- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- Re: iLO 5 LDAP group permissions - using PowerShel...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2018 06:47 AM - edited 01-23-2018 06:48 AM
01-23-2018 06:47 AM - edited 01-23-2018 06:48 AM
In iLO 5 there are the following permission that can be set for a LDAP group (some of these are new compared to iLO2-iLO4):
- Login
- Remote Console
- Virtual Power and Reset
- Virtual Media
- Host BIOS
- Configure ILO Settings
- Administer User Accounts
- Host NIC
- Host Storage
- Recovery Set
However, in the latest HPE iLO PowerShell module there in only the 6 settings that you can set using the Set-HPiLOSchemalessDirectory (which I believe are based on the original iLO security specs):
- 1 - Administer Group Accounts
- 2 - Remote Console Access
- 3 - Virtual Power and Reset
- 4- Virtual Media
- 5 - Configure iLO 4 settings
- 6 - Login Privilege
How does one use PowerShell to map the old settings so that ALL the new settings are checked when adding a new LDAP group to an iLO 5?
Thanks
NK
Solved! Go to Solution.
- Tags:
- LDAP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2018 08:54 AM
01-23-2018 08:54 AM
Re: iLO 5 LDAP group permissions - using PowerShell
Hi,
Currently iLO cmdlets version 1.5 supports only till iLO4 version i.e. Gen 9. That is why you see the difference in privilages roles.
We are developing next version 2.0 which will be compatiable with Gen 10 planned to be released around starting of Q2 CY18.
Thanks,
Gokul
PowerShell Team
I am a HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2018 10:28 AM
01-23-2018 10:28 AM
Re: iLO 5 LDAP group permissions - using PowerShell
Ok, thanks. I thought I read somewhere GEN10 was supported, but I must have been mistaken. Maybe I am thinking of HPE BIOS module...
NK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-25-2018 02:07 PM
04-25-2018 02:07 PM
Re: iLO 5 LDAP group permissions - using PowerShell
I just installed the latest PowerShell module for the iLO and I am still not seeing a way to set all these permissions. I am trying to use "Add-HPEiLODirectoryGroup" and all I see for permission options are the following:
-UserConfigPrivilege
-RemoteConsolePrivilege
-VirtualMediaPrivilege
-iLOConfigPrivilege
-LoginPrivilege
-VirtualPowerAndResetPrivilege
Not seeing:
Host Storage, Host BIOS, Host NIC, and Recovery Set
What cmdlet do I use to set those values?
Thanks
NK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-25-2018 02:28 PM
04-25-2018 02:28 PM
Re: iLO 5 LDAP group permissions - using PowerShell
In fact, I just double checked the help for that cmdlet and it says it only supports iLO 4. So, you have no way to configure directory groups in the iLO 5?
NK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-25-2018 10:11 PM
04-25-2018 10:11 PM
Re: iLO 5 LDAP group permissions - using PowerShell
Hi,
Unfortunately there is no way from PowerShell to conifugre directory settings of iLO5.
The main reason behind this is lack of support from iLO5 interfaces which has limited our support for directory works.
I will check iLO team if they have any workarounds to achieve this.
Thanks,
Gokul
I am a HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-26-2018 06:28 AM
04-26-2018 06:28 AM
Re: iLO 5 LDAP group permissions - using PowerShell
Thank you for the response.
NK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-07-2018 07:20 AM - edited 05-07-2018 07:21 AM
05-07-2018 07:20 AM - edited 05-07-2018 07:21 AM
Re: iLO 5 LDAP group permissions - using PowerShell
Any update on this? This seems like it should be a simple thing to do - it is just a text field with the LDAP group name in. Its not doing any LDAP work...its just setting a text field in the iLO configuration...right? I mean, you can do this in the iLO4...why not the iLO5?
If I can use PowerShell to set the license code (a text field) why cant I use PowerShell to set an LDAP group name (a text field)?
Thanks, NK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-08-2018 03:03 AM
05-08-2018 03:03 AM
Re: iLO 5 LDAP group permissions - using PowerShell
Hi,
I agree its simple work but iLO5 Redfish interfaces are not available to set those modifications. Without any interfaces PowerShell or even any scripting tool can't do much. You can approach iLO team but answer is going to be nearly same the support is not available currently and its coming in the future snaps of Gen10.
Thanks,
Gokul
I am a HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2018 02:43 PM
10-22-2018 02:43 PM
Re: iLO 5 LDAP group permissions - using PowerShell
Unbelievable - Version 2.1.0.0 just got released and it STILL does not support the "set-HPEiLODirectorySetting" and "get-HPEiLODirectorySetting" cmdlets for the iLO 5.
NK