Authentication, identity management, and access (AIMA) control guidelines
This section presents guidelines for configuring directory services and
OneFS access zones.
For assistance, contact your
PowerScale account representative or
Dell Technologies Support.
Table 1. OneFS AIMA specifications
Item
OneFS 9.6.0.0 on AWS
Description
Access zones
15
The recommended limit for access zones.
Exceeding this limit might negatively affect the cluster performance and client connections. Evaluate the workflow and workloads for your cluster to determine the value that works best for your environment.
The maximum limit has not been established.
ACEs per ACL
1,000
The limit for Access Control Entries (ACEs) per Access Control List (ACL). ACEs are stored and evaluated linearly. Large numbers of ACEs per ACLs increase the number of authorization checks that must be performed, which might negatively affect system performance.
Kerberos token size
64 KB
The size limit for the Kerberos token.
LDAP domains
15
The recommended limit for Lightweight Directory Access Protocol (LDAP) domains. This guideline represents unique LDAP domains. See the entry for access zones.
Local groups (per cluster)
7,500
The recommended limit for local groups per cluster.
Exceeding this limit might negatively affect the cluster performance and client connections. Evaluate the workflow and workloads for your cluster to determine the value that works best for your environment.
Local users (per cluster)
7,500
The recommended limit for local users per cluster.
Exceeding this limit might negatively affect the cluster performance and client connections. Evaluate the workflow and workloads for your cluster to determine the value that works best for your environment.
Microsoft Active Directory domains
15
The recommended limit for Active Directory domains. See the entry for access zones.
NIS domains
15
The recommended limit for Network Information Service (NIS) domains. The guideline represents unique NIS domains. See the entry for access zones. Although you can specify multiple NIS domains in an access zone, NFS users benefit only from the NIS configuration that is defined in the system access zone.
RBAC roles
200
The recommended limit for role-based access control (RBAC) roles.
Exceeding this limit might negatively affect the cluster performance and client connections. Evaluate the workflow and workloads for your cluster to determine the value that works best for your environment.
The maximum limit has not been established.
User mapper rules
1,000
The recommended limit for user mapper rules.
Exceeding this limit might negatively affect the cluster performance and client connections. Evaluate the workflow and workloads for your cluster to determine the value that works best for your environment.
The maximum limit has not been established.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\