Manage Access Control Version 10.0.01

For Linux hosts, root-level privileges are required. Data Collectors require read-only access to execute non-intrusive commands on hosts. It is strongly recommended that a separate login account used strictly for Hitachi Storage Viewer be established and using Active Directory for Windows systems and the sudo command for Linux systems, restrict the commands that Hitachi Storage Viewer can issue. To accommodate this security approach, you can optionally specify access control commands like sudo, sesudo, or pbrun. See Sudo Commands for Host Resources Collection.

Multiple Access Control settings can be created to manage access control commands for Linux hosts. For Linux systems, you must specify the path to an access control command such as sudo in order to execute certain OS commands with root-level privileges.

Field	Description	Sample Values
Domain*	Select the Hitachi Storage Viewer Domain from the list; for most environments, only one Domain is displayed. Multiple domains facilitate management for Managed Services Providers (MSPs).
Name*	Assign a name to identify this Access Control setting.
Command*	Linux hosts only: Provide the full path to the access control command, such as sudo, sesudo, or pbrun. See also, Sudo Commands for Host Resources Collection. You can configure sudo to prompt for a password using a custom prompt (the default is “Password”). Hitachi Storage Viewer expects the prompt to be “Password.” If the hosts have a custom password prompt, you’ll need to specify -p Password: after the path to sudo. See the example to the right.	/usr/bin/sudo /user/local/bin/sudo -p Password:
Use for all command*	Select Yes to have the Data Collector use the access command for all commands.
Description	Enter a note to help identify this Access Control setting