Ldap administrator server, Ldap administrator server and fips compliance, Ldap administrator server properties section – HP Secure Key Manager User Manual

LDAP Administrator Server

You configure LDAP servers for administrators separately from LDAP servers for users. This allows for

greater flexibility, and simplifies cluster replication, since administrators and users are separately

replicated.
An LDAP account cannot be designated as an administrator if there is already a local administrator

account with the same username. Likewise, a local account cannot be created or renamed with the same

username as an LDAP account which has been designated as an administrator.

NOTE:

LDAP administrators cannot modify LDAP administrator server settings.

LDAP Administrator server and FIPS compliance

If an LDAP Administrator Server is configured, the SKM appliance cannot be in FIPS compliance. On a

FIPS-compliant SKM appliance, configuring the LDAP Administrator Server will take the SKM appliance

out of FIPS compliance. When you try to edit the LDAP Administrator Server on a FIPS-compliant SKM

appliance, the Management Console displays a warning that configuring the LDAP Administrator Server

will take the SKM appliance out of FIPS compliance.
If the device is not in FIPS compliance because an LDAP Administrator Server is currently configured,

clicking “Set FIPS Compliant” on the High Security Configuration page will result in an error. The LDAP

Administrator Server settings must be cleared manually before the device can become FIPS-compliant.

LDAP Administrator Server Properties section

Use the LDAP Administrator Server Properties section to define the basic properties of the LDAP

administrator directory server.

218

Using the Management Console