Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
Showing results for 
Search instead for 
Do you mean 

AD Authentication for RILOE/iLO

Frequent Advisor

AD Authentication for RILOE/iLO

Hello,

I'm using the HP Lights-out Directories Migration Utility to configure the RILOE/iLO setting. I have a question regarding the section for Directory Server configuration.

Instead of pointing to a DC IP address or the DC FQDN, is there a way to configure for a domain so that there is redundancy and not depends on just ONE DC information?

If the DC failed, we will have problem login to the RILOE/iLOE.

Thanks!!


regards,
BLeng
5 REPLIES
Honored Contributor

Re: AD Authentication for RILOE/iLO

If you have a multi-homed domain controller- that is, more than one server, you can use the DNS name of the domain controller instead of the IP address.

If one of the domain controllers goes down and iLO tries to access it by name, it fails over to another domain controller.

This is a good practice for robustness.
Frequent Advisor

Re: AD Authentication for RILOE/iLO

Thanks Acartes,

First of all, our environment doesn't support multihome Domain Controller.

Furthermore, I understand (pls correct me if I'm wrong) that A "multihomed" domain controller is a computer that has multiple network adapters or that has been configured with multiple IP addresses for a single network adapter. In such case, there is no redundancy when this particular DC is down?

Is it possible to configure the Directory Server section to point to a domain (and it will find the nearest DC to authenticated by itself) or more than 1 DC IP address?

Thanks!!


regards,
BLeng
Honored Contributor

Re: AD Authentication for RILOE/iLO

You should be able to configure iLO to use the domain as opposed to a specific address. Try this out on a specific iLO first.

When iLO contacts the directory, it performs a DNS lookup on the field entered for the server name. If DNS returns alternate IPs, then iLO will "fail over" to the next address.
Honored Contributor

Re: AD Authentication for RILOE/iLO

There is an iLO Best Practices whitepaper linked below. You can get to this page from www.hp.com/servers/lights-out then Support then Manuals

http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual〈=en&cc=us&docIndexId=179111&taskId=101&prodTypeId=18964&prodSeriesId=397989

Specifically, within the whitepaper, your concern is discussed on page 23:

Setting up the directory server:
The directory server field can be configured with a DNS name or an IP address. The DNS name can be the DNS name of a single server or the DNS name of a domain. This field can be configured with multiple IP addresses or DNS names separated with a comma or space.
Frequent Advisor

Re: AD Authentication for RILOE/iLO

Hi Acartes,

thank you very much. That's what I'm looking for.


regards,
BLeng