Before you begin
■
Contact your server administrator for information about the values to be written in
the LDAP, RADIUS, or Kerberos
configuration
file.
If you use LDAP servers, obtain
certification
for the LDAP server
files.
■
Contact your network administrator for information about the network settings.
Procedure
1.
Create a
configuration
file.
The items to specify depend on the protocol you use.
2.
Log in to the SVP and store the following
files
in an easily accessible location.
■
Certificate
(for secure communication)
■
Configuration
file
3.
Open the Windows command prompt on the SVP.
4.
In the folder where the .bat
file
is located, execute the following command
specifying the
configuration
file
path and the
certificate
file
path:
C:\MAPP\wk\Supervisor\MappIniSet>MappSetExAuthConf "C:\auth
\auth.properties" "C:\auth\auth.cer"
5.
After you complete the settings and verify that you can use the authentication and
authorization servers, back up the connection settings for the authentication server.
If the authentication server and the authorization server are unusable even after
you make the settings, the network or the
configuration
file
settings might have a
problem. Contact the server administrator or the network administrator.
Naming a user group in Device Manager - Storage Navigator
When you create a user group in Device Manager - Storage Navigator, you name the
group with the user's
memberOf
attribute value which is found in the Active Directory.
Device Manager - Storage Navigator supports Active Directory nested groups.
After entering the user group name, verify that the user group name that you entered is
registered in the authorization server.
Note:
The domain name (DN) of the user group to be set to Active Directory
must be between 1 and 250 characters. The number of user groups that can
be registered at one time is 20 at maximum.
Caution:
If a user needs to use
different
user groups for
different
purposes,
create local user accounts on Device Manager - Storage Navigator. Do not use
the authorization server.
SMU user authentication
When an SMU user administrator attempts to log in, the user ID/password combination
is sent to the SMU for authentication. For the SMU, authentication means testing the
user ID and password pair, to see if the supplied password matches the stored password
for the supplied user ID. Depending on the SMU
configuration
and the supplied user ID,
the SMU may authenticate the user itself (locally), it may authenticate the user through a
Naming a user group in Device Manager - Storage Navigator
Chapter 5: Setting up security
System Administrator Guide for VSP Gx00 models and VSP Fx00 models
160
Содержание Virtual Storage Platform F400
Страница 18: ......
Страница 30: ...Chapter 1 System administration overview System Administrator Guide for VSP Gx00 models and VSP Fx00 models 30 ...
Страница 202: ...Chapter 8 Configuring audit logs System Administrator Guide for VSP Gx00 models and VSP Fx00 models 202 ...
Страница 362: ...Glossary System Administrator Guide for VSP Gx00 models and VSP Fx00 models 362 ...
Страница 367: ......