Table of Contents
Advertisement
The XCP 1090 firmware was the first XCP release to support the new XSCF
■
command showdateoffset(8). For details, see the man page.
The XCP 1090 firmware was the first XCP release to support the Airflow and
■
Power indicators. For more information, see
"Power Consumption Monitoring" on page
Active Directory and LDAP/SSL
The XCP 1091 release introduced support for the Active Directory and LDAP/SSL
features. Some changes to these features were introduced in the XCP 1092 release.
This section contains the latest information about these features.
Active Directory is a distributed directory service from Microsoft® Corporation.
■
Like an LDAP directory service, it is used to authenticate users.
LDAP/SSL (originally called LDAP over SSL) offers enhanced security to LDAP
■
users by way of Secure Socket Layer (SSL) technology. It uses LDAP directory
service to authenticate users.
Note – For security reasons, XSCF uses only LDAP over SSL to communicate with
an Active Directory server or an LDAP/SSL server.
Active Directory and LDAP/SSL each provide both authentication of user
credentials and authorization of the user access level to networked resources. They
use authentication to verify the identity of users before they can access system
resources, and to grant specific access privileges to users in order to control their
rights to access networked resources.
User privileges are either configured on XSCF or learned from a server based on
each user's group membership in a network domain. A user can belong to more
than one group. Active Directory or LDAP/SSL authenticates users in the order in
which the users' domains are configured. (A user domain is the authentication
domain used to authenticate a user.)
Once authenticated, user privileges can be determined in the following ways:
In the simplest case, users' privileges are determined directly through the Active
■
Directory or LDAP/SSL configuration on the XSCF. There is a defaultrole
parameter for both Active Directory and LDAP/SSL. If this parameter is
configured or set, all users authenticated via Active Directory or LDAP/SSL are
assigned privileges set in this parameter. Setting up users in an Active Directory
or LDAP/SSL server requires only a password with no regard to group
membership.
If the defaultrole parameter is not configured or set, user privileges are
■
learned from the Active Directory or LDAP/SSL server based on the user's group
membership. On XSCF, the group parameter must be configured with the
2
Sun SPARC Enterprise M3000 Server Product Notes for XCP 1092 • May 2010
"Airflow Indicator" on page 4
5.
and
Advertisement
Table of Contents
Need help?
Do you have a question about the Sun SPARC Enterprise M3000 and is the answer not in the manual?
Questions and answers