Authenticating IBM Spectrum Protect users by using an LDAP server
Within an IBM Spectrum Protect™ system, users must authenticate to the server by providing a user ID and password. If your organization uses a Lightweight Directory Access Protocol (LDAP) server to manage user IDs, you can use the LDAP server to authenticate IBM Spectrum Protect user IDs.
You can use one of the following methods to authenticate users with an LDAP server:
- Method that is preferred for IBM Spectrum Protect V7.1.7 and later servers
- To use this method, sometimes known as integrated mode, user IDs must be registered in an Active Directory database on an LDAP server. Then, you register the same users with the IBM
Spectrum Protect server. When a registered user ID accesses the IBM
Spectrum Protect server, the credentials are authenticated against the Active Directory database.
To use this method, follow the instructions in Authenticating users by using an Active Directory database.
- Method that is used for servers earlier than V7.1.7, and by IBM® Security Directory Server users
- To use this method, user IDs must be registered in an Active Directory database on an LDAP server. Alternatively, user IDs can be registered in an IBM Security Directory Server (formerly IBM Tivoli® Directory Server) database on an LDAP server. With this method, you cannot use the standard user accounts that are registered with the LDAP server. You must create separate user accounts that are associated with a specific organizational unit. To use this method, follow the instructions in Managing passwords and logon procedures (V7.1.1).