Table 6 Action privileges for user roles (continued)

Category

 

 

Action privileges for user roles

 

 

 

(C=Create, R=Read, U=Update, D=Delete, Use)

 

 

Infrastructure

Server

Network

Backup

Read only

 

administrator

administrator

administrator

administrator

 

server hardware

CRUD, Use

CRUD, Use

R

R

types

 

 

 

 

 

server profiles

CRUD, Use

CRUD

R

R

server profile

CRUD, Use

CRUD, Use

R

templates

 

 

 

 

 

interconnects

CRUD

CR

CRUD

R

interconnect

CRUD

R

domains

 

 

 

 

 

interconnect

CRUD

R

CRUD

R

groups

 

 

 

 

 

interconnect types

CRUD

R

R

unmanaged

CRUD

CRUD

R

devices

 

 

 

 

 

uplink sets

CRUD

R

CRUD

R

logical

CRUD, Use

R, Use

CRUD, Use

R

interconnects

 

 

 

 

 

logical

CRUD, Use

R, Use

CRUD, Use

R

interconnects

 

 

 

 

 

groups

 

 

 

 

 

20.6 About authentication settings

Security is maintained through user authentication and role-based authorization. User accounts can be local, where the user credentials are stored on the appliance, or they can be in a directory (Microsoft Active Directory, for example) hosted elsewhere, where the appliance contacts the designated directory server to verify the user credentials.

When logging in to the appliance, each user is authenticated by the authentication directory service, which confirms the user name and password. Use the Authentication settings panel to configure authentication settings on the appliance, which is populated with default values during first-time setup of the appliance.

To view or make changes to Authentication settings, log in with Infrastructure administrator privileges. No other users are permitted to change or view these settings.

View and access the Authentication settings by using the UI and selecting

SettingsSecurityAuthentication or with the REST APIs.

20.7 About directory service authentication

You can use an external authentication directory service (also called an enterprise directory or authentication login domain) to provide a single sign-on for groups of users instead of maintaining individual local login accounts. An example of an authentication directory service is a corporate directory that uses LDAP (Lightweight Directory Access Protocol).

146 Managing users and authentication

Page 146
Image 146
HP OneView manual About authentication settings, About directory service authentication