Role management (role authentication order) screen – HP Virtual Connect Flex-10 10Gb Ethernet Module for c-Class BladeSystem User Manual

Virtual Connect users and roles 82

Role Management (Role Authentication Order) screen

Use this screen to specify the authentication services to be used during log in and set the order in which each

authentication method is queried for each role. Role authentication order is followed for role-prefixed logins
only, such as "domain:user1". In the case of an authentication service-prefixed login, such as "radius:user1"

or a default login without a prefix, such as "user1", the login succeeds if credentials are correct and the

authentication service is enabled. This is regardless of what role authentication orders are defined.
By default, VCM queries the authentication services for each role in the following order:

•

Domain: local > ldap > radius > tacacs

•

Network: tacacs > radius > local

•

Server: ldap > local

•

Storage: radius > local

If a method fails, the next method is tried, and so on.
For each role (Domain, Network, Server, and Storage):

1.

Select the checkboxes corresponding to the authentication services to query on user login.

2.

Configure the order of the queries:

a.

Click an authentication service to highlight it.

b.

Click the up and down arrows to set the query order.

3.

Click Apply.

Authentication services that are not selected are not queried, regardless of the order in which they appear.
Clicking another link in the pull-down menu or left navigation tree causes current edits that have not been

applied to be lost.