Native LDAP using MSAD
You can use a Microsoft Active Directory (MSAD) Lightweight Directory Access Protocol (LDAP) server directly to centrally manage role-based access controls (RBAC) on the TS7700.
Note: The following
topic has been added to the TS7700 Service Information Center for
reference only. LDAP setup and administration is a customer task.
Contact the customer to obtain an LDAP user ID and password.
The TS7700 supports LDAP authentication and authorization directly through an LDAP server. The TS7700 can communicate with any LDAP server that operates with MSAD.
If you plan to use the System Storage™ Productivity Center (SSPC) Spectrum Control to manage RBAC, refer to the topic System Storage Productivity Center and Spectrum Control Storage Authentication Service.
Important: When LDAP is enabled, the TS7700 can be accessed only through
the LDAP server by using a valid user ID and password combination. All local and remote access to
the TS7700 is controlled
through secured (encrypted) or plain text authentication. If the LDAP server is not accessible, the
TS7700 is not accessible. It
is important to create at least one external authentication policy for IBM service personnel access
before a service event. Refer to the topic LDAP and role-based access control for instructions
to create an external authentication policy for IBM service personnel.