Kerberos settings – HP XP7 Storage User Manual
Page 198
Kerberos Settings
The following table describes the fields and settings in the Setup Server section of Kerberos window.
Description
Item
Specify whether to search for the Kerberos server using the information registered in the
SRV records in the DNS server.
DNS Lookup
•
Enable: Performs the search using information registered in the SRV records in the
DNS server.
•
Disable: Performs the search using the host name and the port number.
Specify a default realm name.
Realm Name
You can specify ASCII code characters and hyphens (-).
Specify a host name of the Kerberos server.
Host Name
You can specify ASCII code characters, hyphens (-), and periods (.).
If you select Enable in DNS Lookup, this item is disabled.
Specify a port number of the Kerberos server.
Port Number
If you select Enable in DNS Lookup, this item is disabled.
Specify an acceptable range of time difference between the SVP and the Kerberos server.
Clock Skew
Specify the number of seconds before connection to the Kerberos server times out.
Timeout
Specify whether to use a secondary Kerberos server.
Secondary Server
•
Enable: Uses the secondary server.
•
Disable: Does not use the secondary server.
If you specify Enable in DNS Lookup, this item is disabled.
Specify a name of the secondary Kerberos server.
Secondary Server - Host
Name
You can specify ASCII code characters, hyphens (-), and periods (.).
If you select Enable in DNS Lookup, or if you select Disable in Secondary Server, this
item is disabled.
Specify a port number of the secondary Kerberos server.
Secondary Server - Port
Number
If you select Enable in DNS Lookup, or if you select Disable in Secondary Server, this
item is disabled.
Specify whether to connect an authentication server to an authorization server.
External User Group
Mapping
•
Enable: Connects an authentication server to an authorization server.
•
Disable: Does not connect an authentication server to an authorization server.
Specify a certificate file. Click Browse to find the file.
External User Group
Mapping - Certificate File
Name
If you select Disable in External User Group Mapping, this item is disabled.
Specify an LDAP protocol to use. Available protocols are:
External User Group
Mapping - Authentication
Protocol
•
LDAP over SSL/TLS
•
STARTTLS
If you select Enable in DNS Lookup, you cannot select LDAP over SSL/TLS.
If you select Disable in External User Group Mapping, this item is disabled.
Specify a port number of the LDAP server.
External User Group
Mapping - Primary Port
Number
If you select Enable in DNS Lookup, or if you select Disable in External User Group
Mapping, this item is disabled.
198 Remote Web Console user management GUI reference