Administrative Access

Last modified
<< PrevNext >>
 
The 'Administrative Access' page can be accessed by navigating to Configure → Security Settings → Administrative Access. Selecting 'Administrative Access' will present the following page to the user.

AdministrativeAccess2aS.png

 

This page will allow the user to configure various administrative settings related to the appliance such as management access to the appliance, web proxy settings, web user accounts and active directory or LDAP settings.

UpArrow.png

Appliance Access

The 'Appliance Access Settings' section allows you to configure the management access to your appliance. Access to your appliance can be configured in the following three ways -

 

 

  • SSH Access - Secure Shell (SSH) is a network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that it connects via a secure channel over an insecure network. This access on your appliance can be enabled by checking the 'Enabled' field corresponding to SSH Access.

If the user disables SSH access by unchecking the 'Enabled' box, then the changed access settings will be applied and the user will be redirected to the 'Adminstrative Access' page.

 

File:User:AlpaK/StorSimple_Web_UI_User_Guide/image009.jpg Note: When you disable SSH access, any existing SSH sessions will not be disconnected.

 

  • HTTP Access - The Hypertext Transfer Protocol (HTTP) is an application protocol for data communication for the World Wide Web. The http access to your appliance can be enabled by checking the 'Enabled' field corresponding to 'HTTP Access'.

 

  • HTTPS Access - Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL/TLS protocol. It provides encrypted communication to prevent eavesdropping and to securely identify the web server with which you are actually communicating.

 

File:User:AlpaK/StorSimple_Web_UI_User_Guide/image009.jpg Note: The HTTPS access is always enabled and user cannot disable it.

 

After checking the relevant field, click 'Apply' so that the settings can take effect.

UpArrow.png

Web Proxy Settings

This section allows the user to configure the settings of the Web Proxy that the appliance would use when communicating with the cloud. The Web Proxy server is used to add another layer of security, filter content, allow caching to ease bandwidth requirements or even help with analytics.

 

AdministrativeAccess3S.png

 

Perform the following steps to configure the Web Proxy:

  • Specify the IP address that you would like your appliance to use when communicating with the cloud.
  • Set the TCP Port number. By default, the value of 8080 is specified.
  • Choose the 'Authentication Type' from a drop-down list as 'None', 'Basic' or 'NTLM'.
  • Selecting 'Basic' will expand the view as shown below. The user should now supply a 'Username' and a 'Password'.

 

WebProxySettings2S.png

 

  • Choosing 'NTLM' will expand the view as shown below. NT LAN Manager or NTLM is an authentication protocol that uses a three - way messaging system (sometimes four if additional integrity is required) to authenticate a user.
  • Specify a 'Username', 'Password' and a 'Domain'. The first two are required fields whereas the last one is optional.

 

WebProxySettings3S.png

 

  • The last step is to Verify the settings. If the verification succeeds, the user can then proceed to Save the settings.

 

WebProxySettings4S.png

 

If the Web Proxy Settings have been configured incorrectly, the user will be presented with a banner message as shown below:

 

WebProxySettings5S.png

 

Clicking on the shown link will provide the details of the error. Here are some of the sample messages returned from the server that the user can encounter -

  • Can't connect to the server
  • Timeout was reached
  • Failure when receiving data from the peer
  • Required authentication

Since the error messages are returned from the proxy server, these may vary. As such, the above list of error messages is not exhaustive.

UpArrow.png

Web User Accounts

This section lists all the users, their roles, types and the description of their scope in a tabular format. You can add, delete and edit user accounts and manage account permissions.

 

 WebUserAccountsSection1.png

 

  • User - this field has the name of the various users that have an account on the system.
  • Role - this field defines the scope of user and the permitted actions. Based on the role, two types of users are permitted -
    • Admin - the admin account has full access to the system
    •  Monitor - the monitor account provides access to the ‘Report’ and ‘Help’ drawers. Access to other drawers is limited, specifically:
  • Authentication Type - the authentication type can be designated as 'Local' or 'LDAP'.
  • Description - this field describes the scope and permitted actions for each user role and type.

 

Some of the common tasks associated with Web User Accounts are also explained in the following sections -

UpArrow.png

Adding a web user account

Perform the following steps to add a web user account. To add a new user to the system, click on ‘Add a new record’ or plus icon Add_Plus.png. In the dialog that pops up, specify the following:

 

WebUserAccountsSection2.png

 

  • Supply a name in the 'User' field for the user account. The user name can be a maximum of 20 characters long, as supported by Windows AD.
  • Specify a 'Role' for the new user account as either 'Administrator' or 'Monitor'.
  • Choose the 'Authentication' as 'LDAP' or 'Local'. If the user is specified as local, then provide a password for the specified user and re-type the password to confirm it.
  • If the 'Authentication' is set to LDAP, the view changes as shown below. No password is required at this time. The restrictions for username are identical to those of Windows AD.

 

Add_User_LDAP.png

 

  • The web user accounts page will now be updated to reflect the new user account. 

 

WebUserAccountsSection3.png

UpArrow.png

Deleting a web user account

Perform the following steps to delete an account from the Web User Accounts page.
  • Locate the delete icon delete_icon_20X16.png next to the relevant account as shown below.

 

WebUserAccountsSection3.png
 
  • To delete a user, click on ‘delete’ icon delete_icon_20X16.png for that user.
  • Clicking this icon will bring up the delete confirmation dialog box shown below.

 

WebUserAccounts5.png

 

  • Press OK to delete this user or Cancel to exit out of this dialog.
  • You will now be directed back to the Web User Accounts screen.

 

File:User:AlpaK/StorSimple_Web_UI_User_Guide/image009.jpg Note:Admin” and “Monitor” are default user accounts that cannot be deleted.

UpArrow.png

  Resetting the password for a web user account

This procedure is applicable only for the local users. Perform the following steps to reset the password for a local account:
 
  • Click the ‘Edit’ icon to the left of the username.  Clicking this icon will present the password reset dialog box shown below.

 

WebUserAccounts4.png

 

  • Type in the new password for the user in the text box next to ‘Password’ and then re-type the password in the text box next to ‘Confirm Password’; then click Update.
  • If you do not wish to change the password, click Cancel
  • Clicking Update will first verify that the password typed in the two boxes match.  If the two match, the password will be updated.  Otherwise, an error message stating “Passwords do not match” will be presented and you need to re-type the passwords.
  • You may sometimes need to refresh the view using Refresh_20X20.png located on the bottom right hand corner of the screen to update the list of web user accounts.

UpArrow.png

Active Directory or LDAP Settings

This section of the 'Web User Accounts' page allows the user to configure and verify authentication with an Active Directory domain controller or LDAP server. You can also configure and verify authentication of all the local and AD/LDAP users with the respective controllers/servers.

Both Windows 2008 and 2003 domain controllers are supported for this feature. Also, only Windows AD/LDAP servers are supported in this release.

 

ActiveDirectoryLDAPSettingsSection2.png

 

In this view, checking the 'Enable LDAP Support' allows the user to enable/disable LDAP authentication. Once the field is checked, the GUI expands as shown below.

 

AD_LDAP_Settings1.png

 

The user can then supply the hostname or an IP address of an AD Domain Controller. Alternatively, you can specify an LDAP server in this required field. You can now Verify the settings and once the verification is complete, Save these settings.

File:User:AlpaK/StorSimple_Web_UI_User_Guide/image009.jpg Note: The user needs to login sepcifying a domain\username format for Active Directory authentication to take place correctly.

UpArrow.png

<< PrevNext >>
Page statistics
3850 view(s) and 47 edit(s)
Social share
Share this page?

Tags

This page has no classifications.

Comments

You must to post a comment.

Attachments