13.6.1 User authentication blocks
On a manager, you must specify the authentication server that is accessed by the manager. If multiple managers access the same authentication server, the management range of the authentication server will cover all those managers. This management range is called a user authentication block.
You can construct one or more user authentication blocks within a system by specifying settings in JP1/Base. The table below describes the relative advantages and disadvantages of having one or multiple user authentication blocks. Determine how many to construct by referring to this table and 13.6.1(1) Recommended number of user authentication blocks.
|
Number of user authentication blocks |
Advantages/disadvantages |
|---|---|
|
Only one user authentication block in the system |
The system administrator can centrally manage the JP1 users. However, if the authentication server goes down, JP1/IM will be inoperable because the entire system will be affected and its reliability impaired. |
|
Multiple user authentication blocks in the system |
The system administrator must manage every block of JP1 users. However, because the authentication servers are independent, the system is more robust. |
- Organization of this subsection
(1) Recommended number of user authentication blocks
Management of multiple user authentication blocks in a system can be complex. We recommend that you construct one or only a few blocks, and take measures to make the system more robust.
One way of making the system more robust is to install two authentication servers (primary and secondary authentication servers) in one user authentication block.
|
|
![[Figure]](GRAPHICS/CS037050.GIF)
By having two authentication servers, the secondary authentication server can be swapped in automatically and you can perform uninterrupted system operation monitoring if a problem occurs on the primary authentication server. You can also enhance the robustness of the system by running the authentication server hosts in a cluster system, or by setting automatic restart if an authentication server terminates abnormally.
- About authentication servers:
-
-
JP1 user management and authentication servers
Also see the description of setting up the user management functionality in the JP1/Base User's Guide.
-
Authentication servers to be used by JP1/IM
Specification via the JP1/Base Environment Settings window or the jbssetusrsrv command
See the description of setting up the user management functionality in the JP1/Base User's Guide.
-