HP Integrity rx2800 HP Integrity iLO 3 Operations Guide - Page 34
Login process using directory services with extended LDAP, Directory Settings
View all HP Integrity rx2800 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 34 highlights
NOTE: The LDAP connection times out after 30 minutes of inactivity in Active Directory. For Novell directory, there is no inactivity timeout. To configure using the web interface, see "Group Accounts" (page 91). To configure LDAP extended schema: 1. From the MP Main Menu, enter command mode. 2. At the CM:hpiLO-> prompt, enter LDAP. 3. To select Directory Settings, enter D. The current LDAP directory settings appear. 4. To select all parameters enter A. The current LDAP directory authentication status appears. The local iLO 3 user accounts database status also appears. If enabled, the local iLO 3 user database is used if there is an authentication failure using the LDAP Directory. 5. Enter D for disabled, or E for enabled. You must enter E if LDAP directory authentication is disabled. The current LDAP server IP address appears. 6. Enter the IP address of the LDAP server. The current LDAP server port address appears. 7. Enter a new port number. The screen displays the current object distinguished name. This specifies the full distinguished name of the iLO 3 device object in the directory service. For example, CN=RILOE2OBJECT, CN=Users, DC=HP, DC=com. Distinguished names are limited to 255 characters maximum plus one for the NULL terminator character. 8. Enter a new name. The Current User Search Context 1 appears. 9. Enter a new search setting. The Current User Search Context 2 appears. NOTE: The context settings 1, 2, and 3 point to areas in the directory service where users are located, so that users do not have to enter the complete tree structure when logging in. For example, CN=Users, DC=HP, DC=com. Directory user contexts are limited to 127 characters maximum plus one for the NULL terminator character for each directory user context. 10. Enter a new search setting. The screen displays the Current User Search Context 3. 11. When prompted, enter a new search setting. The updated LDAP configuration is as follows: New Directory Configuration (* modified values): * L - LDAP Directory Authentication : Enabled M - Local MP User database : Enabled * I - Directory Server IP Address : 192.0.2.1 P - Directory Server LDAP Port : 636 D - Distinguished Name (DN) : cn=mp,o=demo 1 - User Search Context 1 : o=mp 2 - User Search Context 2 : o=demo 3 - User Search Context 3 : o=test Enter Parameter(s) to revise, Y to confirm, or [Q] to Quit: y -> LDAP Configuration has been updated Login process using directory services with extended LDAP You can choose to enable directory services to authenticate users and authorize user privileges for groups of iLO 3s. The iLO 3 directory services feature uses the industry-standard LDAP. HP layers LDAP on top of SSL to transmit the directory services information securely to the directory servers. More information about using iLO with directory services is available from the HP website at http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00190541/ c00190541.pdf?jumpid=reg_R1002_USEN. HP provides a tool for Active Directory support of HP MPs. This tool, HPQLOMIG.exe, is part of HP Directories Support for Management Processors softpaq (SP31581.exe). It assists with installing the schema and snap-ins needed for Active Directory to work with iLO 3 products including Integrity 34 Configuring DHCP, DNS, LDAP, and schema-free LDAP