Fujitsu SPARC Enterprise M3000 Product opmerkingen - Pagina 25

Blader online of download pdf Product opmerkingen voor {categorie_naam} Fujitsu SPARC Enterprise M3000. Fujitsu SPARC Enterprise M3000 42 pagina's.
Ook voor Fujitsu SPARC Enterprise M3000: Aan de slag handleiding (8 pagina's), Product opmerkingen (38 pagina's), Veiligheids- en nalevingshandleiding (34 pagina's)

User privileges are either configured on XSCF or learned from a server based on

each user's group membership in a network domain. A user can belong to more than

one group. User domain is the authentication domain used to authenticate a user.

Active Directory authenticates users in the order in which the users' domains are

configured.

Once authenticated, user privileges can be determined in the following ways:

In the simplest case, user's privileges are determined directly through the Active

■

Directory or LDAP/SSL configuration on the XSCF. There is a defaultrole

parameter for both Active Directory and LDAP/SSL. If this parameter is

configured or set, all users authenticated via Active Directory or LDAP/SSL are

assigned privileges set in this parameter. Setting up users in an Active Directory

or LDAP/SSL server requires only a password with no regard to group

membership.

If the defaultrole parameter is not configured or set, user privileges are learned

■

from the Active Directory or LDAP/SSL server based on the user's group

membership. On XSCF, the group parameter must be configured with the

corresponding group name from the Active Directory or LDAP/SSL server. Each

group has privileges associated with it which are configured on the XSCF. A

user's group membership is used to determine the user's privileges once

authenticated.

Three types of groups can be configured: administrator, operator, and custom. To

configure an administrator or operator group, only group name is required.

An administrator group has platadm, useradm, and auditadm privileges

associated with it. An operator group has platop, and auditop privileges

associated with it. To configure a custom group, both group name and privileges are

required. For each type of group, up to five groups can be configured. A user

assigned to more than one group receives the sum of all privileges associated with

those groups.

To support these new features, two new configuration screens (Active Directory

and LDAP/SSL) have been added to the Settings menu of the XSCF Web. Remote

users can log in and use the XCSF Web once they have been authenticated by Active

Directory or LDAP/SSL.

Note – If you are an Active Directory or LDAP/SSL user, do not upload a public

key. If one has already been uploaded, use the following command to delete it:

XSCF> setssh -c delpubkey -a -u proxyuser

If you are an Active Directory or LDAP/SSL user, be sure to log in to the XSCF

network through the SSH service by the authentication not with the user public key

but with the password.

Information About Software