Manualshelf

3.7.0 HP StorageWorks HP Scalable NAS File Serving Software administration guide - HP Scalable NAS 3.7 for Linux (AG513-96002, October 2009)

ManualsBrandsHP ManualsSoftwareHP StorageWorks Clustered Gateway Device Management Software
211212213214215216217218219220
12 Configure security features
HP Scalable NAS provides the following security features:
Role-Based Security. By default, the root account has full cluster rights and can
perform all HP Scalable NAS operations. You can use the Role-Based Security
feature to create roles that allow or deny other users and groups the ability to
perform specific cluster operations.
An audit trail of cluster operations that change the state or configuration of the
cluster, as well as operations that consume large amounts of system resources.
The audit messages specify both the operation performed and the user who initi-
ated the operation.
User authentication
When HP Scalable NAS is installed, it determines whether the Pluggable
Authentication Modules (PAM) mechanism is configured on the system. If PAM is
installed, a PAM configuration file will be created for the HP Scalable NAS pswebsrv
authentication module, and authentication will be done via the method specified in
the PAM configuration.
If PAM is not installed on the system, authentication will be done with the local shadow
password files.
NOTE:
If PAM is installed after the HP Scalable NAS installation, copy the /etc/opt/
hpcfs/mxauthpw.pam file into the/etc/pam.d/mxauthpw directory, removing
the .pam suffix from the file. HP Scalable NAS will then use PAM for authentication.
Role-based security
When you attempt to perform cluster operations, HP Scalable NAS authenticates
your credentials via PAM to determine the user account and the groups to which you
HP Scalable NAS File Serving Software administration guide 219