Configuring the users and groups, Local users, 63 viewing the custom key attributes section – HP Secure Key Manager User Manual

Figure 63 Viewing the Custom Key Attributes section
Table 43 Custom Key Attributions section components

Components

Description

Attribute Name

Enter a unique attribute name.

NOTE:

Attribute names can contain alphanumeric characters, hyphens, underscores,

and periods. You cannot include whitespaces in the name. In addition, the first

character of the name must be a letter. Maximum length is 255 characters.

Attribute Value

Enter the value of the attribute. This can contain any printable ASCII characters and

spaces, tab, \n, and \r. Maximum length is 4095 characters.

Edit

Click Edit to alter the selected attribute.

Add

Click Add to add an attribute.

Delete

Click Delete to remove the selected attribute.

Configuring the users and groups

A user directory contains a list of users that may access the keys on your KMS Server, and a list of groups

to which those users belong. The KMS Server can use one of two user directories:

•

A local user directory, where users and groups are defined only on the local device and are not

available to any other SKM.

•

A central server running the Lightweight Directory Access Protocol (LDAP), which enables all

devices to access the same set of users and groups. If you have several SKMs in use, LDAP can

greatly simplify user and group administration.

The KMS Server can either use local user and group authentication or LDAP authentication; it cannot use

both at the same time. You can define which authentication method your KMS Server uses on the Key

Management Services Configuration page in the section KMS Server Authentication Settings. See

KMS

Server Authentication Settings

for more details.

When you configure the KMS Server to use an LDAP user directory instead of the local user directory

(or vice versa), or if you change the LDAP server settings to point to a different user directory, existing

key permissions become invalid if the user and group names no longer exist in the new user directory.

However, if a user or group name appears in both the old and new directories, the new user or group

inherits the key permissions and database user mappings from the old user or group.
The User & Group Configuration page allows you to view, create, and modify the local user and group

directory on the KMS Server. This page contains the following sections:

• Local Users
• Selected Local User
• Custom Attributes
• Local Groups
• Local Group Properties
• User List

126

Using the Management Console