HP Integrity Superdome 2 HP Integrity Superdome 2 Onboard Administrator User G - Page 178

qTvgisrZeHtvmrmecvSxZm27b4Bj5XYN0VYcrwqKnH7X/tVhmwqGls7/YZyahNU1 lGB2OjoCq5eJxX+Ybx0CAwEAAaOCA00wggNJMAsGA1UdDwQEAwIFoDBEBgkqhkiG 9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4D ...output truncated... -----END CERTIFICATE----8. Return to the OA Upload Certificate screen, paste the certificate contents into the window, and then click the Upload button. Creating directory groups Onboard Administrator authenticates users and assigns privileges by first verifying that the user name and password provided to Onboard Administrator match the credentials in the Directory. When a match is verified, Onboard Administrator queries the Directory to discover the names of the Active Directory groups the user is a member of. Onboard Administrator then matches those group names against the Directory Group names that exist in Onboard Administrator. In the following example, Onboard Administrator Directory Groups are created. The group name is used to determine LDAP users group membership and must match one of the following properties of a directory group: • Name • Distinguished name • Common name • Display name • SAM account name To create a directory group: 1. In Onboard Administrator, navigate to the Users/Authentications/Directory Groups link. 2. Click the New button. 3. Create a group named OA Admins which is the same name as the one created in the Active Directory. 4. Assign this group full administrative privileges over all server bays and interconnect bays and then click the Add button. 5. Create a Second Directory Group named OA Operators to match the operator group created in Active Directory. Assign the group Operator privilege level instead of Administrator, and do not allow the group access to Server Bays, but do allow access to Interconnect bays, and then click the Add button. 178 Enabling LDAP Directory Services Authentication to Microsoft Active Directory