Administrator Guide

ManualsBrandsDell ManualsCompellent (SCStorage SC5020F

121

122

123

124

125

126

127

128

129

130

Example URIs for two servers:

ldap://server1.example.com ldap://server2.example.com:1234

NOTE: Adding multiple servers ensures continued authorization of users in the event of a resource outage. If Storage

Center cannot establish contact with the rst server, Storage Center attempts to connect to the remaining servers in the

order listed.

• In the Directory Server Connection Timeout eld, type the maximum time (in minutes) that Storage Center waits while

attempting to connect to an Active Directory server. This value must be greater than zero.

• In the Base DN eld, type the base distinguished name for the LDAP server. The Base DN is the starting point when searching for

users.

• In the Storage Center Hostname eld, type the fully qualied domain name (FQDN) of the Storage Center.

– For a single-controller Storage Center system, this is the fully qualied host name for the controller IP address.

– For a dual-controller Storage Center system, this is the fully qualied host name for the management IP address.

• In the LDAP Domain eld, type the LDAP domain to search.

7 (Optional) Click Test Server to verify that the Storage Center can communicate with the specied directory servers using the

selected protocol.

8 (Optional) If Transport Layer Security (TLS) is enabled, upload a Certicate Authority PEM le.

a Click Upload Certicate.

b Browse to the location of the PEM le, select the le, and click Open. The Upload TLS Certicate dialog box opens.

NOTE: If you select the wrong PEM le, click Upload Certicate in the Upload TLS Certicate dialog box to select a

new le.

c Click OK to upload the certicate.

9 Click Next.

The Kerberos Settings page opens.

10 (Optional) Select the Enabled checkbox to enable Kerberos authentication.

11 To change any of the Kerberos settings, clear the Auto-Discover checkbox, and then type a new value into that eld.

• Kerberos Domain Realm: Kerberos domain realm to authenticate against. In Windows networks, this is the domain name in

uppercase characters.

• KDC Hostname or IP Address: Fully qualied domain name (FQDN) or IP address of the Key Distribution Center (KDC) to which

Storage Center will connect.

• Password Renew Rate (Days): Number of days before the keytab is regenerated. The default value is 0, which equates to a

password renew rate of 14 days.

12 Click Next.

The Join Domain page opens.

13 Type the user name and password of a domain administrator.

14 Click Next.

The Summary page opens.

15 If you want to change any setting, click Back to return to the previous page.

16 Click Finish.

17 Click OK.

Congure Directory Services Manually

Use the Directory Service Manual Conguration wizard to enter directory service settings manually. Use manual conguration for

OpenLDAP or special Active Directory congurations.

1 If you are connected to a Data Collector, select a Storage Center from the drop-down list in the left navigation pane.

2 Click Summary.

124

Storage Center Maintenance