Manualshelf

3PAR InForm® OS 2.2.4 Concepts Guide (320-200085 Rev B, March 2009)

ManualsBrandsHP ManualsSoftwareHP 3PAR Operating System Software
41424344454647484950
4.7
LDAP Authentication and Authorization
InForm OS Version 2.2.4 3PAR InForm OS Concepts Guide
further where the user’s groups are mapped to system domains. Therefore, the user’s privilege
level within a specific group is carried over to the domain(s) mapped to that group. For
instructions on authorizing LDAP users on systems using Domains, see Chapter 4, Managing
User Accounts and Connections in the InForm OS CLI Administrator’s Manual.
Figure 4-1 illustrates the group-to-domain mapping relationship as follows:
LDAP User 1 has membership to Group B.
Group-to-privilege mapping determines that Group B has edit level privileges.
Group-to-domain mapping establishes a match between Group B and Domain A.
LDAP User 1 has edit privileges over all objects in Domain A.
Figure 4-1. Group-to-Domain Mapping Relationship
LDAP User 1
Group A
Group B
Domain B (D.B)
D.B
Obj1
D.B
Obj2
D.B
Obj3
D.B
Obj4
D.A
Obj1
D.A
Obj2
D.A
Obj3
D.A
Obj4
Domain A (D.A)
Edit-Map