6 about authentication settings, 7 about directory service authentication – HP OneView User Manual
Page 146
Table 6 Action privileges for user roles (continued)
Action privileges for user roles
(C=Create, R=Read, U=Update, D=Delete, Use)
Category
Read only
Backup
administrator
Network
administrator
Server
administrator
Infrastructure
administrator
R
—
R
CRUD, Use
CRUD, Use
server hardware
types
R
—
R
CRUD
CRUD, Use
server profiles
R
—
—
CRUD, Use
CRUD, Use
server profile
templates
R
—
CRUD
CR
CRUD
interconnects
R
—
—
—
CRUD
interconnect
domains
R
—
CRUD
R
CRUD
interconnect
groups
R
—
—
R
CRUD
interconnect types
R
—
—
CRUD
CRUD
unmanaged
devices
R
—
CRUD
R
CRUD
uplink sets
R
—
CRUD, Use
R, Use
CRUD, Use
logical
interconnects
R
—
CRUD, Use
R, Use
CRUD, Use
logical
interconnects
groups
20.6 About authentication settings
Security is maintained through user authentication and role-based authorization. User accounts
can be local, where the user credentials are stored on the appliance, or they can be in a directory
(Microsoft Active Directory, for example) hosted elsewhere, where the appliance contacts the
designated directory server to verify the user credentials.
When logging in to the appliance, each user is authenticated by the authentication directory
service, which confirms the user name and password. Use the Authentication settings panel to
configure authentication settings on the appliance, which is populated with default values during
first-time setup of the appliance.
To view or make changes to Authentication settings, log in with Infrastructure administrator privileges.
No other users are permitted to change or view these settings.
View and access the Authentication settings by using the UI and selecting
Settings
→Security→Authentication or with the REST APIs.
20.7 About directory service authentication
You can use an external authentication directory service (also called an enterprise directory or
authentication login domain) to provide a single sign-on for groups of users instead of maintaining
individual local login accounts. An example of an authentication directory service is a corporate
directory that uses LDAP (Lightweight Directory Access Protocol).
146
Managing users and authentication