Home > Data Protection > PowerProtect DD Series Appliances > Dell PowerProtect DD Series Appliances: Security > Access control settings
Access control settings enable the protection of resources against unauthorized access.
The PowerProtect DD appliance operating environment provides secure administration through either the DD System Manager by HTTPS or SSH for CLI. Either method enables locally defined users, Network Information Service (NIS) users, Lightweight Directory Access Protocol (LDAP), Microsoft Active Directory domain users, and single sign-on (SSO).
User authentication settings control the process of verifying an identity claimed by the user for accessing the product.
PowerProtect DD appliances can use Microsoft Active Directory pass-through authentication for the users.
PowerProtect DD appliances can use NIS Directory Authentication for the users in UNIX and Linux environments for configuration management.
PowerProtect DD appliances can use LDAP for user authentication. Users can also configure Secure LDAP with either LDAPS or the Start_TLS method.
PowerProtect DD appliances can authenticate a user with a username and password from a supported single sign-on (SSO) provider. The SSO feature must be enabled, and the system must be registered with an SSO provider.
A user certificate consisting of the username in the CN field is authenticated with a user CAC/PIV card. A browser plug-in interacts with the CAC card to extract the user certificate into the browser by providing the password to access the CAC card. Once the user certificate is loaded into the browser, you can log in to DD System Manager using the certificates.
User authorization settings control rights or permissions that are granted to a user for accessing a resource that manages the product. Specific authorization levels are defined for each user account created using the Role Based Access Control scheme shown in the following figure.