Community
ProLiant Servers (ML,DL,SL)

hplomig.exe active directory container 'HP Target' object logical limit

 
randomgenerated
Occasional Contributor

‎10-11-2017 03:03 AM

‎10-11-2017 03:03 AM

hplomig.exe active directory container 'HP Target' object logical limit

Hi all, working in an environment where we want to log into ILO via AD credentials, set these up via hplomig.exe/Directories Support for management processors GUI

We have circa 5000 ILO's, V's 2, 3, 4

There is a rumor in my team which we can't substantiate says there is a logical limit to the number of ILO objects (HP Target) we can create per AD container or OU. The rumour says this number is 700-1000 per container, then you have to break out into a new container or OU. 

Does anyone have knowledge of this, if correct is related to a particular version of Directories Support tool or perhaps related specifically to an ILO version, and what is the upper limit of objects per container. I can't find any reference to this issue online....

Secondly, does anyone know if the HP powershell ILO cmdlets can perform the same functionality as the Directories Support GUI tool in terms of AD object creation, we want to automate the AD object creation

Many thanks in advance, Jason

0 Kudos
Reply
3 REPLIES 3
GokulKS
HPE Pro

‎10-13-2017 03:55 AM

‎10-13-2017 03:55 AM

Re: hplomig.exe active directory container 'HP Target' object logical limit

Hi Jason,

I can answer your second question but not the first.

PowerShell has cmdlets to automate AD creation on iLO servers. You can refer below set of cmdlets for creation and modification of the same. Check get-help for the detailed examples for each of them. If required you can refer our User 

Guide as well for more clarification.

PS C:\Windows\System32\WindowsPowerShell\v1.0> help *ilo*directory*

Name Category Module Synopsis
---- -------- ------ --------
Set-HPiLODirectory Function HPiLOCmdlets ...
Set-HPiLOSchemalessDirectory Function HPiLOCmdlets ...
Test-HPiLODirectoryUserAuthent... Function HPiLOCmdlets ...
Get-HPiLODirectory Function HPiLOCmdlets ...

Thanks,

Gokul

HPE PowerShell Team


I am a HPE Employee

Accept or Kudo

Reply
randomgenerated
Occasional Contributor

‎11-22-2017 11:39 PM

‎11-22-2017 11:39 PM

Re: hplomig.exe active directory container 'HP Target' object logical limit

Hi Gokul, many thanks for your reply. 

I think I wasn't quite specific, if you would allow me to clarify please. 

We have the tool "Directories Support for Proliant Management Processors" currently version 5.10. We use this tool obviously to create objects in AD and link the ILO to the AD object to enable AD logins on the ILO. 

Is there a powershell cmdlet or other script based tool that does this creating/linking of the ILO objects into the AD via the nominated 'HP Role' object ? Can we automate "Directories Support for Proliant Management Processors" ? 

Many thanks, Jason

0 Kudos
Reply
GokulKS
HPE Pro

‎11-29-2017 02:59 AM

‎11-29-2017 02:59 AM

Re: hplomig.exe active directory container 'HP Target' object logical limit

Hi,

There are two parts in your question. Let me answer one by one.

Is there a powershell cmdlet or other script based tool that does this creating/linking of the ILO objects into the AD via the nominated 'HP Role' object ?

Yes you can do with our iLO cmdlet as mentioned below.

PS C:\> $uname = @("asmith","jcook")
PS C:\> $pword = @("P@ssw0rd1","P@ssw0rd2")
PS C:\> $LDAPDirectoryAuthentication = @("Disable","Use_HP_Extended_Schema")
PS C:\> $localUserAccount = @("Y","N")
PS C:\> $serverAddress = @("123.56.89.123","ldap.company.net")
PS C:\> $serverPort = @("636","636")
PS C:\> $objectDN = @("value="CN=server1_rib,OU=RIB, DC=mycomp1,DC=com","value="CN=server2_rib,OU=RIB, DC=mycomp2,DC=com")
PS C:\> $objectPassword = @("password1","password2")
PS C:\> $uContext1 = @("CN=Users11,DC=mycompu, DC=com","CN=Users12,DC=mycomp1, DC=com")
PS C:\> $uContext2 = @("CN=Users21,DC=mycompu, DC=com","CN=Users22,DC=mycomp2, DC=com")
PS C:\> $uContext3 = @("CN=Users31,DC=mycompu, DC=com","CN=Users32,DC=mycomp3, DC=com")
PS C:\> Set-HPiLODirectory -Server @("1.4.29.195","1.4.27.103") -Username $uname -Password $pword -LDAPDirectoryAuthentication $LDAPDirectoryAuthentication
-LocalUserAccount $localUserAccount -ServerAddress $serverAddress -ServerPort $serverPort -ObjectDN $objectDN -ObjectPassword $objectPassword -UserContext1 $uContext1
-UserContext2 $uContext2 -UserContext3 $uContext3

Can we automate "Directories Support for Proliant Management Processors" ? 

No as this tool does not give any CLI support.

Thanks,

Gokul

HPE PowerShell Team


I am a HPE Employee

Accept or Kudo

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.