Before you begin
■
Contact your server administr
ator for information about the values to be written in
the LDAP, RADIUS, or Kerberos conguration le. If you use LDAP servers, obtain
certication for the LDAP server les.
■
Contact your network administr
ator for information about the network settings.
Procedure
1. Create a conguration
le. The items to specify depend on the protocol you use.
2. Log in to the SVP and store the following les in an easily accessible location.
■ Certicate (for secure communication)
■ Conguration
le
3. Open the Windo
ws command prompt on the SVP.
4. In the folder where the .bat le is located, execute the following command
specifying the conguration le path and the certicate le path:
C:\MAPP\wk\Supervisor\MappIniSet>MappSetExAuthConf "C:\auth
\
auth.properties" "C:\auth\auth.cer"
5. After you complete the settings and verify that you can use the authentication and
authorization servers, back up the connection settings for the authentication server.
If the authentication server and the authorization server are unusable even after
you make the settings, the network or the conguration le settings might have a
pr
oblem. Contact the server administrator or the network administrator.
Naming a user group in Device Manager - Storage Navigator
When you create a user group in Device Manager - Storage Navigator, you name the
group with the user's memberOf attribute value which is found in the Active Directory.
Device Manager - Storage Navigator supports Active Directory nested groups.
After entering the user group name, verify that the user group name that you entered is
registered in the authorization server.
Note: The domain name (DN) of the user group to be set to Active Directory
must be between 1 and 250 characters. The number of user groups that can
be registered at one time is 20 at maximum.
Caution: If a user needs to use dierent user groups for dierent purposes,
create local user accounts on Device Manager - Storage Navigator. Do not use
the authorization server.
SMU user authentication
When an SMU user administr
ator attempts to log in, the user ID/password combination
is sent to the SMU for authentication. For the SMU, authentication means testing the
user ID and password pair, to see if the supplied password matches the stored password
for the supplied user ID. Depending on the SMU conguration and the supplied user ID,
the SMU may authenticate the user itself (locally), it may authenticate the user thr
ough a
Naming a user group in Device Manager - Storage Navigator
Chapter 5: Setting up security
System Administrator Guide for VSP Gx00 models and VSP Fx00 models 160
To Next Page
Loading...
Need help?
General
