Configuring Xscf For Active Directory Support - Sun Microsystems SPARC Enterprise M8000 Product Notes
Xcp version 1091
Hide thumbs
Also See for SPARC Enterprise M8000:
- Product notes (50 pages) ,
- Manual (4 pages) ,
- Reference manual (506 pages)
Table of Contents
Advertisement
Once authenticated, user privileges can be determined in the following ways:
In the simplest case, users' privileges are determined directly through the Active
■
Directory or LDAP over SSL configuration on the XSCF. There is a defaultrole
parameter for both Active Directory and LDAP over SSL. If this parameter is
configured or set, all users authenticated via Active Directory or LDAP over SSL
are assigned privileges set in this parameter. Setting up users in an Active
Directory or LDAP over SSL server requires only a password with no regard to
group membership.
If the defaultrole parameter is not configured or set, user privileges are learned
■
from the Active Directory or LDAP over SSL server based on the user's group
membership. On XSCF, the group parameter must be configured with the
corresponding group name from the Active Directory or LDAP over SSL server.
Each group has privileges associated with it which are configured on the XSCF. A
user's group membership is used to determine the user's privileges once the user
is authenticated.
Three types of groups can be configured: administrator, operator, and custom. To
configure an administrator or operator group, only group name is required.
An administrator group has platadm, useradm, and auditadm privileges associated
with it. An operator group has platop, and auditop privileges associated with it. To
configure a custom group, both group name and privileges are required. For each
type of group, up to five groups can be configured. A user assigned to more than
one group receives the sum of all privileges associated with those groups.
To support these new features, two new configuration screens, Active Directory and
LDAP over SSL, have been added to the Settings menu of the XSCF Web. Remote
users can log in and use the XSCF Web once they have been authenticated by Active
Directory or LDAP over SSL.
Configuring XSCF for Active Directory Support
The commands setad(8) and showad(8) let you set and view the Active Directory
configuration from the command line.
By default, Active Directory support is disabled. To enable Active Directory support,
use the following command:
XSCF> setad enable
To disable Active Directory support, use the following command:
XSCF> setad disable
Chapter 1
Sun SPARC Enterprise M8000/M9000 Servers Product Notes for XCP 1091
3
Advertisement
Table of Contents
Related Manuals for Sun Microsystems SPARC Enterprise M8000
Related Products for Sun Microsystems SPARC Enterprise M8000
- Sun Microsystems Sun SPARC Enterprise M3000
- Sun Microsystems Sun SPARC Enterprise M4000
- Sun Microsystems Sun SPARC Enterprise M5000
- Sun Microsystems Sun SPARC Enterprise M900
- Sun Microsystems Ethernet MMF/UTP Adapter
- Sun Microsystems SPARCstation 5 Model 110
- Sun Microsystems MCS 2000 SL
- Sun Microsystems MEA 1500 SL
Need help?
Do you have a question about the SPARC Enterprise M8000 and is the answer not in the manual?