HP c-Class manual Role mapping, CN=administrators,OU=groups,DC=example,DC=com

Page 28

Role mapping

Connection and User Mapping configure the way a username is mapped to an LDAP entry. Role Mapping configures the ways in which users are granted roles.

Role Mapping Rules are used to place a user into one or more roles in the HP IO Accelerator Management Tool: User, Device Admin, or Server Admin.

Each role mapping is essentially an LDAP search specification along with a Role. When the search specification is true (returns one or more entries) for a user, then that user is granted the Role.

To create a new role mapping:

1.Click Add Role Mapping.

2.Enter a name for this mapping in the Name field. This name lets you identify the role mapping later if you decide to edit it. For example: Administrators.

3.Enter a DN in the Search Base DN field.

This could be the DN of some container, or a specific DN such as that of a group, for example,

CN=administrators,OU=groups,DC=example,DC=com. The special value ${dn can be used to set the search base DN to the user's LDAP entry. This is useful when creating a role mapping based of the user's attributes, such as memberOf.

4.Enter an LDAP search filter in the Search Filter field.

The search filter can contain the special values ${username,}which is replaced by the name the user logged in with, or ${dn}, which is replaced by the DN of the logged-in user's LDAP entry). For example, a search filter of (member=${dn}) matches true for entries where there is a member attribute that has the logged-in user's DN as a value (common in group entries).

5.Set the Scope.

If the Search Base DN names a specific entry in the LDAP tree, the scope should be Base level; otherwise it should be either Subtree or One level.

6.Choose the Role to be granted to users meeting the search criteria. For example, if the search criteria matches true for users who are listed in and LDAP group entry full of administrators, set the role to Server Admin.

7.Click Add Role Mapping.

Example Role Mappings

Following are some examples of role mappings that might be configured for different LDAP directory deployments:

Members of the Administrator group are in role Server Admin

1.Set the Search Base DN field to the Administrators group entry. For example:

CN=administrators,OU=groups,DC=example,DC=com.

2.Set the Search Filter: (member=${dn})" (typical for AD) or (uniqueMember=${dn}) (typical for non-AD). If you are unsure which attribute holds the members of the group, you can use the search filter

((member=${dn})(uniqueMember=${dn})).

3.Set the Scope to Base level.

4.Set the Role to Server Admin.

Members of the Administrator group are in role Server Admin (alternate AD config)

Adding and editing LDAP providers 28

Image 28
Contents HP IO Accelerator Management Tool User Guide Page Contents Adding and editing Ldap providers HP IO Accelerator Management Tool Introduction to HP IO Accelerator Management ToolLinux WindowsSoftware installation Installing software using LinuxInstalling software using Windows operating systems License agreementSoftware installation Performing searches Software overviewPaging and Refresh Navigating the IO Accelerator Management Tool Overview tab All ioMemory Configuration tabLow level format Update firmware Assign label Attaching mixed attached/detached devices Attach DeviceDetach Device All Cache All HostsAll Clusters Detaching mixed attached/detached devicesAlerts tab Reports tab Settings tab Remote AccessRemote Access Key AgentsDatabase Local AccountsIdentity Providers Changing passwordsRules Subscribers Smtp ServerLabels Settings tab Configure tab DeviceDirectCache Reports tab Device Live tabInfo tab Adding and editing Ldap providers Adding and editing Ldap providersConnection User mapping CN=administrators,OU=groups,DC=example,DC=com Role mappingTest Ldap settings Grant a specific user the Server Admin roleAdding and editing Ldap providers Support and other resources Before you contact HPHP contact information Customer Self RepairRéparation par le client CSR Riparazione da parte del cliente Reparaciones del propio cliente Reparo feito pelo cliente Support and other resources Support and other resources Subscription service For more informationAcronyms and abbreviations Documentation feedback Index Index
Related manuals
Manual 2 pages 46.31 Kb Manual 2 pages 38.27 Kb

c-Class specifications

The HP c-Class is a series of high-performance blade servers designed to optimize space and improve data center efficiency. These compact systems exemplify HP's commitment to delivering powerful computing solutions that are both scalable and manageable. The c-Class offers an array of features, technologies, and characteristics that cater to diverse business needs, ensuring organizations can keep up with the demands of modern computing environments.

At the heart of the HP c-Class architecture is its innovative blade technology, enabling multiple server blades to reside within a single enclosure. This not only conserves physical space in the data center but also reduces energy consumption, ultimately lowering operational costs. The c-Class enclosure supports a variety of HP server blades, which can be tailored to meet specific workload requirements.

One of the standout features of the HP c-Class is its high-density design, allowing organizations to run numerous processors and substantial memory within a compact footprint. The system supports the latest Intel and AMD processors, offering exceptional processing capabilities. With a modular design, businesses can easily scale up resources by adding more blades as demand increases.

In terms of connectivity, the HP c-Class integrates advanced networking options. It includes embedded Ethernet and Fibre Channel switches, facilitating seamless data transfer and communications while ensuring minimal latency. The built-in redundancy features enhance reliability, making it a robust solution for critical applications.

Power and thermal management are key characteristics of the HP c-Class, with Energy Star compliance underscoring its efficiency. Intelligent power management tools allow for real-time monitoring and optimization, further contributing to reduced energy costs.

HP's Integrated Lights-Out (iLO) technology is another significant advantage. This tool provides remote management capabilities, giving IT personnel the ability to monitor the health and performance of the server blades from anywhere. The iLO feature simplifies troubleshooting and enhances system uptime.

Security features are also woven into the fabric of the HP c-Class. With options for advanced authentication and secure boot processes, organizations can protect their critical data and maintain compliance with local regulations.

In summary, the HP c-Class blade server series delivers a compelling combination of high performance, scalability, and manageability. Its advanced technologies cater to a wide range of applications, making it an ideal choice for businesses seeking to enhance their IT infrastructure while keeping costs in check. The c-Class is not just a product; it represents a strategic approach to efficient, high-capacity computing.