cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

query of EV FSA IIS authentication

Go to solution
chetan_k32
Level 4
Partner Accredited

‎12-22-2011 01:39 AM

Hi,

recently i came accross a query from a customer regarding IIS authentication.

we had implemented EV 9.0.2 for FSA of VNX5300 series(DART 7),when we are doing a prerequists we were getting error message during the prerequists steps as followed.

Steps performed on Celerra:-

 

  1. server_param server_x -facility shadow -info stream

server_param server_x -facility shadow -modify stream -value 1

 

  1. /nas/sbin/server_user server_x -add -md5 -passwd evadmin

 

  1. fs_dhsm -modify Datagrp -state enabled

 

  1. server_http server_2 -append dhsm –users evadmin-hosts 10.75.250.142

 

  1. fs_dhsm -connection Datagrp -create -type http -secondary http://EVVAULT.CORP.CAPGEMINI.COM/EnterpriseVault -user svc-in-evadmin@corp.capgemini.com -password Passwd12 -cgi n

 

And the last command is returning an error as follows

 

[MUMVNXCS01 ~]$ fs_dhsm -connection Datagrp -create -type http -secondary http://EVVAULT.CORP.CAPGEMINI.COM/EnterpriseVault-user svc-in-evadmin@corp.capgemini.com-password Passwd12 -cgi n

 

Error 13159628829: The HTTP server failed to respond to an OPTIONS method of the HTTP protocol with a status code 1002 Authentication scheme not supported.

 

regarding this error we had enabled the 'Basic Authentication' in IIS of the EV server

  

[MUMVNXCS01 ~]$ fs_dhsm -connection Datagrp -create -type http -secondary http://evvault.CORP.CAPGEMINI.COM/EnterpriseVault-user "CORP\SVC-IN-EVADMIN" -password Passwd12 -cgi n

Datagrp:

state                = enabled

offline attr         = on

popup timeout        = 0

backup               = passthrough

read policy override = none

log file             = on

max log size         = 10MB

 cid                 = 0

   type                 = HTTP

   secondary            = http://evvault.CORP.CAPGEMINI.COM/EnterpriseVault

   state                = enabled

   read policy override = none

   write policy         = full

   user                 = CORP\SVC-IN-EVADMIN

   options              = cgi=n

2011-12-21 19:09:15: ADMIN: 6: Command succeeded:  connect fsid=18 type=HTTP rpolicy=15 wpolicy=1 http=http://evvault.CORP.CAPGEMINI.COM/EnterpriseVault cgi=n account=CORP\SVC-IN-EVADMIN passwd=****************

 

after enabling the 'Basic Authentication' in IIS we were able to run the command successfully.

 

now customer has two quries.

  1. Is it secure to use HTTP since it uses clear text authentication.
  2. Is there a provision to use digest or windows authentication to ensure that the communication is secure.

 

kindly any one has an answer for this quries,whether we have to keep the 'Basic Authentication' enabled or is there any other way arround.

 

Thanks

Chetan

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
JesusWept3
Level 6
Partner Accredited Certified

‎12-22-2011 11:26 AM

if security was a concern, then switch to using HTTPS and then set all the EV Sites to use HTTPS instead of http, plus based on the commands you are running, this is a *nix system that can't do NTLM because it won't be joined to the Domain unless it uses something like SAMBA right?

https://www.linkedin.com/in/alex-allen-turl-07370146

View solution in original post

0 Kudos
1 REPLY 1

Go to solution
JesusWept3
Level 6
Partner Accredited Certified

‎12-22-2011 11:26 AM

if security was a concern, then switch to using HTTPS and then set all the EV Sites to use HTTPS instead of http, plus based on the commands you are running, this is a *nix system that can't do NTLM because it won't be joined to the Domain unless it uses something like SAMBA right?

https://www.linkedin.com/in/alex-allen-turl-07370146
0 Kudos