Manualshelf

HP Storage Essentials V5.1 Installation Guide Second Edition (Linux Release) (T4283-96055, November 2006)

ManualsBrandsHP ManualsSoftwareHP Storage Essentials Storage Resource Management Backup Mgr 1 TB Tier-2 E-LTU
311312313314315316317318319320
Storage Essentials 5.1 Installation Guide 295
When a user attempts to log into the management server, the management server authenticates the
user name and password against AD/LDAP for credential verification. If AD/LDAP verifies this user
has the correct credentials, the management server allows this user access to the application.
Keep in mind the following:
The login-handler.xml file contains configuration information for Active Directory and
LDAP. It is important you enable either Active Directory or LDAP. You cannot enable both.
If you want to go back and forth between internal and external (AD/LDAP) authentication,
rename the login-handler.xml file before you modify it. This way you can easily switch
back to internal authentication by changing the file name back to login-handler.xml.
To use AD/LDAP to authenticate your users, complete the following sections:
Step 1 - Configure the Management Server to Use Active Directory or LDAP” on page 295
Step 2 - Restart the AppStorManager Service and Login as the Designated Admin Account” on
page 302
Step 3 - Add Users to the Management Server” on page 303
Step 4 - Provide Login Information to Your Users” on page 303
Step 1 - Configure the Management Server to Use Active Directory or LDAP
You must modify the login-handler.xml file if you want to use Active Directory/LDAP. How you
modify the login-handler.xml file depends on whether you plan to use LDAP or Active
Directory.
See the one of the following sections depending on whether you want to use Active Directory or
LDAP:
Active Directory” on page 295
LDAP” on page 298
Active Directory
Active Directory allows by default connections with domain\username, instead of the distinguished
name (DN) used by a generic LDAP server. However, you can use the generic LDAP server setup to
authenticate with Active Directory, as described in ”LDAP” on page 298.
To specify the management server to use Active Directory, do the following:
1. Before switching to Active Directory (AD) authentication mode, the management server needs to
be configured with a designated Active Directory user and other AD specific credentials. At
startup, the designated Active Directory user is mapped to the built-in “admin” user and
overrides it with the Active Directory user information.
IMPORTANT: Make sure the administrator account has already been created in Active
Directory before you add it to the login-handler.xml file.
a. On the management server look in one of the following locations:
Windows: %MGR_DIST\Data\Configuration