There are two sources of user credentials for the storage system. The primary source is local users created by using the options in the Local Users panel of the
PowerVault Manager (Settings > Users > Local) or by using the
create user CLI command.
For more information on this command, see the
Dell PowerVault ME5 Series Storage System CLI Reference Guide.
For more information on adding local users with the
PowerVault Manager, see
Managing local users. Though local users can be standard or SNMPv3 users, the LDAP feature supports only standard users.
The secondary source for user credentials is a Windows 2016, 2019, or 2022 Active Directory LDAP server, as shown in the following illustration. Users logging in using their LDAP credentials must authenticate using these credentials and be members of a group that is authorized to access the storage system. The group will exist on the LDAP server and will be listed under the
memberOf attribute for the user account. The same group name must also exist in the storage system and can be created by using the LDAP Users panel of the
PowerVault Manager (Settings > Users > LDAP) or the
create user-group CLI command.
For more information on this command, see the
Dell PowerVault ME5 Series Storage System CLI Reference Guide.
Users logging in by this method are not explicitly registered or stored in the storage system; their login, logout, and activity is recorded in an audit log stored in each controller module. For more information about audit logs, see
Audit logs.
The system supports a maximum of five user groups to allow different permissions and/or user preference options. User group permissions are defined by assigning roles, as for local users. User group preference options that can be set in the
PowerVault Manager include the temperature-scale and timeout. User group preference options that can be set only in the CLI include the storage size base, precision, and units. User groups can be created irrespective of whether the LDAP feature is enabled or disabled, but have no purpose if LDAP is not enabled.
Individual user preferences are not saved in the storage system for LDAP authenticated users. Any settings made to the login session are not retained after the session terminates. If the user wants to retain any preferences for the session, these must be saved as part of the user group. Any changes made to a user group will affect all members of that group.
LDAP users with a
manage role can create, modify, and delete both local users and user groups. LDAP users with a
standard role can change settings for the current user group except for the user type and role. LDAP users with a
standard role also cannot change the settings of other user groups.
The username/password entered will be authenticated with local users within the system first. If local authentication fails and LDAP is enabled, the username will be checked against the LDAP server(s).
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\