Lightweight Directory Access Protocol (Ldap) - IBM TS3310 Maintenance Information

fewest open tape devices and assigns that path to the application. This autonomic
self-optimizing capability is called Load Balancing. The dynamic load balancing
support is designed to optimize resources for devices that have physical
connections to multiple HBAs in the same machine. The device driver is designed
to dynamically track the usage on each HBA as applications open and close
devices, and balance the number of applications using each HBA in the machine.
This may help optimize HBA resources and improve overall performance. Further,
Data Path Failover provides autonomic self-healing capabilities similar to Control
Path Failover, with transparent failover to an alternate data path in the event of a
failure in the primary host-side path.
Data Path Failover is not available on HP-UX at this time.
The Data Path Failover and Control Path Failover features are activated by the
Path Failover license key (Feature Code 1682). .
For additional information, refer to your device driver documentation.

Lightweight Directory Access Protocol (LDAP)

The library now supports the Lightweight Directory Access Protocol (LDAP).
LDAP is the industry standard Internet protocol that provides centralized user
account management. Enabling LDAP allows existing user accounts residing on an
LDAP server to be integrated into the library's current user account management
subsystem. User account information is centralized and shared by different
applications, simplifying user account management tasks.
Administrative users can configure and enable LDAP. Once LDAP is enabled, users
can log into the library using either LDAP or local authentication. To use LDAP
authentication, a user must enter a directory service user name and password and
specify an LDAP domain. To use local authentication, a user must enter only a
local user name and password.
Administrative users can add, delete, and modify only local user account
information. The library web client and operator panel do not allow you to create,
modify, or delete user account information on an LDAP server. This must be done
by the directory service provider. Refer to your server documentation for more
information regarding LDAP user accounts.
LDAP server guidelines
The library supports the Microsoft
Services for Unix
account information in the schema defined by RFC 2307. User password schemes
must be encrypted using UNIX crypt. In addition, User names (uid) and
passwords (userPassword) must be created using lowercase characters to be
compatible with the library. For LDAP users with user privileges, access to library
logical libraries is determined by group assignment on the LDAP server. Groups
must be created on the LDAP server with names that correspond to the library
logical library names. Users with user privileges must be assigned to these groups
on the LDAP server to have access to the corresponding logical libraries on the
library. LDAP users with administrative privileges have access to all logical
libraries and administrative functions and do not need to be assigned to logical
library-related groups on the LDAP server.
Kerberos
2-30
TS3310 Tape Library Maintenance Information
®
Active Directory
®
2.5 is required for this support. The library supports user
®
LDAP server. Windows
®