- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- iLo Default Schema AD Cofiguration help
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-21-2009 01:26 PM
04-21-2009 01:26 PM
iLo Default Schema AD Cofiguration help
Anyway, I have 385 G5’s I want to configure to use AD integration; I am using the HP Lights Out Directories Migration Utility to configure the servers. I have created a new group in AD (iLo Admins) and browsed to this group under the section called “Security Group Distinguished Name” In the next section under user context I browsed to “OU=domainname,DC=domainname,DC=org” (not sure is this part is right) When I log into iLo using the default administrator account and go to test the directory settings using my test domain account it fails on user authentication:
I have tried “username” and get an Invalid credentials error, login as username@domainname.org and "domainname\username" and get User object not found. Not sure what I am missing here…. And yes I have added my test user to the iLo group I created.
Any help would be great, I’ve been pulling my hair out on this one
Thanks
-Art
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-22-2009 01:04 AM
04-22-2009 01:04 AM
Re: iLo Default Schema AD Cofiguration help
[...]OU=
single domain in a tree
NB! this doesn't point to the group, but to the OU where the group/user resides.
there may be a "CN=
use "OU=
if the test-account is member of the
Pieter
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-22-2009 06:43 AM
04-22-2009 06:43 AM
Re: iLo Default Schema AD Cofiguration help
The user context is the user's distinguished name minus their canonical name. You can get the user's distinguished name from a Windows machine by typing at the command prompt:
dsquery user -samid "login name"
where "login name" is the login account. This will return something to the effect of:
"CN=John Doe,OU=Information Systems,OU=North Region,DC=SomeCompany,DC=com"
Simply remove the "CN=John Doe," from this result and you have your user context.
Good luck!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-22-2009 09:14 AM
04-22-2009 09:14 AM
Re: iLo Default Schema AD Cofiguration help
Though when I run the directory test from iLo I get this:
Ping Directory Server Passed
Directory Server IP Address Not run
Directory Server DNS Name Passed
Connect to Directory Server Passed
Connect using SSL Passed
Certificate of Directory Server Passed
Bind to Directory Server Not run
Directory Administrator login Not run
User Authentication Failed
With a log like this:
Directory Server address dc.domainname.org resolved to X.X.X.X
Accepting Directory Server certificate for /CN=dc.domainname.org signed by /DC=org/DC=domainname/CN=CERT CA1
Unable to authenticate test user username [Invalid credentials]
Ceasing tests.
Is there something that needs to be configured in Active directory to allow this?
Thanks
-Art
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-24-2009 01:50 AM
09-24-2009 01:50 AM