Enabling authorization server cooperation, Connecting an authentication server – HP XP RAID Manager Software User Manual
Page 31
Figure 15 A workflow when an authentication server and an authorization server are used in
combination
You can use the authentication server without having awareness of host names and port numbers,
if you register the information of the authentication server to an SRV record in the DNS server. If
you register the multiple numbers of authentication servers to the SRV record, you can determine
the authentication server to be used based on the priority that has been set in advance.
Connecting an authentication server
Procedure 13 To connect authentication and authorization servers:
1.
Click Setting > Environmental Setting > View External Authentication Server Properties.
2.
Click Setup Server to open the Setup Server window.
3.
Select a type of the authentication server to use.
4.
Specify options to connect to the authentication server. If you use more than one authentication
server or an authorization server, specify options for each of the servers.
5.
To test the connection, click Connect Test.
An error message will display if the connection fails.
6.
Click Finish.
7.
Specify a task name and click Apply.
NOTE:
When the authentication server and the authorization server cannot be used even with
the proper settings, a problem might exist in the configuration file setting or the network. Contact
the server administrator or the network administrator.
After you finish setting up the authentication and authorization servers and confirm that you can
use the servers, save a copy of server configurations for connecting the authentication server to a
file. For details on saving a copy, see
“Saving a copy of Remote Web Console configuration files”
.
Enabling authorization server cooperation
Using user groups from the authorization server in Remote Web Console
Create a user group with the same name as the user group shown in the value of the memberOf
attribute for each user in Active Directory. After entering the user group name, click Check and
verify that the entered user group name is registered in the authorization server. Create a user
group for every one of the groups mentioned in a user's memberOf attribute.
For more information on how to create a user group, see
“Creating a new user group” (page 37)
.
Registering the Remote Web Console user group to the authorization server
To register the Remote Web Console user group with the authorization server, set the distinguished
name (DN) of the user group with the same name as the Remote Web Console user group to the
Using authentication server and authorization server
31