HP Integrity rx2800 HP Integrity iLO 3 Operations Guide - Page 102
Installing and configuring directory services, Directory services
View all HP Integrity rx2800 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 102 highlights
8 Installing and configuring directory services You can install and configure iLO 3 directory services to leverage the benefits of a single point of administration for iLO 3 user accounts. This chapter provides information on how to install and configure iLO 3 directory services. Directory services The following are benefits of directory integration: Scalability Leverage the directory to support thousands of users on thousands of iLO 3s. Security Robust user password policies are inherited from the directory. User password complexity, rotation frequency, and expiration are policy examples. Role-based administration You can create roles (for instance, clerical, remote control of the host, complete control), and associate users or user groups with those roles. When you change a single role, the change applies to all users and the iLO 3 devices associated with that role. Single point of administration You can use native administrative tools, like Microsoft Management Console (MMC) and ConsoleOne, to administer the iLO 3 users. Immediacy A single change in the directory rolls out immediately to associated iLO 3s, eliminating the need to script this process. Reuse of user name and password You can use existing user accounts and passwords in the directory without having to record or remember a new set of credentials for iLO 3. Flexibility You can create a single role for a single user on a single iLO 3; you can create a single role for multiple users on multiple iLO 3s; or you can use a combination of roles to best fit your enterprise. Compatibility The iLO 3 directory integration applies to the iLO 3 products and supports the popular directories Active Directory and eDirectory. Standards The iLO 3 directory support builds on the LDAP 2.0 standard for secure directory access. Features supported by directory integration The iLO 3 directory services functionality enables you to do the following: • Authenticate users from a shared, consolidated, scalable user database. • Control user privileges (authorization) using the directory service. • Use roles in the directory service for group-level administration of iLO 3 and iLO 3 users. To install directory services for the iLO 3, a schema administrator must extend the directory schema. The local user database is retained. You can choose not to use directories, to use a combination of directories and local accounts, or to use directories exclusively for authentication. Directory services installation prerequisites Before installing directory services, you must configure LDAP. 102 Installing and configuring directory services