Setting up authentication and authorization with Device Manager - Storage Navigator

System Administrator Guide for VSP E990 and VSP G130, G/F350, G/F370, G/F700, G/F900

Version
88-06-0x
Audience
anonymous
Part Number
MK-97HM85028-08

An authentication server enables users to log in to Device Manager - Storage Navigator with the same password as the password that they use for other applications. The authentication server must be configured for each user.

Note: If you use the SVP, enable the authentication by the SVP and disable the external authentication by the Maintenance Utility. For how to disable the external authentication by the Maintenance Utility, see Disabling external authentication.

The following figure shows the login workflow without an authentication server:



The following figure shows the login workflow with an authentication server:



If an authorization server works together with an authentication server, the user groups that are registered in the authorization server can be assigned to a user for Device Manager - Storage Navigator.

The following figure shows the login workflow when an authentication server and an authorization server are used in combination:



You can use the authentication server without knowing the host names and port numbers, if you register the information of the authentication server as an SRV record in the DNS server. If you register multiple numbers of authentication servers to the SRV record, you can determine the authentication server to be used, based on the priority that has been set in advance.

If the affiliated user group registered in the external authentication server and the user group registered locally in the storage system are different, the user group in the storage system has higher priority.