Authentication servers support the following protocols:
- LDAPv3 simple bind authentication
- RFC 2865-compliant RADIUS with PAP and CHAP authentication
- Kerberos v5
Note: The authentication server needs to support TLS1.2 as a transfer protocol.
The following root certificate file formats to be set on Device Manager - Storage Navigator are available for LDAP server settings:
- X509 DER format
- X509 PEM format Note:
The root certificate to be set on Storage Navigator must satisfy the following requirements:
- The extended profile fields in the X.509 certificate support the following
items as specified in RFC5280:
- BasicConstraints
- KeyUsage
- SubjectKeyIdentifier
The certificate to be set on the connected server must satisfy the following requirements:
- The extended profile fields in the X.509 certificate
support the following items as specified in RFC5280:
- BasicConstraints
- KeyUsage
- SubjectKeyIdentifier
- The public key of the server certificate must be RSA.
- The extended profile fields in the X.509 certificate support the following
items as specified in RFC5280:
One of the following encryption types must be used for the Kerberos server: