Use the Federated Security page
to view and manage users, groups, and security properties for the
selected cluster.
Federated security is
a security configuration that provides separation between the service
that a client accesses and the authentication and authorization procedures
for accessing the service.
To manage security for the cluster, select one of the following
options from the
View list at the top of the
page:
- Users
- You can view and edit the properties of
a PowerHA® SystemMirror user,
remove a user, and set whether an administrator can change the password
for a user. Also, you can create a user in two different ways. You
can create a user by configuring all user properties, or you can create
a user based on the properties of an existing user.
- User groups
- You can view and edit the properties of
a PowerHA SystemMirror user
group, remove a group, and add an existing user to a group. Also,
you can create a user group in two different ways. You can create
a user group by configuring all user group properties, or you can
create a user group based on the properties of an existing group.
- Roles
- You can view and edit the properties of a PowerHA SystemMirror role, create
a role, and remove an existing role.
- LDAP management
- You can configure a Lightweight Directory Access Protocol (LDAP)
server and create a client connection to that server. You then can
use LDAP as the registry for cluster users. Also, you can disconnect
the cluster from the current LDAP server if you want to change the
registry configuration for the cluster.
- EFS management
- You can configure an optional Encrypted File System (EFS) for
the cluster. You also can edit the properties of an existing EFS configuration
or remove the EFS configuration for the cluster.
Configuring EFS adds a layer of security
by encrypting all user information in the registry. You can configure
EFS to encrypt user information for either type of registry. Using
EFS also enables users to encrypt their data through the use of credentials
in a keystore specific to a user.
For more information about managing
federated security, see the Federated security topic in the AIX® Information Center.