HP rp3440 HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition - Page 98

Installing and Initializing Snap-Ins for Active Directory

Get HP rp3440 PDF manuals and user guides View all HP rp3440 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 98 highlights

c. Right-click Active Directory Schema and select Operations Master. d. Select The Schema may be modified on this Domain Controller. e. Click OK. The Active Directory Schema folder may need to be expanded for the checkbox to be available. 4. Create a certificate or install certificate services. This step is necessary because the iLO MP uses SSL to communicate with Active Directory. Install Active Directory before installing certificate services. 5. To specify that a certificate be issued to the server running Active Directory, do the following: a. Launch MMC on the server and add the default domain policy snap-in (Group Policy and browse to Default domain policy object). b. Click Computer Configuration>Windows Settings>Security Settings>Public Key Policies. c. Right-click Automatic Certificate Requests Settings, and select new>automatic certificate request. d. Using the wizard, select the domain controller template and the certificate authority you want to use. 6. Download the Smart Component that contains the installers for the schema extender and the snap-ins. You can download the Smart Component from the HP web site at: http://www.hp.com/servers/lights-out 7. Run the schema installer application to extend the schema, which extends the directory schema with the proper HP objects. The schema installer associates the Active Directory snap-ins with the new schema. The snap-in installation setup utility is a Windows MSI setup script and runs anywhere that MSI is supported (Windows XP, Windows 2000, Windows 98). However, some parts of the schema extension application require the .NET Framework, which you can download from the Microsoft web site at: http://www.microsoft.com Installing and Initializing Snap-Ins for Active Directory To install the snap-ins and configure the directory service, follow these steps: 1. To install the snap-ins, run the snap-in installation application . 2. Configure the directory service to have the appropriate objects and relationships for iLO MP management: a. Use the management snap-ins from HP to create iLO MP, Policy, Admin, and User Role objects. b. Use the management snap-ins from HP to build associations between the iLO MP object, the policy object, and the role object. c. Point the iLO MP object to the Admin and User role objects (Admin and User roles automatically point back to the iLO MP object). For more information about iLO MP objects, see "Directory Services Objects" (page 102). At a minimum, create: • One Role object that contains one or more users and one or more iLO MP objects. • One iLO MP object corresponding to each iLO MP using the directory. Example: Creating and Configuring Directory Objects for Use with iLO MP in Active Directory The following example shows how to set up roles and HP devices in an enterprise directory with the domain mpiso.com, which consists of two organizational units: Roles and MPs. 98 Installing and Configuring Directory Services

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
c.
Right-click
Active Directory Schema
and select
Operations Master
.
d.
Select
The Schema may be modified on this Domain Controller
.
e.
Click
OK
.
The
Active Directory Schema
folder may need to be expanded for the checkbox to be
available.
4.
Create a certificate or install certificate services. This step is necessary because the iLO MP
uses SSL to communicate with Active Directory. Install Active Directory before installing
certificate services.
5.
To specify that a certificate be issued to the server running Active Directory, do the following:
a.
Launch MMC on the server and add the default domain policy snap-in (Group Policy
and browse to Default domain policy object).
b.
Click
Computer Configuration>Windows Settings>Security Settings>Public Key
Policies
.
c.
Right-click
Automatic Certificate Requests Settings
, and select
new>automatic
certificate request
.
d.
Using the wizard, select the domain controller template and the certificate authority
you want to use.
6.
Download the Smart Component that contains the installers for the schema extender and
the snap-ins. You can download the Smart Component from the HP web site at:
7.
Run the schema installer application to extend the schema, which extends the directory
schema with the proper HP objects.
The schema installer associates the Active Directory snap-ins with the new schema. The
snap-in installation setup utility is a Windows MSI setup script and runs anywhere that MSI
is supported (Windows XP, Windows 2000, Windows 98). However, some parts of the
schema extension application require the .NET Framework, which you can download from
the Microsoft web site at:
Installing and Initializing Snap-Ins for Active Directory
To install the snap-ins and configure the directory service, follow these steps:
1.
To install the snap-ins, run the snap-in installation application .
2.
Configure the directory service to have the appropriate objects and relationships for iLO
MP management:
a.
Use the management snap-ins from HP to create iLO MP, Policy, Admin, and User Role
objects.
b.
Use the management snap-ins from HP to build associations between the iLO MP object,
the policy object, and the role object.
c.
Point the iLO MP object to the Admin and User role objects (Admin and User roles
automatically point back to the iLO MP object).
For more information about iLO MP objects, see
“Directory Services Objects” (page 102)
.
At a minimum, create:
One Role object that contains one or more users and one or more iLO MP objects.
One iLO MP object corresponding to each iLO MP using the directory.
Example: Creating and Configuring Directory Objects for Use with iLO MP in Active
Directory
The following example shows how to set up roles and HP devices in an enterprise directory with
the domain mpiso.com, which consists of two organizational units: Roles and MPs.
98
Installing and Configuring Directory Services