HP StorageWorks Storage Mirroring user's guide (T2558-96073, February 2008)
22 - 6
Windows Active Directory
Active Directory, a central component of Windows 200x, manages information about the resources in a networking
environment. The Storage Mirroring service automatically registers with Active Directory when the service starts. Storage
Mirroring servers on the network can be located by the Storage Mirroring heartbeats, by Active Directory, or both. Active
Directory strengthens network security by requiring the user account running the Storage Mirroring service to have specific
privileges.
Disabling Active Directory
From the Management Console, select File, Options if you want to disable Active Directory.
Under Automatic Service Discovery, you can enable either
Active Directory Advertisement, Heartbeat Advertisement, or
both.
Active Directory Advertisement: With this option enabled, only the Storage Mirroring servers registered in Active
Directory will be displayed in the Management Console server tree.
Heartbeat Advertisement: With this option enabled, all Storage Mirroring servers broadcasting Storage Mirroring
heartbeats on the specified port number will be displayed in the Management Console server tree.
Configuring the Storage Mirroring service for Active Directory
The Storage Mirroring service must have privileges to modify Active Directory, if you want to use Active Directory
registration. There are two options for assigning the privileges.
User account—Assign a user account to the Storage Mirroring service and assign the Active Directory privileges to that
user. Complete the first four steps to select the specific account to run the service, and then complete the remaining
steps to assign the required privileges to the account. Refer to your Windows 200x reference guide for the specific
privileges to assign.
Storage Mirroring Active Directory object—Give the computer (or domain computers for all computers within a
domain) read/write access to the Storage Mirroring Instances object in Active Directory.
1. Select Start, Program, Administrative Tools, Active Directory Users and Computers.
2. Verify that Advanced Features is enabled on the View menu so that the System folder is displayed.
3. Expand the System folder and select WinsockServices.
If you have not run the Storage Mirroring service under the domain administrator account or an account with
update privileges for Active Directory, there will be no Storage Mirroring Active Directory instance listed. You
will need to right-click on the
Winsock Services folder to modify the setup for all Active Directory instances.
If you have run the Storage Mirroring service under the domain administrator account or an account with
update privileges for Active Directory,
Storage Mirroring Instances will be listed. You can right-click Storage
Mirroring Instances
to modify the Active Directory setup for the one instance or right-click on the Winsock
Services
folder to modify the setup for all Active Directory instances.
4. Select the Security tab.
5. Click Add and select the specific computer account you are running Storage Mirroring on or Domain Computers
to allow all computers within the domain to update Active Directory.
6. Grant both Read and Write access and click OK.
NOTE: By default, both Active Directory Advertisement and Heartbeat Advertisement are enabled. If both
selections are enabled,
Active Directory Advertisement takes precedence over Heartbeat Advertisement.
NOTE: If your corporate policies require that only the minimum required privileges be supplied, you can
select only the permissions listed below by modifying the
Advanced permissions for the account.
List Contents
Read All Properties
Write All Properties
Read Permissions