SVS200 (T1714-96008, June 2006)

44 Overview of LUN Manager

The array performs user authentication by host groups. Therefore, host groups and hosts must have their

own user information for performing user authentication.

When a host attempts to connect to the array, the authentication of hosts phase starts. In this phase, it is

determined whether the host group requires authentication of the host. If the host group does not require

authentication of the host, the host connects to the array without authentication. If the host group requires

authentication of the host, authentication is performed for the host. When the host is successfully

authenticated, processing goes to the next phase.

After authentication of the host succeeds, if the host requires user authentication for the host group that is

connection target, the authentication of host groups phase starts. In this way, host groups and hosts

authenticate with each other, that is, mutual authentication. In the authentication of host groups phase. if

the host does not require user authentication for the host group, the host connects to the array without

authentication of the host group.

The following explains the settings required for user authentication. The settings for authentication of host

groups are needed only when performing mutual authentication.

• Settings for authentication of hosts

•On the array:

Use LUN Manager to specify whether authentication of hosts on each host group is performed. On

a host group that performs authentication, register user information (group name, user name, and

secret) of hosts allowed to connect to the host group. A secret is a password used in CHAP

authentication. When registering user information, you can also enable or disable authentication

on a host basis. For more information, see ”Enabling and disabling authentication of hosts in host

groups” on page 104 and ”Registering a host’s user information on a host group” on page 104.

•On hosts:

Configure the operating system and Fibre Channel host bus adapter driver for authentication by

host groups with CHAP. You must specify the host’s user name and secret used for CHAP. For more

information, see the documentation for the operating system and Fibre Channel host bus adapter

driver in your environment.

• Settings for authentication of ports (required if performing mutual authentication)

•On the array:

Use LUN Manager to specify each host group’s user information (user name and secret). For more

information, see ”Specifying a host group’s user information (when performing mutual

authentication)” on page 107.

•On hosts:

Configure the operating system and Fibre Channel host bus adapter driver for authenticating host

groups with CHAP. You must specify the user name and secret of the host group that is the

connection target. For more information, see the documentation for the operating system and Fibre

Channel host bus adapter driver in your environment.

The next section explains authentication of hosts and host groups.