HP CloudSystem Foundation Podręcznik Użytkownika Strona 189
- Strona / 211
- Spis treści
- ROZWIĄZYWANIE PROBLEMÓW
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
A Enabling strong certificate validation in the CloudSystem
Portal
This appendix describes how to configure the CloudSystem Portal to enable strong SSL/TLS
validation. Strong validation means that the LDAP server requires a valid client CA certificate chain
when an OpenLDAP or Microsoft Active Directory service is used for authentication.
To enable strong certificate validation in the CloudSystem Portal, you will:
• Export the certificate chain from the directory server
• Import the certificate chain to the CloudSystem Foundation base appliance through the
hypervisor management console
Follow the instructions for the directory service you have configured for authentication. For more
information, see Configuring CloudSystem to use Active Directory or OpenLDAP directory
authentication (page 55).
Enabling strong certificate validation if your directory service is OpenLDAP (page 189)
Enabling strong certificate validation if your directory service is Active Directory (page 190)
Prerequisites
• The OpenLDAP or Active Directory server certificate contains a Fully Qualified Domain name
(FQDN) in the CN attribute Subject field.
• The FQDN of the OpenLDAP or Active Directory server is resolvable by the CloudSystem
Foundation base appliance.
To verify that the FQDN is resolvable:
1. Log in to the CloudSystem Foundation base appliance console and run the following
command.
nslookup <directory-server-FQDN>
See Enable console access and set the password (page 199).
2. If an IP address is returned, continue to Enabling strong certificate validation if your
directory service is OpenLDAP (page 189) or Enabling strong certificate validation if your
directory service is Active Directory (page 190).
3. If an IP address is not returned, update the CloudSystem Foundation network configuration
to include the IP address of an alternate DNS server that resolves the LDAP or Active
Director server name as an IP address.
IMPORTANT: If CloudSystem Enterprise is installed, changing the network configuration
of the CloudSystem Foundation base appliance in the following steps requires that you
uninstall, then reinstall Enterprise. See Before installing Enterprise (page 126).
a. From the main menu in the CloudSystem Console, select Settings.
b. Click the Edit icon in the Appliance panel.
c. Expand Network 1 (Appliance).
d. In the Alternate DNS server box, enter the IP address of a DNS server that resolves
the OpenLDAP or Active Directory server.
Using OpenLDAP
Procedure 83 Enabling strong certificate validation if your directory service is OpenLDAP
1. Log in to the CloudSystem Foundation base appliance console. See Enable console access
and set the password (page 199).
2. Get the entire LDAP server certificate chain.
sudo openssl s_client -showcerts -host <directory-server-FQDN> -port
636 > ldapserver.pem
Using OpenLDAP 189
- Abstract 1
- Contents 3
- 4 Contents 4
- Contents 5 5
- 6 Contents 6
- Contents 7 7
- 8 Contents 8
- Contents 9 9
- 10 Contents 10
- Consumers 12
- Administrator 12
- Resources 12
- OpenStack 12
- Features 13
- 2 Concepts and architecture 15
- Associated appliances 16
- Physical servers 17
- User authentication 17
- OpenStack technology 18
- Network tasks and user roles 20
- 3 Security in CloudSystem 22
- Restricting console access 24
- Protecting credentials 25
- 26 Security in CloudSystem 26
- 4 Installation 27
- About Activity 29
- About alerts 30
- About tasks 31
- About the Activity sidebar 31
- Activity states 31
- Icon descriptions 32
- User control icons 33
- Browser requirements 34
- Search resources 35
- 6 Support and other resources 37
- Download audit logs 38
- Create a support dump file 39
- How to contact HP 41
- HP authorized resellers 41
- Documentation feedback 41
- Related information 41
- HP CloudSystem documents 42
- HP Software documents 42
- Related information 43 43
- HP ProLiant servers documents 44
- About managing the appliance 46
- Shut down the appliance 47
- Restart the appliance 47
- Reboot Foundation appliances 48
- Update Foundation appliances 48
- –insecure 51
- 8 Manage users and groups 52
- ◦ Initial password 53
- ◦ User's full name 53
- Authenticating users 54
- Adding a directory server 54
- Add a directory service 55
- 56 Manage users and groups 56
- Add a directory server 58
- Add a directory group 59
- 60 Manage users and groups 60
- Allow local logins 61
- Disable local logins 61
- Challenge = xyaay42a3a 62
- Password: 62
- VET ROME DUE HESS FAR GAS 62
- 9 Manage licenses 63
- License keys 64
- License key format 65
- View license details 66
- 10 Manage security 67
- Verifying a certificate 68
- Configuring cloud resources 70
- 12 Network configuration 73
- About Provider Networks 74
- Delete Provider Network 75
- About Private Networks 76
- About the External Network 77
- 78 Network configuration 78
- About the External Network 79 79
- 80 Network configuration 80
- Managing integrated tools 81
- VMware vCenter Server 82
- VMware vCenter Server 83 83
- 14 Image management 84
- Creating and obtaining images 85
- Add Image 86
- Edit Image 87
- Delete Image 88
- 15 Storage configuration 89
- Edit Block Storage Drivers 90
- Delete Block Storage Drivers 91
- About volume types 91
- Add Volume Types 92
- About Volumes 93
- Understanding Volumes data 94
- Delete Volumes 95
- 16 Compute node creation 96
- Configuring networks 97
- 98 Compute node creation 98
- Creating KVM compute nodes 99
- 102 Compute node creation 102
- 17 Compute node management 103
- 104 Compute node management 104
- Import a cluster 105
- Activate a compute node 105
- Deactivate a compute node 106
- Delete a compute node 107
- Start instance 108
- About Flavors 109
- Flavors in the cloud 110
- Manage flavors 110
- Add Flavor 110
- Delete Flavor 111
- About the Console Dashboard 112
- Dashboard status indicators 113
- Data refresh 114
- Create a security group 118
- Create a key pair 119
- Create a Private network 119
- CloudSystem Portal 122
- Enterprise in the cloud 124
- Multitenancy in Enterprise 125
- 23 Install Enterprise 126
- Enterprise appliance settings 132
- • Current date and time 133
- Set up a template 135
- Create a server group 135
- Create an offering 136
- Deploy an offering 137
- You cannot log in 141
- First-time setup 141
- External difficulties 142
- Enterprise management hosts 142
- Audit log 144
- Licensing 144
- Cannot add directory service 149
- Cannot add directory group 150
- CloudSystem Console 153
- Troubleshooting networks 155
- Neutron CLI 157
- OpenStack Nova command errors 158
- Floating IPs are not working 158
- Troubleshooting images 162
- Troubleshooting storage 166
- Unable to edit a volume type 170
- Troubleshooting compute nodes 173
- Implementation error 182
- 29 Troubleshoot CLI errors 183
- 30 Troubleshoot Enterprise 185
- Part VII Appendices 188
- Using OpenLDAP 189
- Using Active Directory 190
- -----BEGIN CERTIFICATE 191
- MIIEDTCCAvWgAwIBAgIJANgTCE 191
- IFl1P+c9Gro82S7z 191
- -----END CERTIFICATE 191
- Getting help for csadmin 192
- Command syntax and examples 193
- DefinitionArgument 198
Powiązane produkty i podręczniki dla Oprogramowanie HP CloudSystem Foundation
Oprogramowanie HP TC3100 Instrukcja Użytkownika
(121 strony)
(121 strony)
Oprogramowanie HP B.06.X Instrukcja Użytkownika
(78 strony)
(78 strony)
Oprogramowanie HP 3PAR Podręcznik Użytkownika
(676 strony)
(676 strony)
Oprogramowanie HP E3000 Instrukcja Użytkownika
(111 strony)
(111 strony)
Oprogramowanie HP 4000S Podręcznik Użytkownika
(246 strony)
(246 strony)
Oprogramowanie HP C50 Instrukcja Użytkownika
(484 strony)
(484 strony)
Oprogramowanie HP B6960-96008 Instrukcja Użytkownika
(396 strony)
(396 strony)
Oprogramowanie HP rp7410 Podręcznik Użytkownika
(266 strony)
(266 strony)
Oprogramowanie HP 11i Instrukcja Użytkownika
(113 strony)
(113 strony)
Oprogramowanie HP 41B Instrukcja Użytkownika
(44 strony)
(44 strony)
Oprogramowanie HP P6350 Instrukcja Użytkownika
(316 strony)
(316 strony)
Oprogramowanie HP CD52ce Instrukcja Użytkownika
(109 strony)
(109 strony)
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.043 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji