HP Storage Essentials NAS Manager Software User Manual

Page 206

Advertising
background image

Managing Security

174

NOTE:

If you want to go back and forth between internal and external (AD/LDAP)

authentication, rename the login-handler.xml file before you modify it. This way you

can easily switch back to internal authentication by changing the file name back to

login-handler.xml.

b. In the login-handler.xml file, change the value of the <AdminAccountName> tag to

the name of a user account in LDAP, as shown in the following example:

<AdminAccountName>Administrator</AdminAccountName>

where Administrator is the name of a user account in LDAP.

2.

In the login-handler.xml file, comment out the section that contains
com.appiq.security.server.BasicLoginhandler, which enables internal

authentication mode. Only one login handler is allowed at a time.

<!--LoginHandlerClass>com.appiq.security.server.BasicLoginHandler</LoginHan
dlerClass-->

3.

Comment out the

<LoginHandlerType>Default</LoginHandlerType>

tag as follows:

<!--LoginHandlerType>Default</LoginHandlerType-->

4.

Uncomment the line containing the class name and login handler type so that it appears as

follows:

<LoginHandlerClass>com.appiq.security.server.LdapLoginHandler</Login-

HandlerClass>

<LoginHandlerType>LDAP</LoginHandlerType>

5.

Replace directory.hp.com with the IP address or the fully qualified name of your LDAP

server in the login-handler.xml file, as shown in the following example:

<Server port="389">192.168.10.1</Server>

where

192.168.10.1

is the IP address of the server running LDAP.

• 389 is the port on which LDAP is running on the server.

6.

If you want the password to be saved in the management server database, change the value of

the <ShadowPassword> tags to true, as shown in the following example:

<ShadowPassword>true</ShadowPassword>

Saving the passwords in the management server database lets a user still log into the

management server if the management server is changed back to local mode. This, however, is

not recommended as it defeats the purpose of externalizing a user's credentials.
The login-handler.xml file contains two sets of <ShadowPassword> tags: one for Active

Directory and one for LDAP. Make sure you change the value of the <ShadowPassword> tags

that are children of the <LDAP> tags.

7.

If you want the user name to be case sensitive, change the value of the

<CaseSensitiveUserName> tag to true, as shown in the following example:

<CaseSensitiveUserName>true</CaseSensitiveUserName>

If you change the value of

<CaseSensitiveUserName>

to true, the management server

becomes case-sensitive to user names. The management server sees MyUserName and

myusername as different users.

Advertising
This manual is related to the following products:

Storage Essentials Report Designer Software, Storage Essentials Enterprise Edition Software, Storage Essentials Provisioning Manager Software, Storage Essentials Chargeback Manager Software, Storage Essentials Backup Manager Software, Storage Essentials Global Reporter Software, Storage Essentials File System Viewer Software, Storage Essentials Exchange Viewer Software, BladeSystem p-Class Power Distribution

Popular Brands
Popular manuals