Hi
Please confirm if the iLO advanced license has been purchased for this server.
Please check page 396 of the following guide and see if single sign on is enabled on the browser.
https://support.hpe.com/hpesc/public/docDisplay?docId=a00064988en_us
I am an HPE Employee
Try doing these things.
1. log out of the SUT..
2. Clear the DNS Cache at the Server & restart the DNS
3. Now at the SUT use Alt+ Crtl+ Delete & login..
Using Alt+Crtl+ Delete, it will basically create a new Ticket & it will fix the issue..
Make Sure at the iLO , below things must be set correctly.
Refere the link : https://www.youtube.com/watch?v=rGnm2Kc10J0
Please do check all Time of all Client , Server & ILO must be in sync.. i had this issue if any 1 is not in sync
I work for HPE
1. Setup Domain Controller DNS & AD
Create Both Forward Lookup Zone & Reverse Lookup Zone for the Subnets Used for iLO
2. Install the LDAP Role
3. Install the CA ( Root CA or Enterprise CA) - Import the CA Certificate to the windows Client Machine & Install the same.
Path : Open Certificate Authorithy --> Right Click --> your CA --> Properties--> View Certificate & Export
4. Set Group Policy at Domain Conntroller at Default Domain Policy
PATH : Policies -->Windows Settings-->Security Settings---> Local Policies-->
Uncheck All except "AES128_HMAC_SHA1" & AES256_HMAC_SHA1", Future Encryption Types at
"Network Security: Configure Encryption types allowed for Kerberos" ( Security Policy)
5. Now Follow these steps as per the below link :
https://www.youtube.com/watch?v=rGnm2Kc10J0
For High Security, FIPS & CSNA Generate with Supported Crypto
Ktpass +rndPass -ptype KRB5_NT_SRV_HST -princHTTP/myilo.somedomain.net@SOMEDOMAIN.NET -mapuser myilo$@somedomain.net-out myilo.keytab -crypto AES256-SHA1
Note : Date & Time Sync must be same for Domain Conrtoller + iLO + Client Machine.
Note : iLO must resolve with Hostname
Please configure the Browser as below
1. Enable authentication in Internet Explorer.
a. Select Tools > Internet options.
b. Click the Advanced tab.
c. Scroll to the Security section.
d. Verify that the Enable Integrated Windows Authentication option is selected.
e. Click OK.
2. Add the iLO domain to the Intranet zone.
a. Select Tools > Internet options.
b. Click the Security tab.
c. Click the Local intranet icon.
d. Click the Sites button.
e. Click the Advanced button.
f. Enter the site to add in the Add this website to the zone box
g. On a corporate network, *.example.net is sufficient.
h. Click Add.
i. Click Close.
j. To close the Local intranet dialog box, click OK.
k. To close the Internet Options dialog box, click OK.
3. Enable the Automatic login only in Intranet zone setting.
a. Select Tools > Internet options.
b. Click the Security tab.
c. Click the Local intranet icon.
d. Click Custom level.
e. Scroll to the User Authentication section.
f. Verify that the Automatic logon only in Intranet zone option is selected.
g. To close the Security Settings тАФ Local Intranet Zone window, click OK.
h. To close the Internet Options dialog box, click OK.
4. If any options were changed in steps 1тАУ3, close and restart Internet Explorer
I work for HPE
I Know its Baffling feeling when it doesnt work..
Set Group Policy at Domain Controller at Default Domain Policy
PATH : Policies -->Windows Settings-->Security Settings---> Local Policies-->
Uncheck All except "AES128_HMAC_SHA1" & AES256_HMAC_SHA1", Future Encryption Types at
"Network Security: Configure Encryption types allowed for Kerberos" ( Security Policy)
Please make sure Date & time sync for iLO , Domain Controller & windows Client Machine must be Same
I work for HPE