Dell EqualLogic PS6210XS EqualLogic Group Manager Administrator s Guide PS Ser - Page 53
About Group-Level Security, Enable or Disable GUI and CLI Access
View all Dell EqualLogic PS6210XS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 53 highlights
6 About Group-Level Security Group Manager supports several strategies to ensure that only the people and applications that have approved credentials can log in to the PS Series group and gain access to your data. Security can be accomplished through the following methods: • Administration accounts - You can assign several predefined levels of administrative accounts to provide individuals with various levels of access to Group Manager's features. To log in to the group, you must have a valid group administration account. Different account types provide different privileges. The default account, grpadmin, provides all privileges. • RADIUS authentication - You can control access to a group and its volumes by using administration accounts to log in to the group. Use a RADIUS authentication server to enable you to centralize account management. • Active Directory/LDAP - You can authenticate administrator sessions using LDAP. You can give group, pool, or volume administrator privileges to individual Active Directory users or to entire Active Directory groups. • SNMP - Simple Network Management Protocol (SNMP) enables read-only access to the group. SAN Headquarters (SAN HQ) uses SNMP to retrieve data from a group. • VDS/VSS access control - Enables Windows VDS and VSS access to the group. You must create at least one VDS/VSS access control policy that matches the access control credentials you configure on the computer by using Remote Setup Wizard or Auto-Snapshot Manager/Microsoft Edition. To control access to data at the volume level, you can enable authentication at the iSCSI level. Enable or Disable GUI and CLI Access 1. Click Group → Group Configuration. 2. Click the Administration tab to open the Access panel. 3. Enable or disable the GUI or CLI access options and network services. 4. Click the Save All Changes icon in the upper-right corner of the Group Configuration window. NOTE: The CLI provides detailed control over the group's use of cryptographic protocols. For more information, see the grpparams crypto-legacy-protocols command in the Dell EqualLogic Group Manager CLI Reference Guide. Switch Administration Authentication Type To switch the authentication type for the group: 1. Click Group → Group Configuration. 2. Click the Administration tab. 3. In the Authentication panel, select either: • Local only - Uses local authentication and local administrator users only. • Active Directory - Uses LDAP authentication, users, and groups in addition to local authentication and administrator accounts. When this option is selected, the LDAP settings button is available. • RADIUS- Uses RADIUS authentication and users in addition to local authentication and administrator accounts. About Administration Accounts Administration accounts provide various levels of access to Group Manager's features. You must have a valid group administration account in order to log into Group Manager and gain access to a group. About Group-Level Security 53