IBM Storwize V7000 Unified Manual page 39

Adding storwize v7000 file modules

Hide thumbs Also See for Storwize V7000 Unified:

Introduction and implementation manual (670 pages)

Problem determination manual (474 pages)

Troubleshooting and maintenance manual (189 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

Table Of Contents

153

page of 153

/ 153
Contents
Table of Contents
Bookmarks

Table of Contents

Controlling access to the root user password:

Your Storwize V7000 Unified runs on a Linux operating system, which has a super

user ID named root. The use of this ID and its password must be tightly controlled.

About this task

IBM requires the password for the root user during service procedures.

While performing a directed service procedure, you must not log onto the Storwize

V7000 Unified system as the root user unless directed to by IBM service or the

service procedure instructions.

Although the data that you must provide in the installation planning worksheet

and in the configuration planning worksheet requires you to provide the password

for the root user, you can provide the password at the time of the service call to

install and configure your machine, or when IBM service personnel arrive to

service your machine.

You have the responsibility to change the root password at whatever interval your

company requires. You also have the following responsibilities:

v Record the password accurately.

v Keep the password information secure.

v Prevent users from logging on as root.

v Make the root password available to IBM service personnel during a service call.

To change the root password, use the chrootpwd command while logged on as root

or a Security Administrator user.

Planning for user authentication:

One of the configuration choices you must plan for is the method of authenticating

and authorizing a client user.

Authentication is the process of verifying the identify of a client user.

Authentication is typically accomplished by verifying a user ID and password.

Authorization is the process of determining the resources that a user is allowed to

access. As an example, a user might have full (read/write/create/delete/execute)

access to files in one directory and no access to another directory.

To use all Storwize V7000 Unified features, an external authentication

infrastructure that supplies the directory of users is required. To allow

interoperability with the Common Internet File System (CIFS) protocol, a user ID

mapping mechanism must be established so that Storwize V7000 Unified can

translate the CIFS user ID into a Network File System (NFS) user identifier (UID),

which Storwize V7000 Unified uses internally.

During Storwize V7000 Unified configuration, a choice among the following

authentication methods is required:

v Microsoft Active Directory (AD)

v Lightweight Directory Access Protocol (LDAP)

v Samba Primary Domain Controller (PDC) - NT4

v Network Information Service (NIS) - NFS NetGroup support

v Microsoft Service For UNIX (SFU)

Chapter 2. Planning for adding file modules

Table of Contents

IBM Storwize V7000 Unified Manual page 39

Related Manuals for IBM Storwize V7000 Unified

Related Products for IBM Storwize V7000 Unified

Table of Contents