Manualshelf

Installation Manual

ManualsBrandsHP ManualsSoftwareHP Storage Essentials Standard Edition SRM Software
391392393394395396397398399400
HP Storage Essentials SRM 6.0 Installation Guide 371
3. Comment out the <LoginHandlerType>Default</LoginHandlerType> tag as follows:
<!--LoginHandlerType>Default</LoginHandlerType-->
4. Uncomment the line containing the class name and login handler type so that it appears as
follows:
<LoginHandlerClass>com.appiq.security.server.ActiveDirectoryLoginHandler</L
oginHandlerClass>
<LoginHandlerType>ActiveDirectory</LoginHandlerType>
5. Replace directory.hp.com with the IP address or the fully qualified DNS name of your
primary Domain Controller server in the login-handler.xml file, as shown in the following
example:
<PrimaryServer port="389">192.168.10.1</PrimaryServer>
where
192.168.10.1 is the IP address of the primary Domain Controller server running AD.
389 is the port on which AD is running on the server.
6. Replace directory2.hp.com with the IP address or the fully qualified DNS name of your
secondary Domain Controller server, if available.
<SecondaryServer>192.168.10.2</SecondaryServer>
where 192.168.10.2 is the IP address of the secondary Domain Controller server running
AD.
7. If you want the password to be saved in the management server database, change the value of
the <ShadowPassword> tags to true, as shown in the following example:
<ShadowPassword>true</ShadowPassword>
Saving the passwords in the management server database allows a user to also log into the
management server if the management server is changed back to local mode. This, however, is
not recommended as it defeats the purpose of externalizing a user's credentials.
The login-handler.xml file contains two sets of <ShadowPassword> tags: one for AD
and one for LDAP. Make sure you change the value of the <ShadowPassword> tags that are
children of the <ActiveDirectory> tag.
8. If you want the user name to be case sensitive, change the value of the
<CaseSensitiveUserName> tag to true, as shown in the following example:
<CaseSensitiveUserName>true</CaseSensitiveUserName>
If you change the value of <CaseSensitiveUserName> to true, the management server
becomes case-sensitive to user names. The management server sees MyUserName and
myusername as different users.
IMPORTANT: AD servers are not case sensitive for user names, so changing this tag to
true for AD authentication is not recommended.
The login-handler.xml file contains two sets of <CaseSensitiveUserName> tags: one
for AD and one for LDAP. Make sure you also change the value of the
<CaseSensitiveUserName> tags that are children of the <ActiveDirectory> tag.