- Community Home
- >
- Servers and Operating Systems
- >
- HPE BladeSystem
- >
- BladeSystem - General
- >
- Virtual Connect LDAP Integration questions
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-08-2013 10:21 AM
07-08-2013 10:21 AM
Virtual Connect LDAP Integration questions
Norman had a customer question:
**************
Curious about the TACACS+ support with respect to VCEM.
Seems like customers must choose between TACACS+ or LDAP, with a fall-back to local accounts if authentication fails.
Have a customer who’s network team uses TACACS+, but the server team would likely use LDAP.
First question: Can a customer’s VCEM installation support multiple methods (TACACS+, LDAP, local, etc.).
Second question: Do we have any instructions on how to integrate VCEM with TACACS+? (customer request)
****************
Info from Lionel:
*************
You don’t have to choose between TACAS+ or LDAP, you can enable both and set an authentication method for each user role. You can even set an order between different authentication methods so if a method fails, the next method is tried.
Back to your VCEM questions, the local access to VCM is not changed because you are under the control of VCEM so all authentication methods enabled under VCM are still available. VCEM only locks the VC Domain to make sure no configuration change can take place but concerning the local authentication, it’s the same as a standalone VC Domain.
The authentication order for each role is by default in the following order:
Domain: local > ldap > radius > tacacs
Network: tacacs > radius > local
Server: ldap > local
Storage: radius > local
So what your customer is asking is already the first default authentication method used today by VC for each network/server role.
**************
Any other help for Norman?
- Tags:
- LDAP