Configuring Group-To-Role Mapping Parameters - HP 3PAR StoreServ 7200 2-node Administrator's Manual

Hp 3par command line interface administrator's manual: hp 3par os 3.1.2 (qr482-96525, september 2013)

Hide thumbs Also See for 3PAR StoreServ 7200 2-node:

Manual (107 pages)

Service manual (66 pages)

Installation and setup manual (35 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

Table of Contents

+ search result DN: cn=hardware,ou=groups,dc=ldaptest,dc=3par,dc=com

+ search result:

+ mapping rule: super mapped to by software

+ rule match: super mapped to by software

+ mapping rule: edit mapped to by engineering

+ rule match: edit mapped to by engineering

+ mapping rule: browse mapped to by hardware

+ rule match: browse mapped to by hardware

user 3paruser is authenticated and authorized

The example above corresponds to

following hierarchy of groups:

◦

Engineering

◦

Software

◦

Eng

◦

Golfers

In this example, 3PARuser is not yet authenticated or authorized because 3PARuser's

group-to-role mapping has not been configured.

Configuring Group-to-Role Mapping Parameters

Once you have configured the group location parameters, you must now decide what role you

wish to assign the users for a given group. To configure group-to-role mapping:

Issue the setauthparam <map-param> <map-value> command, where:

<map-param> is one of the following:

◦

<map-value> is the group to which the user has membership. You can specify multiple

groups with multiple <map-value> arguments.

For Active Directory, the group is displayed as a string of information, as shown in the

following example:

CN=Software,CN=Users,DC=ACME,DC=com

NOTE:

as Authorization Groups.

Repeat

Step 1

that user has membership.

Managing User Accounts and Connections

cn: hardware

super-map—provides Super user rights within the specified group.

service-map—provides Service user rights within the specified group.

edit-map—provides Edit user rights within the specified group.

browse-map—provides Browse user rights within the specified group.

create-map—provides Create user rights within the specified group.

basic_edit-map—provides Basic Edit user rights within the specified group.

3PAR_AO-map—provides 3PAR AO user rights within the specified group.

3PAR_RM-map—provides 3PAR RM user rights within the specified group.

The HP 3PAR Management Console (HP 3PAR MC) refers to <map-param> specifiers

above if you wish to assign users a different role for another group to which

Step

6, and shows that 3PARuser is a member of the

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

3par storeserv 7400 2-node 3par storeserv 7400 4-node 3par storeserv 7450 2-node 3par storeserv 10000

Configuring Group-To-Role Mapping Parameters - HP 3PAR StoreServ 7200 2-node Administrator's Manual

Configuring Group-to-Role Mapping Parameters

Hide quick links:

Troubleshooting

Related Manuals for HP 3PAR StoreServ 7200 2-node

Related Content for HP 3PAR StoreServ 7200 2-node

This manual is also suitable for:

Table of Contents