Manualshelf

HP Storage Essentials V5.1 Installation Guide Second Edition (Linux Release) (T4283-96055, November 2006)

ManualsBrandsHP ManualsSoftwareHP Storage Essentials SRM Global Report Manager 50 MAP Tier-2 E-LTU
311312313314315316317318319320
Managing Security296
UNIX systems: $MGR_DIST/Data/Configuration
NOTE: If you want to go back and forth between internal and external (AD/LDAP)
authentication, rename the login-handler.xml file before you modify it. This way you
can easily switch back to internal authentication by changing the file name back to
login-handler.xml.
b. In the login-handler.xml file, change the value of the <AdminAccountName> tag to
the name of a user account in Active Directory, as shown in the following example:
<AdminAccountName>domain\PrimaryUser</AdminAccountName>
where PrimaryUser is the name of the user account that is designated as the primary user in
Active Directory.
Keep in mind the following:
For security reasons, it is recommended that the designated user not be the AD Domain
Administrator
If you are using Active Directory, prefix the user name with the domain name, for example:
domain\
PrimaryUser
2. In the login-handler.xml file, comment out the section that contains
com.appiq.security.server.BasicLoginhandler, which enables internal
authentication mode. Only one login handler is allowed at a time.
<!--LoginHandlerClass>com.appiq.security.server.BasicLoginHandler</LoginHan
dlerClass-->
3. Comment out the <LoginHandlerType>Default</LoginHandlerType> tag as follows:
<!--LoginHandlerType>Default</LoginHandlerType-->
4. Uncomment the line containing the class name and login handler type so that it appears as
follows:
<LoginHandlerClass>com.appiq.security.server.ActiveDirectoryLoginHan
dler</LoginHandlerClass>
<LoginHandlerType>ActiveDirectory</LoginHandlerType>
5. Replace directory.hp.com with the IP address or the fully qualified DNS name of your
primary Domain Controller server in the login-handler.xml file, as shown in the following
example:
<PrimaryServer port="389">192.168.10.1</PrimaryServer>
where
192.168.10.1 is the IP address of the primary Domain Controller server running Active
Directory.
389 is the port on which Active Directory is running on the server.
6. Replace directory2.hp.com with the IP address or the fully qualified DNS name of your
secondary Domain Controller server, if available.
<SecondaryServer>192.168.10.2</SecondaryServer>
where 192.168.10.2 is the IP address of the secondary Domain Controller server running
Active Directory.