default
No servers are in the Kerberos server list.
Usage Guidelines
When no servers are configured in the Kerberos server list, the Kerberos snooping feature processes responses from all Kerberos servers, which can expose the system to simulated logins. To avoid this exposure, you can configure a list of up to 20 valid Kerberos servers. When the Kerberos server list contains one or more entries, the switch only processes responses from the Kerberos servers in the list.
Example
The following command adds the Kerberos server at IP address 10.10.10.1 to the Kerberos server list:
* Switch.4 # configure identity-management kerberos snooping add server 10.10.10.1
History
This command was first available in ExtremeXOS 12.4.
Platform Availability
This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.