Configuring authentication and ID mapping for file access
The system administrator can decide whether to configure authentication and ID mapping method either during the installation of the IBM Spectrum Scale™ system or after the installation. If the authentication configuration is not configured during installation, you can manually do it by using the mmuserauth service create command from any protocol node of the IBM Spectrum Scale system. This section covers the manual method of configuring authentication for file access.
You can configure the following external authentication servers
for file access:
- Active Directory (AD)
- Light Weight Directory Access Protocol (LDAP)
- Network Information Service (NIS)
Ensure that the following RPMs are installed on all protocol nodes before you
start configuring the authentication method:
On Red Hat Enterprise Linux nodes
On Red Hat Enterprise Linux nodes
- For AD:
- bind-utils
- For LDAP:
- openldap-clients
- sssd and its dependencies ( particularly sssd-common
and sssd-ldap). It is a good idea to install all the dependencies, as in the
following example:
yum install sssd*
- For NIS:
- sssd and its dependencies ( particularly sssd-common and sssd-proxy)
- ypbind and its dependencies (yp-tools)
- For AD:
- bind-utils
- For LDAP:
- openldap2-client
- sssd and its dependencies ( particularly sssd-common,
sssd-ldap, and sssd-krb5). It is a good idea to install
all the dependencies, as in the following example:
zypper install sssd*
- For NIS:
- sssd and its dependencies ( particularly sssd-common and sssd-proxy)
- ypbind and its dependencies (yp-tools)