beautypg.com

6 about authentication settings, 7 about directory service authentication – HP OneView User Manual

Page 146

background image

Table 6 Action privileges for user roles (continued)

Action privileges for user roles

(C=Create, R=Read, U=Update, D=Delete, Use)

Category

Read only

Backup
administrator

Network
administrator

Server
administrator

Infrastructure
administrator

R

R

CRUD, Use

CRUD, Use

server hardware
types

R

R

CRUD

CRUD, Use

server profiles

R

CRUD, Use

CRUD, Use

server profile
templates

R

CRUD

CR

CRUD

interconnects

R

CRUD

interconnect
domains

R

CRUD

R

CRUD

interconnect
groups

R

R

CRUD

interconnect types

R

CRUD

CRUD

unmanaged
devices

R

CRUD

R

CRUD

uplink sets

R

CRUD, Use

R, Use

CRUD, Use

logical
interconnects

R

CRUD, Use

R, Use

CRUD, Use

logical
interconnects
groups

20.6 About authentication settings

Security is maintained through user authentication and role-based authorization. User accounts
can be local, where the user credentials are stored on the appliance, or they can be in a directory
(Microsoft Active Directory, for example) hosted elsewhere, where the appliance contacts the
designated directory server to verify the user credentials.

When logging in to the appliance, each user is authenticated by the authentication directory
service, which confirms the user name and password. Use the Authentication settings panel to
configure authentication settings on the appliance, which is populated with default values during
first-time setup of the appliance.

To view or make changes to Authentication settings, log in with Infrastructure administrator privileges.
No other users are permitted to change or view these settings.

View and access the Authentication settings by using the UI and selecting
Settings

→Security→Authentication or with the REST APIs.

20.7 About directory service authentication

You can use an external authentication directory service (also called an enterprise directory or
authentication login domain) to provide a single sign-on for groups of users instead of maintaining
individual local login accounts. An example of an authentication directory service is a corporate
directory that uses LDAP (Lightweight Directory Access Protocol).

146

Managing users and authentication