- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- Re: ILO LDAP Configuration not working
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-12-2020 07:04 AM
08-12-2020 07:04 AM
Re: ILO LDAP Configuration not working
Can you please let us know the what is " Directory User Context 1" defined in iLO ??
I work for HPE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-12-2020 07:06 AM
08-12-2020 07:06 AM
Re: ILO LDAP Configuration not working
Can you please let us know the what is " Directory User Context 1" defined in iLO
I work for HPE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-18-2020 12:36 AM
08-18-2020 12:36 AM
Re: ILO LDAP Configuration not working
Everything is fine using ldp and actually every other tool works fine using LDAPs even these from HPE (3Par, Primera, Nimble, SSMC etc
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-18-2020 12:38 AM
08-18-2020 12:38 AM
Re: ILO LDAP Configuration not working
Hi @Eeswaran,
sorry i have no solution so far and stopped further deployment until i have a solution.
I hope this thread gets a little more tention to HPE because my case with them was not really helpful.
BR
Johannes
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-24-2020 05:34 AM - edited 08-24-2020 05:52 AM
08-24-2020 05:34 AM - edited 08-24-2020 05:52 AM
Re: ILO LDAP Configuration not working
Hi SandurMaverick,
Thanks for the reply.
LDAP connection has been verified and it is working fine.
Domain authentication with LDAP Server working fine in 100's of servers during the notification of issue in a server ILO and this ensures that there is no issue with LDAP Connection
All the servers ILO's are configured similarly.
"Directory User Context" 1 , 2 and 3 has been updated with common directory subcontexts.
Every other tools configured with the same LDAP is working fine
After Resetting the ILO, domain authentication works fine, but after sometime again the issue starts
From ILO User Guide, it has been mentioned that if CA Certificate is not imported, Certificate validation step is skipped, But whereas domain login authentication fails stating that “LDAP server certificate validation failed.” Attached the screenshots for reference.
This issue exists in all generations and firmwares, 2.55 to 2.73 for ILO4 and 2.10 to 2.18 for ILO5.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-26-2020 02:42 AM
08-26-2020 02:42 AM
Re: ILO LDAP Configuration not working
HI Eeswarna,
Thank you for letting us know the issue..
as per you description the issue doesn't start when configured for the first Time & Domain Login works fine.. but the issue starts when you do the iLO reset after which you are seeing an issue of domain login failure due to certificate Validation failure.. i get your point . can you confirm the domain user on which the issue is seen is actually part of How many Security Groups ..
Command : to run on Domain Controller : dsquery user -samid ilouser | dsget user -memberof | dsget group -samid
I work for HPE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-26-2020 05:16 AM
08-26-2020 05:16 AM
Re: ILO LDAP Configuration not working
I´m having trouble with multiple users.
one is a test user only beeing in the one group + "domain users" but still having that issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-27-2020 12:26 AM
08-27-2020 12:26 AM
Re: ILO LDAP Configuration not working
Hello Johannes_we & Eeswaran,
Can you update the March 10, 2020 updates Secuirty Patches from Microsoft & See this gets resolved
I work for HPE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-27-2020 12:31 AM
08-27-2020 12:31 AM
Re: ILO LDAP Configuration not working
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-28-2020 07:40 AM - edited 08-28-2020 07:42 AM
08-28-2020 07:40 AM - edited 08-28-2020 07:42 AM
Re: ILO LDAP Configuration not working
HI SandurMavericK,
01. In our case we are using Service account, which is part of 2 Security groups and My Domain Account is part of many security groups. We even tested with a test account which is part of single security group. For all accounts we are receving the same issue.
02. Regarding the Microsoft March 10, 2020 patches MS has confirmed that, Updates will not make changes to LDAP signing or LDAP channel binding policies or their registry equivalent on new or existing domain controllers. Anyhow all our DC's are patched with all compatible patches released till July 2020
03. Verified the following registry in all the DC's: Security Providers is listed with 'pwdssp.dll'
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders