HP Storage Essentials Enterprise Edition Software User Manual
Page 200
Managing Security
162
2.
In the login-handler.xml file, comment out the section that contains
com.appiq.security.server.BasicLoginhandler
, which enables internal
authentication mode. Only one login handler is allowed at a time.
3.
Comment out the
tag as follows:
4.
Uncomment the line containing the class name and login handler type so that it appears as
follows:
5.
Replace directory.hp.com with the IP address or the fully qualified name of your LDAP
server in the login-handler.xml file, as shown in the following example:
where
•
192.168.10.1
is the IP address of the server running LDAP.
• 389 is the port on which LDAP is running on the server.
6.
If you want the password to be saved in the management server database, change the value of
the
Saving the passwords in the management server database allows a user to also log into the
management server if the management server is changed back to local mode. This, however, is
not recommended as it defeats the purpose of externalizing a user's credentials.
The login-handler.xml file contains two sets of
and one for LDAP. Make sure you change the value of the
children of the
7.
If you want the user name to be case sensitive, change the value of the
If you change the value of
to true, the management server
becomes case-sensitive to user names. For example, the management server sees MyUserName
and myusername as different users.
The login-handler.xml file contains two sets of
for AD and one for LDAP. Make sure you also change the value of the
tags that are children of the
8.
Provide the LDAP search base in which you want the management server to look up AD/LDAP
user attributes. Allow no spaces between commas and put in all components of fully qualified
domain name, for example, hds.usa.com would be DC=hds,DC=usa,DC=com.
The search base is used to specify the starting point for the search. It
points to a distinguished name of an entry in the directory hierarchy.
CN=$NAME$,dc=MyCompanyName,dc=COM
or: