Authentication server protocols, Authorization server requirements – HP XP P9500 Storage User Manual

Figure 15 Logging in when an authentication server and an authorization server are used in
combination

You can use the authentication server without knowing the host names and port numbers, if you
register the information of the authentication server as an SRV record in the DNS server. If you
register the multiple numbers of authentication servers to the SRV record, you can determine the
authentication server to be used, based on the priority that has been set in advance.

Authentication server protocols

Authentication servers support the following protocols:

•

LDAP v3 Simple bind authentication

•

RFC2865 compliant RADIUS with PAP and CHAP authentication

•

Kerberos v5

The certificate file formats available for LDAP server setting are:

•

DER-encoded binary X509

•

Base 64 encoded X509

One of following encryption types must be used for the Kerberos server:

Windows

•

AES128-CTS-HMAC-SHA1-96

•

RC4-HMAC

•

DES3-CBC-SHA1

•

DES-CBC-CRC

•

DES-CBC-MD5

Solaris or Linux

•

DES-CBC-MD5

Authorization server requirements

The authorization server must satisfy the following requirements if it works together with the
authentication server:

Prerequisite OS

•

Windows Server 2003

•

Windows Server 2003 R2

•

Windows Server 2008

•

Windows Server 2008 R2

Using an authentication server and authorization server

39