- Notes, cautions, and warnings
- Overview of Unisphere
- Functionality supported by each OS type
- Capacity information
- Understanding resource usage
- Login authentication
- Understanding the system health score
- Manage jobs
- Unisphere for PowerMax alert monitoring recommendations
- Alerts
- Server alerts
- Understanding licenses
- Understanding user authorization
- Individual and group roles
- Roles
- User IDs
- Roles and associated permissions
- Roles for performing local and remote replication actions
- RBAC roles for SRDF local and remote replication actions
- RBAC roles for TimeFinder SnapVX local and remote replication actions
- Storage Management
- Understanding storage groups
- Understanding data reduction
- Understanding service levels
- Performance Impact
- Understanding storage templates
- Understanding Storage Resource Pools
- Understanding volumes
- Understanding disk groups
- Host Management
- Understanding hosts
- Understanding masking views
- Understanding port groups
- Understanding initiators
- Understanding PowerPath hosts
- Understanding mainframe management
- Data protection management
- Understanding Snapshot policy
- Understanding SRDF/Metro Smart DR
- Manage remote replication sessions
- Understanding SRDF groups
- Understanding migration
- Understanding Virtual Witness
- Understanding Open Replicator
- Open Replicator session options
- Understanding device groups
- Understanding TimeFinder/Mirror sessions
- Understanding TimeFinder SnapVX
- Understanding Performance Management
- Understanding Unisphere support for VMware
- Understanding eNAS
- Understanding iSCSI
- Understanding NVMe/TCP
- Understanding PowerMax File for storage systems
- Understanding serviceability
- Understanding PowerMax software system profiles and compliance
- Unisphere for PowerMax localized for Japanese market
- Where to get help
Dell Unisphere for PowerMax 10.0.1 Product Guide
User IDs
Users and user groups are mapped to their respective roles by IDs.
These IDs consist of a three-part string in the form:
Type:Domain\Name
Where:
- Type—Specifies the type of security authority that is used to authenticate the user or group. Possible types are:
- L—Indicates a user or group that LDAP authenticates. In this case, Domain specifies the domain controller on the LDAP server. For example:
L:danube.com\Finance
Indicates that user group Finance logged in through the domain controller danube.com
- C—Indicates a user or group that the Unisphere server authenticates. For example:
C:Boston\Legal
Indicates that user group Legal logged in through Unisphere server Boston
- H—Indicates a user or group that is authenticated by logging in to a local account on a Windows host. In this case, Domain specifies the hostname. For example:
H:jupiter\mason
Indicates that user mason logged in on host jupiter
- D—Indicates a user or group that is authenticated by a Windows domain. In this case, Domain specifies the domain or realm name. For example:
D:sales\putman
Indicates that user putman has logged in through a Windows domain sales.
- L—Indicates a user or group that LDAP authenticates. In this case, Domain specifies the domain controller on the LDAP server. For example:
- Name—specifies the username relative to that authority. It cannot be longer than 32 characters, and spaces are allowed if delimited with quotes. Usernames can be for individual users or user groups.
Within role definitions, IDs can be either fully qualified (as shown above), partially qualified, or unqualified. When the Domain portion of the ID string is an asterisk (*), the asterisk is treated as a wildcard, meaning any host or domain.
The Domain portion of the ID must be fully qualified when configuring group access.
For example:
- D:ENG\jones—Fully qualified path with a domain and username (for individual domain users)
- D:ENG.xyz.com\ExampleGroup—Fully qualified domain name and group name (for domain groups)
- D:*\jones—Partially qualified that matches username jones with any domain
- H:HOST\jones—Fully qualified path with a hostname and username
- H:*\jones—Partially qualified that matches username jones within any host
- jones—Unqualified username that matches any jones in any domain on any host
If a user is matched by more than one mapping, the user authorization mechanism uses the more specific mapping. If an exact match (for example, D:sales\putman) is found, that is used. If a partial match (for example, D:*\putman) is found, that is used. If an unqualified match (for example, putman) is found, that is used. Otherwise, the user is assigned a role of None.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\