No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Disk Encryption User Guide

OceanStor V5 Series V500R007

This document is applicable to OceanStor 5110 V5, 5110F V5, 5300 V5, 5300F V5, 5500 V5, 5500F V5, 5600 V5, 5600F V5, 5800 V5, 5800F V5, 6800 V5, 6800F V5, 18500 V5, 18500F V5, 18800 V5, and 18800F V5. It introduces how to install and configure key management servers connected to the storage systems that use self-encrypting disks.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Managing Users

Managing Users

This section describes how to manage users of the key management server, such as creating users and changing the password or password policy.

Creating an Administrator User

This section describes how to create an administrator user.

Context
  • Only users having the High Access Administrator permission can perform this operation.
  • Create at least two users with the High Access Administrator permission. If you forget the password of user admin, you can use the created users to configure and manage the key management server.
Procedure
  1. Log in to the key management server's web interface as user admin.
  2. Choose Device > Administrators > Administrators.

    The Administrator Configuration page is displayed, as shown in Figure 4-47.

    Figure 4-47 User list

  3. Click Create Local Administrator.

    Figure 4-48 Creating a user

  4. Specify the user name and password for the new user, and grant permission based on your requirements.

    • To create a user with the High Access Administrator permission, select High Access Administrator. The system automatically grants all permission for the user.
    • To create an administrator with specified permission, deselect High Access Administrator and then select the required permission in the list.

  5. Click Create.

    The new user will be displayed in the user list.

    NOTE:

    To improve system security, the passwords must be changed when the created users log in to the server for the first time.

Creating a Local User

This section describes how to create a local user. When the key management server authenticates a storage system using the Key Management Interoperability Protocol (KMIP), it identifies the storage system based on the user.

Prerequisites

To ensure that the key management server can identify the storage system successfully, the local user name of the key management server must be set to Storage, which is the same as the OU value in the signed certificate of the storage system.

You can query the OU value as follows:

  1. Double-click the certificate.
  2. Click the Detail tab, and select User. You can view the OU value in the lower pane.

Context

Create at least one local user.

Procedure
  1. Log in as the admin user to the key management server's web interface.
  2. Choose Security > Users & Groups > Local Authentication > Local Users & Groups.

    The User & Group Configuration page is displayed, as shown in Figure 4-49.

    Figure 4-49 Local user page

  3. In the Local User area, click Add.

    Figure 4-50 shows the page that is displayed.

    Figure 4-50 Local user information setting page

  4. Set user information.

    Table 4-13 User parameters

    Parameter

    Description

    Setting

    Username

    Name of the new user. Set the value to Storage.

    [Example]

    Storage

    Password

    Password of the new user.

    [Example]

    admin@123

    User Administration Permission

    Permission to create, modify, and delete a user or user group.

    [Example]

    Not selected

    [Recommended value]

    Not selected

    Change Password Permission

    Permission to modify a user's own password.

    [Example]

    Not selected

    [Recommended value]

    Not selected

  5. Click Save.

    The new user is displayed in the user list.

Changing the Password

This section describes how to change the password of the current user.

Prerequisites

Users can only change their own passwords.

Procedure
  1. Log in to the key management server's web interface.
  2. Choose Device > Administrators > Password Management.

    The Administrator Configuration page is displayed, as shown in Figure 4-51.

    Figure 4-51 Changing the password

  3. In the Change Your Password area, enter the original password and the new password of the current user. Confirm the new password and click Change Password.

    The system displays a message indicating that the password is changed successfully, as shown in Figure 4-52.

    Figure 4-52 Password changed successfully

  4. Log in to the server using the new password.

Modifying the Password Policy

This section describes how to modify the password policy.

Prerequisites

Only users with the High Access Administrator permission can modify the password policy.

Procedure
  1. Log in to the key management server's web interface.
  2. Choose Device > Administrators > Password Management.

    The Administrator Configuration page is displayed.

  3. Click Edit.

    Figure 4-53 Modifying the password policy

  4. Configure the password policy.

    1. In Password Expiration, enable or disable password expiration. If you enable it, configure the maximum validity period (365 days).
    2. In Password History, enable or disable the historical password recording function. If you enable it, configure the number of historical passwords (1 to 25). The historical passwords cannot be used when you set a new password.
    3. In Minimum Password Length and Password Must Contain At Least One, configure the minimum length of the password and the password elements.
    4. Click Save. The password policy is changed successfully.

Translation
Download
Updated: 2019-07-11

Document ID: EDOC1000181504

Views: 22765

Downloads: 181

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next