HP XP P9000 Command View Advanced Edition Suite Software 7.6.1-00 Administrator Guide

ManualsBrandsHP ManualsSoftwareHP XP Array Manager Enterprise Media Kit

121

122

123

124

125

126

127

128

129

130

NOTE:

• When a P9000 Command View AE Suite product is in operation, to switch to the system config-

uration linked to an external authorization server, delete user any ID that has the same name with

the ID registered in Common Component, or change the user name. If the same user name is re-

gistered, when the user logs in to a P9000 Command View AE Suite product, the user is authen-

ticated in Common Component (internal authentication).

• In Replication Manager, All Resources is automatically assigned as a resource group to users

who belong to authorization groups. If the Modify permission is set for authorization groups, the

Storage Administrator user role is assigned to the users that belong to the authorization groups.

The user role cannot be changed.

• Users who belong to nested groups of a registered authorization group can now also use P9000

Command View AE Suite products via the roles (permissions) set for the authorization group.

• To use StartTLS to communicate between the LDAP directory server and the management server,

you need to set up an environment specifically for this purpose to ensure secure communications.

Related topics

• Account conditions for P9000 Command View AE Suite products, page 123

• About the data structures of user entries, page 123

• Registering an external authentication server and an external authorization server, page 126

• About a LDAP search user account, page 149

• Checking connections to an external authentication server and an external authorization serv-

er, page 154

• Secure communication for Device Manager and Tiered Storage Manager, page 162

• Operations on a management client: HP P9000 Command View Advanced Edition Suite Software

User Guide or HP P9000 Replication Manager Software User Guide

Account conditions for P9000 Command View AE Suite products

User accounts (user IDs and passwords) for P9000 Command View AE Suite products must consist

of characters that can be used in both the external authentication server and P9000 Command View

AE Suite products.

Set user accounts so that they satisfy the following conditions:

• They are within 256 bytes.

• They use no characters other than the following:

A to Z

a to z

0 to 9

! # $ % & ' ( ) * + - . = @ \ ^ _ |

In P9000 Command View AE Suite products, user IDs are not case-sensitive. The combination of

character types for passwords must follow the settings in the external authentication server.

About the data structures of user entries

There are two data structures of user entries for an LDAP directory server: the hierarchical structure

model and the flat model.

Administrator Guide 123