- Community Home
- >
- Software
- >
- HPE OneView
- >
- HPE OneView Global Dashboard - Active Directory co...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2020 02:09 AM - edited 01-29-2020 02:20 AM
01-29-2020 02:09 AM - edited 01-29-2020 02:20 AM
I'm having an issue to connect the global dashboard to our Active Directory domain. I managed to add the CA certificate to the trusted certificate and when I try to connect to our AD by adding an AD it gives the below alert. Tried renewing the CA cert and starting over. Same result, I use version 1.8 because version 1.9 seemed unstable.
The CA certificate with common name CANAMEXXXX used for signing the incoming certificate with common name is not a trusted certificate.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2020 02:51 AM
01-29-2020 02:51 AM
Re: HPE OneView Global Dashboard - Active Directory connection
Hello Davy, we are checking in on the resolution. We know that some customers have issues on the certificate like with spaces or special characters in the name or alias. Can you check empty spaces or special characters in the name or replace spaces with '_' ? In addition what is the type of certificate you are using? single, multipe/wildcard?
Normally we would ask for more specific details on the certificate but as this is an public forum that is not advised.
If we can't resolve it today over the web then it might be wise to log a formal support ticket so we can look at your certificate in a more trusted and closed communication.
Best Regards, Jeroen
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2020 03:17 AM
01-29-2020 03:17 AM
Re: HPE OneView Global Dashboard - Active Directory connection
It's a single CA certificate yes (no * cert) for a local domain (not internet facing). I'll open a support ticket next to this post. No special caracters in the servername, cert name is like "domain-servername-ca". The Oneview server certificate was generated and imported perfectly, and the ca cert was also added to the cert trust store.
Other Oneview appliances authenticate just fine with AD.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2020 05:48 AM - edited 01-29-2020 05:50 AM
01-29-2020 05:48 AM - edited 01-29-2020 05:50 AM
Re: HPE OneView Global Dashboard - Active Directory connection
Hello Jumper please check this documents with some tips , i pass by the same issue , i´ve reviewed all steps to put the global dashboard into the AD CA maybe the sintaxe is the issue i´v got an help from Microsoft PFE .
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=emr_na-a00067633en_us
I´m HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2020 09:02 AM
01-29-2020 09:02 AM
Re: HPE OneView Global Dashboard - Active Directory connection
Have you have loaded the CA-root certificate CANAMEXXXX into the Global Dashboard Certificate Trust Store? That CA-root certificate must be in the Certificate Trust Store with Global Dashboard 1.80.
Starting in Global Dashboard 1.90 you have the option of Force Leaf Trust, which will allow you to add the AD server certificate without the CA-root certificate being present in the Certificate Trust Store. Note that the CA-root certificate will still need to be in the Certificate Trust Store if you choose to wish to use two-factor authentication.
Note that you may choose to add the AD server certificate to the Certificate Trust Store by using the AD server URL and port 636 or 3269 (as appropriate) if you prefer. This may save you some time which you are diagnosing the issue compared to providing all the AD server settings in the GUI to test.
I am a HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2020 11:24 PM
01-29-2020 11:24 PM
Re: HPE OneView Global Dashboard - Active Directory connection
Sorry if it wasn't clear, as mentioned in the previous post, I already added the root CA to the trusted certificates. It's when I try to make a connection to AD that the message appears.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-03-2020 01:45 PM
02-03-2020 01:45 PM
Re: HPE OneView Global Dashboard - Active Directory connection
Is this still a problem? I sent a private message but have not seen a response.
I would suggest getting a Support Dump and opening a Support Case. The Support Dump would allow the Global Dashboard team to get more detailed information for diagnosis.
Check that the IP address and FQDN in the AD server certificate match the actual server values. That includes what the DNS server returns. Check the DNS server configured in the appliance network settings.
Add the AD server certificate to Global Dashboard via the Certificate Trust Store using the AD server URL and port 636 to look at the certificate details.
I am a HPE Employee.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2020 03:44 AM
02-04-2020 03:44 AM
SolutionWe checked the Trusted Root Certificate Authorities and noticed 3 double certificates in this certificates folder. We removed the doubles and exported the certificate. As the AD connection now works after this change it is safe to conclude this resolved our issue. AD connection possible now and appliances were also added.