HP ProLiant DL288 ISS Technology Update Volume 8, Number 1 - Page 3

Technology Update Volume 8, Number 1 Quick tip: Configuring a redundant domain controller when using Microsoft Active Directory and iLO or iLO 2 Server administrators using Microsoft Active Directory (AD) can integrate it with Integrated Lights-Out devices to maintain iLO user accounts. Integrating with a directory services application such as Active Directory allows administrators to use the Lightweight Directory Access Protocol (LDAP) directory to authenticate and authorize user privileges to multiple iLO devices. The technology brief titled "Integrating HP ProLiant Lights-Out processors with Microsoft® Active Directory," available at http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00190541/c00190541.pdf, describes the integration steps. The document includes a statement about iLO being able to use a backup domain controller if the primary domain controller is unavailable. In a Microsoft Active Directory configuration, there is no need to configure the actual iLO device to allow a backup domain controller. The Microsoft DNS server will automatically update the Domain Name System (DNS) name to reflect domain controller availability. Administrators should configure iLO to reference the DNS name of the domain, not the specific IP address of the domain controller. If the primary DC is unavailable, the DNS lookup of the domain will not return that server's IP, so that iLO can connect to the next available domain controller. Alternatively, in the iLO configuration, administrators can use a comma or a semicolon between the IP addresses for iLO to try when contacting the AD (see Figure 2-1). Figure 2-1. Multiple directory server addresses in iLO configuration 3