HP StorageWorks Storage Mirroring Recover User's Guide (T5437-96008, November 2009)

ManualsBrandsHP ManualsSoftwareHP Storage Mirroring Software Windows Media Kit

641

642

643

644

645

646

647

648

649

650

640 of 739

Security credentials

When a client machine attempts to access a source or target machine running on

Windows, it will attempt to automatically logon to the source or target using the three

methods below.

● The security credentials of the user currently logged into the client machine are

sent to the source or target machine. From the security credentials, the source or

target machine determines if the user is a member of the security groups and if so,

grants the appropriate level of access.

● The last valid set of credentials (credentials previously granting either

Administrator or Monitor level access) used to access each machine is recorded in

the registry of the client machine. If the logon attempt using the credentials of the

user currently logged in fails, a set of credentials is retrieved from the registry and

is sent to the source or target. The source or target checks the validity of the

credentials and determines if the user is a member of one of the security groups

and then grants the appropriate level of access.

Note:

You can disable the feature that maintains the security credentials in the

registry.

● Each valid set of credentials (credentials previously granting either Administrator

or Monitor level access) used by the client application is recorded in a memory-

resident credentials buffer maintained by the client application. If the logon

attempts using the credentials of the user currently logged in or those credentials

stored in the registry fails, a set of credentials is retrieved from the client

application’s credentials buffer and is sent to the source or target. This process is

repeated until a valid set of credentials is found or the credentials buffer is

exhausted.

Note: The credentials buffer is cleared each time the client application is closed.

The client tries each of these three methods until a set of credentials granting

Administrator access is found. If no credentials granting Administrator access are found,

the client attempts to find a set of credentials granting Monitor access. If no credentials

grant Monitor access, the user must manually logon to the source or target by providing a

user name, password, and domain.

Note:

If a user name exists both on the local machine and on the network, Windows

first attempts to login to the machine with the local user name and password

and ignores the domain. If this fails, it then tries to login with the network user

name, password and domain.