Connecting Authentication And Authorization Servers - Hitachi VSP G200 System Administration Manual

If you search for a server using information registered in the SRV records in
the DNS server, confirm that the following conditions are satisfied:
Note: For RADIUS servers, you cannot use the SRV records.
LDAP server conditions:
• The environmental setting for the DNS server is completed at the
• The host name, the port number, and the domain name of the LDAP
Kerberos server conditions:
• The host name, the port number, and the domain name of the
• You cannot use the SRV records on a RADIUS server.
Because UDP/IP is used to access the RADIUS server, no encrypted
communications are available, such as negotiations between processes. To
access the RADIUS server in a secure environment, encryption in the packet
level is required, such as IPsec.

Connecting authentication and authorization servers

To use an authentication server and an authorization server, you must create
configuration files and configure your network. Detailed setting information is
required for the authentication server and the authorization server, especially
for creating a configuration file.
Before you begin
• Contact your server administrator for information about the values to be
written in the LDAP, RADIUS, or Kerberos configuration file. If you use
LDAP servers, obtain certification for the LDAP server files.
• Contact your network administrator for information about the network
settings.
Procedure
1. Create a configuration file. The items to specify depend on the protocol
you use.
2. Log in to the SVP and store the following files in an easily accessible
location.
• Certificate (for secure communication)
• Configuration file
3. Open the Windows command prompt on the SVP.
System Administrator Guide for VSP Gx00 models and VSP Fx00 models
LDAP server.
server are registered in the DNS server.
Kerberos server are registered in the DNS server.
Setting up security 227