- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- iLO 4 Active Directory Integration Issues
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-19-2015 12:48 PM
03-19-2015 12:48 PM
iLO 4 Active Directory Integration Issues
Hello all,
Current config is on a DL360p G8 with the latest iLO firmware (v. 2.03) installed.
I've configured my iLO for active directory integration both manually and using HPQLOMIG.exe.
I am using the Default Directory Schema with Kerberos Authentication disabled and Local User Account Enabled and am using LDAP Port 636.
When I attempt directory tests, it resolves the directory server name, successfully pings, and is able to connect to the directory server. It fails when it gets to "Connect using SSL", and the notes state that "You may need to install a cert for your server to allow SSL connections."
My DCs have a certificate installed and are able to connect/bind using SSL, as verifed numerous times using LDP.exe
Any insight someone can provide would be greatly appreciated, as nothing I have tried seems to be working.
Thanks in advance,
Chuck
- Tags:
- iLO
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2015 09:11 AM - edited 03-23-2015 09:13 AM
03-23-2015 09:11 AM - edited 03-23-2015 09:13 AM
Re: iLO 4 Active Directory Integration Issues
Your scenario matches mine. Configuration and error messages.
Our AD support team recently migrated our enterprise to a new CA infrastructure and replaced SHA1/1024 certs on domain controllers with SHA2/2048. Broke directory-login on all of our ILOs (1/2/3/4) despite applying current firmware. We finally narrowed it down to bit size to find that SHA2/1024 certificates worked for ILO communication over LDAPS. Would not have thought to try that change if we hadn't found http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c03489319 which states "The certificates on the domain controllers must use 1024-bit encryption and not 2048-bit encryption." That's the only reference to the limitation we've found. Even the HP ILO Security guide has very little information on LDAPS connection parameters.
AD support team would prefer to use 2048-bit so we may be forced to retreat to maintaining local logins for our HP server remote consoles. Our Dell iDRACs had no trouble with the higher bits on the domain controller certs.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-29-2015 06:52 AM
12-29-2015 06:52 AM
Re: iLO 4 Active Directory Integration Issues
Has this been fixed? Our OAs and VCM.. and tons of ilos are all messed up...
adkg12