White Papers
Using Windows Active Directory For Account Authentication to PS Series Groups 20
Attribute Value
0 = Global Admin, 1=Pool Admin
only, 2=Pool Admin with group read
access, 3=Volume Admin
higher
Value 3 – Version
5.0.x
EQL-Pool-
Access
Attribute
Number
7
Version 3.2 and
higher
*Use unlimited to
set an unlimited
quota for the pool,
(example: Pool1
unlimited). If no
unit is specified,
the default
capacity unit is
MB.
Attribute
Format (Syntax)
String (Max. length: 247)
Attribute Value
Value is the pool name.
The quota for volume administration
accounts is expressed as
PoolName
Quota
, with G and M appended to
the quota representing GB and MB,
respectively. For example: Pool1
25G sets the quota for Pool1 to 25GB
and Pool1 500M sets a quota of
500MB.
EQL-
Replication-
Site-Access
Attribute
Number
8
Version 5.0 and
higher
Attribute
Format (Syntax)
String (Max. length: 249)
Attribute Value
Indicating a comma-separated list of
replication site names
EQL-Admin-
Account-Type
Attribute
Number
9
Version 5.0 and
higher
*To create a read-
only account, set
the EQL-Admin
value to 0 and the
EQL_Admin-
Account-Type to
RO.
Attribute
Format (Syntax)
String (Max. length: 249)
Attribute Value
RO or RW - Indicating whether the
account is read-only or read-write
CONFIGURING RADIUS FOR ISCSI AUTHENTICATION TO PS SERIES GROUPS
CHAP, Challenge-Handshake Authentication Protocol can also be used for
authentication with RADIUS clients to a PS Series group. This is useful for controlling
standard iSCSI authentication to PS Series volumes through Active Directory services.
Using iSCSI authentication with RADIUS requires passwords to be stored using
reversible encryption. This setting may need to be changed for the domain policy
using the Group Policy editor for the domain profile. Once in the group policy editor
navigate to Computer Configuration – Windows Settings – Security Settings – Account
Policies – Password Policy and enable this setting for the domain group policy.