Manualshelf

HP 3PAR Command Line Interface Administrator's Manual: HP 3PAR OS 3.1.2 (QR482-96525, September 2013)

ManualsBrandsHP ManualsStorageHP 3PAR StoreServ 7450 2-node Base
21222324252627282930
+ search result DN: cn=hardware,ou=groups,dc=ldaptest,dc=3par,dc=com
+ search result: cn: hardware
+ mapping rule: super mapped to by software
+ rule match: super mapped to by software
+ mapping rule: edit mapped to by engineering
+ rule match: edit mapped to by engineering
+ mapping rule: browse mapped to by hardware
+ rule match: browse mapped to by hardware
user 3paruser is authenticated and authorized
The example above corresponds to Step 6, and shows that 3PARuser is a member of the
following hierarchy of groups:
Engineering
Software
Eng
Golfers
In this example, 3PARuser is not yet authenticated or authorized because 3PARuser’s
group-to-role mapping has not been configured.
Configuring Group-to-Role Mapping Parameters
Once you have configured the group location parameters, you must now decide what role you
wish to assign the users for a given group. To configure group-to-role mapping:
1. Issue the setauthparam <map-param> <map-value> command, where:
<map-param> is one of the following:
super-map—provides Super user rights within the specified group.
service-map—provides Service user rights within the specified group.
edit-map—provides Edit user rights within the specified group.
browse-map—provides Browse user rights within the specified group.
create-map—provides Create user rights within the specified group.
basic_edit-map—provides Basic Edit user rights within the specified group.
3PAR_AO-map—provides 3PAR AO user rights within the specified group.
3PAR_RM-map—provides 3PAR RM user rights within the specified group.
<map-value> is the group to which the user has membership. You can specify multiple
groups with multiple <map-value> arguments.
For Active Directory, the group is displayed as a string of information, as shown in the
following example:
CN=Software,CN=Users,DC=ACME,DC=com
NOTE: The HP 3PAR Management Console (HP 3PAR MC) refers to <map-param> specifiers
as Authorization Groups.
2. Repeat Step 1 above if you wish to assign users a different role for another group to which
that user has membership.
26 Managing User Accounts and Connections