Administrator procedures, Creating an administrator, Deleting an administrator – HP Secure Key Manager User Manual
Page 224: 224 deleting an administrator
Configuration of the LDAP Administrator Server and the first LDAP administrator must be performed
by a local administrator. Thereafter, you can use the LDAP administrator.
If you are using LDAP administrators, we recommend that you enable SSL in the LDAP Administrator
Server settings. This ensures that the connection between the SKM and the LDAP server is secure. If
you do not use SSL, then it is possible that the LDAP administrator passwords will travel in the clear
during authentication, depending on the LDAP server's configuration (such as if the server is set to
use “simple” authentication).
If you use LDAP administrators predominantly, at least one local administrator account must always
exist, and that local administrator must be a High Access Administrator. This local High Access
Administrator is needed in the event that connectivity to the LDAP server is lost, or if all administrator
accounts on the LDAP server are removed or renamed.
Likewise, if you use the Multiple Credentials feature, there must exist at least as many local High
Access Administrators as are needed to perform configuration operations. LDAP administrators are
otherwise fully compatible with the Multiple Credentials feature.
Administrator procedures
The Administrator Configuration page enables you to create and manage administrator accounts.
Creating an administrator
To create an administrator account:
1.
Log in the SKM appliance as an administrator with High Access Administrator access control.
2.
Navigate to the Administrators section on the Administrator Configuration page (Device >
Administrators > Administrators).
3.
Click Create Local Administrator or Create LDAP Administrator.
NOTE:
You must configure the LDAP Administrator Server settings before you can create an LDAP
administrator.
4.
Enter values in the Username, Full Name, Description, and Password fields for Local administrators
or enter the Username for LDAP administrators.
NOTE:
Use the Browse button to access the Select LDAP Username section and select a Username
from the list.
5.
Confirm the password in the Confirm Password field for Local administrators.
6.
Select the access controls for the administrator account.
7.
Click Create.
Deleting an administrator
To delete an administrator account:
Using the Management Console
224