Manualshelf

HP Storage Essentials V5.1 Installation Guide Second Edition (Linux Release) (T4283-96055, November 2006)

ManualsBrandsHP ManualsSoftwareHP Storage Essentials SRM File System Viewer 1 TB Tier-2 E-LTU
321322323324325326327328329330
Storage Essentials 5.1 Installation Guide 299
LDAP
The LDAP server requires a distinguished name (DN) and credentials. The DN can be configured,
allowing name substitution and support for multiple DN configurations.
To configure the management server to use LDAP:
1. Before switching to LDAP authentication mode, the management server needs to be configured
with a designated LDAP user through the <AdminAccountName> tag. At startup, the
designated LDAP user is mapped to the built-in “admin” user and overrides it with the LDAP user
information.
IMPORTANT: Make sure the administrator account has already been created in LDAP
before you add it to the login-handler.xml file.
a. On the management server look in one of the following locations:
Windows: %MGR_DIST\Data\Configuration
UNIX systems: $MGR_DIST/Data/Configuration
NOTE: If you want to go back and forth between internal and external (AD/LDAP)
authentication, rename the login-handler.xml file before you modify it. This way you
can easily switch back to internal authentication by changing the file name back to
login-handler.xml.
b. In the login-handler.xml file, change the value of the <AdminAccountName> tag to
the name of a user account in LDAP, as shown in the following example:
<AdminAccountName>Administrator</AdminAccountName>
where Administrator is the name of a user account in LDAP.
2. In the login-handler.xml file, comment out the section that contains
com.appiq.security.server.BasicLoginhandler, which enables internal
authentication mode. Only one login handler is allowed at a time.
<!--LoginHandlerClass>com.appiq.security.server.BasicLoginHandler</LoginHan
dlerClass-->
3. Comment out the <LoginHandlerType>Default</LoginHandlerType> tag as follows:
<!--LoginHandlerType>Default</LoginHandlerType-->
4. Uncomment the line containing the class name and login handler type so that it appears as
follows:
<LoginHandlerClass>com.appiq.security.server.LdapLoginHandler</Login-
HandlerClass>
<LoginHandlerType>LDAP</LoginHandlerType>
5. Replace directory.hp.com with the IP address or the fully qualified name of your LDAP
server in the login-handler.xml file, as shown in the following example:
<Server port="389">192.168.10.1</Server>
where
192.168.10.1 is the IP address of the server running LDAP.