Administrator Guide

ManualsBrandsDell ManualsAnsible ModulesStorage Manager

251

252

253

254

255

256

257

258

259

260

NOTE: Adding multiple servers ensures continued authorization of users in the event of a resource outage. If Storage

Center cannot establish contact with the rst server, Storage Center attempts to connect to the remaining servers in the

order listed.

• In the Directory Server Connection Timeout eld, type the maximum time (in minutes) that Storage Center waits while

attempting to connect to an Active Directory server. This value must be greater than zero.

• In the Base DN eld, type the base distinguished name for the LDAP server. The Base DN is the starting point when searching for

users.

• In the Relative Base eld, type the Relative Base information. A Relative Base is a list of Relative Distinguished Names (RDN)

prepended to the Base DN, indicating where the controller should be joined to the domain. An RDN contains an attribute and a

value, such as:

OU=SAN Controllers

OU is the attribute, and SAN Controllers is the value.

The following special characters used within an RDN value must be escaped using a backslash:

, + " \ < > ; = / CR and LF

For example:

Relative Base: OU=SAN Controllers

(No escapes necessary)

Relative Base: OU=SAN\+Controllers

(The plus character is escaped)

Relative Base: OU=Buildings A\,B\,C,OU=SAN \+Controllers

(Commas and plus sign are escaped except for the comma

separating the RDNs.)

• In the Storage Center Hostname eld, type the fully qualied domain name (FQDN) of the Storage Center.

– For a single-controller Storage Center system, this is the fully qualied host name for the controller IP address.

– For a dual-controller Storage Center system, this is the fully qualied host name for the management IP address.

• In the LDAP Domain eld, type the LDAP domain to search.

• In the Authentication Bind DN eld, type the Distinguished Name or User Principal Name of the user that the Storage Center

uses to connect to and search the LDAP server.

• In the Authentication Bind Password eld, type the password for the authentication bind Distinguished Name.

7 (Optional) Click Test Server to verify that the Storage Center can communicate with the specied directory servers using the

selected protocol.

8 (Optional) If Transport Layer Security (TLS) is enabled, upload a Certicate Authority PEM le.

a Click Upload Certicate Authority PEM.

b Browse to the location of the PEM le, select the le, and click Select. The Upload TLS Certicate dialog box opens.

NOTE

: If you select the wrong PEM le, click Upload Certicate in the Upload TLS Certicate dialog box to select a

new le.

c Click OK to upload the certicate.

9 Click Next. The Kerberos Settings page opens.

10 (Optional) Select the Enabled checkbox to enable Kerberos authentication.

11 To change any of the Kerberos settings, clear the Auto-Discover checkbox, and then type a new value into that eld.

• Kerberos Domain Realm: Kerberos domain realm to authenticate against. In Windows networks, this is the domain name in

uppercase characters.

• KDC Hostname or IP Address: Fully qualied domain name (FQDN) or IP address of the Key Distribution Center (KDC) to which

Storage Center will connect.

254

Storage Center Maintenance