The following figure shows the login workflow with an authentication server:
If an authorization server works together with an authentication server, the
user groups that are registered in the authorization server can be assigned to
a user for Device Manager - Storage Navigator.
The following figure shows the login workflow when an authentication server
and an authorization server are used in combination:
You can use the authentication server without knowing the host names and
port numbers, if you register the information of the authentication server as
an SRV record in the DNS server. If you register multiple numbers of
authentication servers to the SRV record, you can determine the
authentication server to be used, based on the priority that has been set in
advance.
Authentication server protocols
Authentication servers support the following protocols:
• LDAPv3 simple bind authentication
• RFC 2865-compliant RADIUS with PAP and CHAP authentication
• Kerberos v5
The following certificate file formats are available for LDAP server settings:
• X509 DER format
• X509 PEM format
Setting up security 225
System Administrator Guide for VSP Gx00 models and VSP Fx00 models