Skip to main content

How tos

I want to...

  • View local user roles
    From the Local User Roles tab, you can view the mappings of the user profiles to the default roles. These mappings are part of the RBAC (role-based access controls) enforced in the storage array.
  • Change passwords
    You can change the user passwords for each user profile in Access Management.
  • Change local user password settings
    You can set the minimum required length for all new or updated local user passwords on the storage array. You can also allow local users to access the storage array without entering a password.
  • Add directory server
    To configure authentication for Access Management, you can establish communications between the storage array and an LDAP server, and then map the LDAP user groups to the array's predefined roles.
  • Edit directory server settings and role mappings
    If you previously configured a directory server in Access Management, you can change its settings at any time. Settings include the server connection information and the group-to-role mappings
  • Remove directory server
    To break the connection between a directory server and the storage array, you can remove the server information from the Access Management page. You might want to perform this task if you configured a new server, and then want to remove the old one.
  • Configure SAML
    To configure authentication for Access Management, you can use the Security Assertion Markup Language (SAML) capabilities embedded in the storage array. This configuration establishes a connection between an Identity Provider and the Storage Provider.
  • Change SAML role mappings
    If you previously configured SAML for Access Management, you can change the role mappings between the IdP groups and the storage array's predefined roles.
  • Export SAML Service Provider files
    If necessary, you can export Service Provider metadata for the storage array and re-import the file(s) into the Identity Provider (IdP) system.
  • View audit log activity
    By viewing audit logs, users with Security Admin permissions can monitor user actions, authentication failures, invalid login attempts, and the user session lifespan.
  • Define audit log policies
    You can change the overwrite policy and the types of events recorded in the audit log.
  • Delete events from the audit log
    You can clear the audit log of old events, which makes searching through events more manageable. You have the option of saving old events to a CSV (comma-separated values) file upon deletion.
  • Configure syslog server for audit logs
    If you want to archive audit logs onto an external syslog server, you can configure communications between that server and the storage array. After the connection is established, audit logs are automatically saved to the syslog server.
  • Edit syslog server settings for audit log records
    You can change the settings for the syslog server used for archiving audit logs, and also upload a new Certificate Authority (CA) certificate for the server.