topic Re: Precision on certificates in Server Management - Remote Server Management

Precision on certificates

MLabiche — Mon, 15 Jan 2007 14:30:07 GMT

We are currently in the procees ton in^tegrate Ilo Security in a AD infrastructure

It is clear that we need to install certificates on Domain Controleurs in norder for then to support LDAPS protocol with is required for the Domain Controler and ILO card to communicate. What is not clear is the following : Do we have to install certicates also on the each Ilo card ? This is 2priority one" question ;-)

What is confusing that in the usr guide documentation, it is recommanded to install a Enterprise CA and then Configure the whole Domain (using the Domain Policy) for automatic certificate enrollement. This Way all domain controlers should get automatic Certificate (Right ? wouldn't it be instead Domain controler policy ?). Also as a matter of demonstration Certicates on the domain controlers can be installed "manualy" avoiding the CA Installation steps if we aleady have Third party Cert Architecture ?

Fianally what about ILO cards since they are not part of the domain and thus not getting certificates automaticaly ?

Many Thanks for your anwsers

Best Regards

Re: Precision on certificates

barnett chan — Wed, 17 Jan 2007 09:11:37 GMT

The Enterprise CA is installed on your Directory and you don't install Certificates to the iLO, but iLO needs to configure for the correct directory settings.

Re: Precision on certificates

acartes — Wed, 17 Jan 2007 12:44:08 GMT

>> Do we have to install certicates [on each iLO]?

No, it is not necessary to install a certificate in iLO. For directory integration to use SLDAP (LDAP over SSL), the DC needs the certificate; iLO already has one.

Re: Precision on certificates

MLabiche — Mon, 22 Jan 2007 16:51:10 GMT

Correct : After the test the certificate is only mandatory on the DC
Also you can install the certificate manualy with out configuring specific GPO.

Thanks to all

Best regards