If the group uses the Windows Domain authentication, the following New Windows Domain user(s) dialog box opens:
This option supports both Windows domain and Active Directory Services authentication. It gives existing users created in
either of these domains access to the cluster. It allows you to add multiple users in one step. After adding all the users,
you can configure each one separately (should this be required) by accessing the individual properties of each user.
|
• |
The Trusted domain list contains the trusted domains that can be accessed from the HAM machine. Hence, the machines running
HAM, the Cluster Service and the [Emulation] Servers should all belong to the same Windows domain in order for a configuration
of this type to be effective.
|
|
• |
When the dialog box first opens, it displays your current Windows logon domain in the Trusted domain list box. If you select
another domain to another one from the list, you will be asked to sign on to that domain.
|
|
• |
After selecting the Trusted domain, click on the Connect button. You will be prompted with a dialog box to enter a user name
and password. If your domain security does not require a username and password to get the list of users, then just click on
the OK without filling any of the fields. You can then select groups that are not part of an organizational unit, or you can
select an organizational unit and then select groups and users in it.
|
|
• |
Selecting a group outside an organizational unit:
|
♦ |
The Groups outside OU section allows you to work with user groups that do not belong to an organizational unit. Select the
group you want from the Groups list and the users of this group will appear in the list box below it. You can select a single
user from this group and add it to the cluster by clicking on the right arrow (>) key on the right of the list. Or you can
add all the users in the group by clicking on the double right arrow key (>>) to the right of the list. Users added to the
cluster are listed in the Users list on the right.
|
|
Selecting an organizational unit and groups within it
The Groups within OU section allows you to work with user groups that are part of an organizational unit. To do this, select
the organizational unit from the OU list. If the selected organizational unit has groups, they are displayed in the Groups
list underneath. If the selected organizational unit has users that do not belong to a group, they will be displayed under
an item in the Groups list called Users outside groups. If the selected organizational unit has both groups and users, the
Groups list will contain the list of all the groups as well as the Users outside groups item. When you select an item from
the Groups list, the HAM lists the users of the selected group in the list box below it. You can select a single user from
this group to add it to the cluster by clicking on the right arrow (>) button to the right of the list, or you can add all
the users in that group by clicking the double right arrow (>>) to the right of the list. Users added to the cluster are listed
in the Users list on the right.
If you want to remove a user from the cluster, select the user in the Users list and click on the left arrow button (<) to
the left of the Users list. If you want to remove all the users from the cluster, select any user in the Users list and
click on the double left arrow button (<<) to the left of the list.
Once you have created the Windows Domain user, you can double click on its definition in HAM to configure other individual
parameters if different from those in its group. Those settings are similar to those of the UserID/PAssword Authentication.
However, some security and general features will not be available as they do not apply to Windows domain users (for example,
the password complexity policies are controlled by the Active Directory Services).