Manualshelf

10.5 HP StoreVirtual Storage User Guide (AX696-96269, March 2013)

ManualsBrandsHP ManualsStorageHP P4900 G2 6.4TB SSD Storage System
81828384858687888990
3. Click OK on the confirmation window.
4. Click OK to finish.
Using Active Directory for external authentication
Use Active Directory to simplify management of user authentication with HP StoreVirtual Storage.
Configuring Active Directory allows Microsoft Windows domain users to authenticate to HP
StoreVirtual Storage using their Windows credentials, avoiding the necessity of adding and
maintaining individual users in the LeftHand OS software.
Requirements
The HP StoreVirtual Storage Active Directory implementation supports users in multiple domains
that are configured in parent-child trust relationships only, as shown in Table 28 (page 83).
Refer to the Microsoft documentation for Active Directory for more information.
Table 28 Supported and unsupported trust relationships
Unsupported trust relationshipsSupported trust relationship
Intra-forest trusts:Parent-child trusts
Tree-root trusts
Shortcut trusts
Inter-forest trusts:
External trusts
Forest trusts
Realm trusts (trust between Windows and
non-Windows domains)
All storage systems in the management group must be online to configure external
authentication.
You must be logged in as a LeftHand OS administrative user to set up Active Directory the
first time. Subsequently, Active Directory users with the proper permissions can configure and
manage Active Directory groups.
Create or designate an administrative group in the CMC to associate with the Active Directory
group. This group can contain local users as well as the Active Directory users.
Set up the external authentication with the following Active Directory credentials:
Bind user name and password
Active Directory server IP addresses or server names. To use Active Directory server names,
the DNS server in the management group must be one of the DNS servers used in the
Active Directory domain.
Users must use their User Principal Name login, for example, jane.doe@it.acme.net.
Using Active Directory for external authentication 83