Table 1-2, Table 1-3, Table 1-4 – Dell Emulex Family of Adapters User Manual

Page 297

Advertising
background image

OneCommand Manager Command Line Interface Version 10.2 User Manual

P010067-01A Rev. A

1. Introduction

OneCommand Manager Secure Management

297

Remote management operations between two machines is allowed or denied

depending on the OneCommand Manager secure management status of the machines,

and the domains to which the machines belong. The following tables list the behavior

(assuming appropriate user credentials are used).

* To inform you of an unsecured server that you may want to secure.
** Allowed if the username and password are the same on both domains.

OneCommand Manager Secure Management Configuration
Requirements

For systems to run in the OneCommand Manager secure management environment,

they need to be configured to provide the following two capabilities:

Authentication - On Linux and Solaris, this is done through the PAM interface

and must be configured as follows:

On Solaris, place the correct setting in the “auth” section of the
/etc/pam.d/other

file, or its earlier equivalent, /etc/pam.conf.

Note: For Solaris systems, you must use ‘useradd -G groupname’ for

authentication to work. You cannot use a lowercase ‘g’.

On Linux, it is the /etc/pam.d/passwd file “auth” section, or the

equivalent.

User Group Membership – From the host machine, OneCommand Manager

Secure Management must be able to access the OneCommand Manager group

to which the user belongs. For Linux and Solaris systems, it uses the ‘getgrnam’

and ‘getgrid’ C-library API calls. The equivalent to the API calls can be obtained

Table 1-2 Active Commands: machines on same domain

Remote Server
(Secure)

Remote Server
(Not Secure)

Client (Secure)

Allowed

Denied *

Client (Not Secure)

Denied

Allowed

Table 1-3 Active Commands: machines on different domain

Remote Server
(Secure)

Remote Server
(Not Secure)

Client (Secure)

Denied**

Denied *

Client (Not Secure)

Denied

Allowed

Table 1-4 Passive Commands: machines on any domain

Remote Server
(Secure)

Remote Server
(Not Secure)

Client (Secure)

Allowed

Allowed

Client (Not Secure)

Allowed

Allowed

Advertising
Popular Brands
Popular manuals