HP BladeSystem bc2000 Administrator's Guide HP Session Allocation Manager (HP - Page 66
Steps, Policies, User and Roles, Manage resource roles, Manage users, Security Group
View all HP BladeSystem bc2000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 66 highlights
The HP SAM hierarchical policy has 5 levels: ● Global ● Role ● OU (organizational unit) ● Security Group ● User Steps: 1. Create or update the policy in the Policies tab. To update an existing policy, click the policy name hyperlink. 2. Assign the policy: ● to the role (User and Roles > Manage resource roles) ● to a user, OU, or Security Group (User and Roles > Manage users) HP SAM always creates the Global Policy. This policy applies to all user connections. The default sets the Auto Reconnect box to Off. This ensures multiple users do not attempt to log in to the same blade at the same time. When a network failure or something similar occurs, the user may unknowingly have been logged off that resource, depending on the network and AD group policy settings. HP SAM may allocate that computing resource to another user. If the auto-reconnect feature is turned on, the original user reconnects to this computing resource, which could potentially have been allocated to another person. If this is not a concern, then change Auto Reconnect to an appropriate value. Table 4-1 Effective Hierarchical Policy Example Parameter Global Role OU SG1 SG2 User Effective P1 ON Not Assigned Not Assigned Not Assigned Not Assigned Not Assigned ON 1P2 ON OFF Not Assigned Not Assigned Not Assigned Not Assigned OFF P3 ON OFF ON OFF Not Assigned Not Assigned OFF 2P4 ON/No OFF Not Assigned Not Assigned Not Assigned Not Assigned ON Overrides Allowed P5 ON/No OFF/No Not Assigned Not Assigned Not Assigned Not Assigned ON Overrides Overrides Allowed Allowed 3P6 ON OFF ON OFF ON Not Assigned OFF 1 The order of policy assignment is User (highest) > Security Group > OU > Role > Global Policy (lowest). Individual parameters assigned at the User level override parameters set at the Group level, and so forth. Note that Parameter P2 is set at ON at the Global level, but is overridden by the OFF setting at the higher Role level, leaving an effective setting of OFF. 2 No Overrides Allowed can be set at any level to prevent override by parameters set at higher levels. Note that the No Overrides Allowed setting ON for Parameter P4 at the lowest Global level overrides the OFF setting at the higher Role level. 3 At the Security Group level, HP SAM checks all Security Groups in alphanumeric order and uses the policy, if any, in the first Security Group encountered. Note that Security Group 1 is the first Security Group encountered, so the OFF setting for Security Group 1 leaves Parameter P6 with an effective setting of OFF, and the ON setting for Security Group 2 is ignored. 58 Chapter 4 Administration