Fujitsu KVM S3 Manual De Usuario
Appliance Management Panel
Appliance and device query modes
75
590-590-609A
associated with a group is configured by setting the value of an attribute in the
group object. For example, if the Notes property in the group object is used to
implement the access control attribute, the Access Control Attribute field in the
Query Parameters tab should be set to
group object. For example, if the Notes property in the group object is used to
implement the access control attribute, the Access Control Attribute field in the
Query Parameters tab should be set to
info. Setting the Notes property to KVM
User Admin causes the members of that group to have user administration access
to the appliances and target devices that are also members of that same group.
to the appliances and target devices that are also members of that same group.
The Notes property is used to implement the access control attribute. The value of
the Notes property, available in group and user objects shown in Active Directory
Users and Computers (ADUC), is stored internally in the directory, in the value of
the
the Notes property, available in group and user objects shown in Active Directory
Users and Computers (ADUC), is stored internally in the directory, in the value of
the
info attribute. ADUC is a Microsoft Management Console snap-in for configuring
Active Directory. It is started by selecting Start - Programs - Administrative Tools
- Active Directory Users and Computers. This tool is used to create, configure
and delete objects such as users, computers and groups. See Figure 24 on page
76 for more information.
- Active Directory Users and Computers. This tool is used to create, configure
and delete objects such as users, computers and groups. See Figure 24 on page
76 for more information.
•
The Group Container Mask field defines the object type of the Group Container,
which is normally an organizational unit. The default value is “ou=%1”.
which is normally an organizational unit. The default value is “ou=%1”.
•
The Target Mask field defines a search filter for the target device. The default value
is “cn=%1”.
is “cn=%1”.
•
The Access Control Attribute field specifies the name of the attribute that are
used when the query modes are set to Attribute. The default value is
used when the query modes are set to Attribute. The default value is
info.
5.3.5
Appliance and device query modes
One of three different modes can each be used for Query Mode (Appliance) and
Query Mode (Device):
Query Mode (Device):
•
Basic – A user name and password query for the KVM s3 Client user is made to
the directory service. If they are verified, the KVM s3 Client user is given
administrator access to the appliance and any attached target devices for Query
Mode (Appliance), or to any selected target device for Query Mode (Device).
the directory service. If they are verified, the KVM s3 Client user is given
administrator access to the appliance and any attached target devices for Query
Mode (Appliance), or to any selected target device for Query Mode (Device).
•
Attribute – A user name, password, and Access Control Attribute query for the
appliance user is made to the directory service. The Access Control Attribute is
read from the user object (the user account) in Active Directory.
appliance user is made to the directory service. The Access Control Attribute is
read from the user object (the user account) in Active Directory.
If the value “KVM Appliance Admin” is found, the KVM s3 Client user is given
appliance administrator access to the appliance and any attached target devices for
Query Mode (Appliance), or to any selected target device for Query Mode
(Device). If the value “KVM User Admin” is found, the KVM s3 Client user is given
User administrator access to the appliance and attached target devices for Query
Mode (Appliance), or to any selected target device for Query Mode (Device).
appliance administrator access to the appliance and any attached target devices for
Query Mode (Appliance), or to any selected target device for Query Mode
(Device). If the value “KVM User Admin” is found, the KVM s3 Client user is given
User administrator access to the appliance and attached target devices for Query
Mode (Appliance), or to any selected target device for Query Mode (Device).
The following are examples showing how the KVM Appliance Admin and KVM
User Admin attribute modes are defined in Active Directory for a user named John
Smith, stored in the ADUC. You can access the ADUC by selecting Start -
Programs - Administrative Tools - Active Directory Users and Computers.
User Admin attribute modes are defined in Active Directory for a user named John
Smith, stored in the ADUC. You can access the ADUC by selecting Start -
Programs - Administrative Tools - Active Directory Users and Computers.