- Notes, cautions, and warnings
- Disclaimer
- Preface
- Introduction
- Authentication
- Component access control
- Log in to PowerProtect Data Manager
- User and credential management
- Login security settings
- Authentication types and setup
- Identity providers
- Authentication to external systems
- Authorization
- Log Settings
- Network and Communication Security Settings
- Data Security Settings
- Cryptography
- Security Updates and Patching
- Authenticity and Integrity
- About product authenticity and integrity
- Verification
- Verify the signer or signers for Windows binaries
- Verify the vendor for Linux (RPM-based) packages
- Verify the vendor for Linux (Debian-based) packages
- Verify GPG signatures for Linux (RPM-based) packages
- Verify the signature for JAR files
- Verify SHA-256 checksums in Windows
- Verify SHA-256 checksums in Linux
- Verify SHA-256 checksums in AIX
- Miscellaneous Configuration and Management Elements
- REST API Procedures
PowerProtect Data Manager 19.10 Security Configuration Guide
Identity providers
An identity provider is an abstract source of user and group data that PowerProtect Data Manager can map to corresponding roles. The abstraction simplifies user and role management.
In addition to the list of supported external identity providers, PowerProtect Data Manager contains locally defined identity providers for application and operating system users.
PowerProtect Data Manager supports multiple active identity providers. Each identity provider has a unique associated domain that identifies all users from that identity provider.
You can map users to PowerProtect Data Manager roles directly or through user groups that come from an identity provider. After you configure an identity provider and map a user or group to a role, you can log in to PowerProtect Data Manager as that user, or as a user from that group.
Some local users have restricted capabilities. For example, operating system users are not mapped to application roles and are limited to SSH access. The local identity provider does not support adding or deleting operating system users, only changing the passwords for existing accounts.
Supported external identity providers
- Lightweight Directory Access Protocol (LDAP)
- LDAP over SSL (LDAPS)
- Microsoft Active Directory (AD) server
- Microsoft AD server over SSL (AD over SSL)
Limitations
PowerProtect Data Manager does not support multiple domains or forests on the same identity provider. Instead, configure separate identity providers for each domain or base.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\