Add directory server

To configure authentication for Access Management, you establish communications between an LDAP server and the host running the Web Services Proxy for ThinkSystem SAN Manager . You then map the LDAP user groups to the local user roles.

Before you begin

About this task

Adding a directory server is a two-step process. First you enter the domain name and URL. If your server uses a secure protocol, you also must upload a CA certificate for authentication if it is signed by a non-standard signing authority. If you have credentials for a bind account, you also can enter your user account name and password. Next, you map the LDAP server's user groups to local user roles.

  1. Select Access Management .
  2. From the Directory Services tab, select Add Directory Server .
    The Add Directory Server dialog box opens.
  3. In the Server Settings tab, enter the credentials for the LDAP server.

  4. Click the Role Mapping tab.
  5. Assign LDAP groups to the predefined roles. A group can have multiple assigned roles.

    Note: The Monitor role is required for all users, including the administrator.
  6. If desired, click Add another mapping to enter more group-to-role mappings.
  7. When you are finished with the mappings, click Add .
    The system performs a validation, making sure that the storage array and LDAP server can communicate. If an error message appears, check the credentials entered in the dialog box and re-enter the information if necessary.