AurorA Edit SEcurity
SALES
Local and regional sales contacts can be found by visiting
www.grassvalley.com/sales
SuPPort
Local and regional support contacts can be found by visiting
www.grassvalley.com/support
careful configuration is the key to care-
free enjoyment of Aurora edit Security.
inheritance and grouping provide nearly
automatic access control. the Aurora
edit installation manual details how to
set up the security option. Briefly, you
would follow these steps:
Design a security schema appropriate
for your organization
. this is a hierar-
chy similar to that shown in the example
table to describe which users and groups
have access to which assets. this can be
very simple, with just a few users and
groups, or very complex, with hundreds
of users and groups. Active Directory
can support arbitrarily intricate hierar-
chies. Before configuring security on
Aurora edit, most organizations already
have a domain schema designed and
supported by their it departments.
Establish an Active Directory domain
and join the Aurora equipment to the
domain.
organizations often already
have configured domains that may
consist of AD trees or forests, so this
step reduces to the straightforward
task of joining the Aurora machines to
the domain. if the infrastructure does
not already exist, a domain and domain
controller can be configured for the work
cluster that uses Aurora.
Modify service users as necessary
for the domain.
Depending on how
the Aurora equipment was originally
deployed, i.e., depending on whether it
was born onto a workgroup or a domain,
several services, e.g., SmartBins,
Advanced encoder, and conform Server,
may require a user change.
Enable Windows Security on the K2
Summit shared storage system.
the
default deployment of K2 Summit shared
storage is to have Windows Security
disabled. With simple changes to two
configuration files and a system-wide
reboot, the system will reawaken ready
to support permissions. (note: this is not
a destructive change—existing assets
are preserved.)
Set permissions on the file system
according to your schema.
this can be
done efficiently by exploiting the features
of groups and of inheritance. the setting
can be executed on Aurora edit, or by
using any Windows tool that can set
file system permissions on the shared
volume.
the Aurora suite shares media with K2
Summit using a sophisticated system of
hard links. in specifying how permissions
will be set on file system assets, you
must consider the interaction between
Aurora and K2 Summit; there are several
operational approaches you can take. A
common approach establishes mono-
lithic security on the K2 Summit file
system branch such that permissions
for the K2 Summit aspect are controlled
via K2 Summit applications and Apis;
then fine-grained control of the Aurora
aspect is handled through the Aurora
edit application.
Several scenarios worry production organizations that use massive, centralized media storage. Many concerns involve security, for
example, accidental deletion of a substantial number of assets, or inappropriate access to restricted material. Using the Aurora edit
Security feature, you can militate against these misfortunes. to address the large and small scope of similar concerns, Aurora edit
Security provides fine-grain, scalable, Windows Active Directory-compatible control of Aurora assets.
please refer to the
Aurora Edit and LD Installation Manual
for more detail about the Security feature and its configuration.
Configuration
Summary
© Copyright 2011 Grass Valley USA, LLC. All rights reserved. Grass Valley, Aurora, and K2 Summit are trademarks of GVBB Holdings S.a.r.l. All other
tradenames referenced are service marks, trademarks, or registered trademarks of their respective companies. Specifications subject to change without
notice.
SDP-4044M
