Manualshelf

White Papers

ManualsBrandsDell ManualsConverged InfrastructureStorage Solution Resources
11121314151617181920
Using Windows Active Directory For Account Authentication to PS Series Groups 7
Figure 6: Adding Remote Access Permissions (Mixed mode domain)
Creating Network Policies on the NPS Server
A network policy applies to a user profile (in Active Directory) and tells the RADIUS
server what type of privilege to grant a user who attempts to log in to a PS Series
group. You must create a network policy for each type of account configured on the
PS Series group. All PS Series Firmware versions support group administrator full access
and read-only accounts.
When the user is authenticated, the policy also specifies the authentication information
to return from the RADIUS server to the PS Series group. For example, it indicates
whether the user is a group administrator or a pool administrator, and which pools
they are allowed to manage.
Pool administrators can manage the objects in their designated pools, and optionally
can have read-only permission on all other objects in the group (members, pools, and
volumes). Volume administrators can manage a specific amount of storage or quota
value in a designated pool. For more information on pool administrators, see the
Group Administration guide.
Table 1 list some of the most common used attribute values for network policies as
well as new values introduced in PS Series firmware v5.0.x. For a complete list of all
supported attribute values and PS Series firmware requirements see Table 2 in Creating
Additional Network Policies Using Optional VSAs.