- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Remote Server Management
- >
- Re: ILO with AD integration
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-22-2006 01:33 PM
тАО07-22-2006 01:33 PM
ILO with AD integration
I do not want to install extended schema.
I only want to use LDAP.
Why is it so hard to make it work?
Can anyone give me some simple instructions to implement ILO with AD in a Use Directory Default Schema?
Thanks,
David
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-23-2006 08:16 PM
тАО07-23-2006 08:16 PM
Re: ILO with AD integration
are trying to use.
Is it
1.short name
Ex : sriv s
2.Distinguished name
Ex : CN=sriv s,CN=Users,DC=mycompu,DC=com
3.loginname@domain.com format
Ex : sriv@mycompu.com
4.Netbios name
Please configure iLO with the appropriate directory settings and Group
distinguished name.
Follow the steps below.
1.Logon to iLO with the appropriate login and password.
2.Click Administration->Directory settings.
3.Configure "directory settings" with appropriate parameters as under
1.Directory Server address
Ex : dlilo1.india.hp.com
2.LDAP port as "636".
3.Fill in appropriate "Directory User Context 1
Ex:CN=Users,DC=mycompu,DC=com
4.Click "Apply Settings" to save the directory settings.
5.Repeat "Step 2" to go back to directory
settings page.
4.Now click on "Administer Groups".
5.Select the appropriate group.
Ex : custom1
6.Fill in the Group distinguished name.
Ex : CN=newgroup,CN=Users,DC=mycompu,DC=com
NOTE : Please don't give any extra space.
7.Enable the appropriate access rights for this group.
8.Click on "Save Group Information" save the group settings.
Please ensure the following.
1.In windows Active directory setup
the same group(Ex:newgroup) exists.
2.User who tries to login to iLO is
present in this group.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-11-2006 03:30 AM
тАО08-11-2006 03:30 AM
Re: ILO with AD integration
I am having trouble following your instructions.
I entered the information you suggested, of course substituting the correct information, for Directory User Context 1. However, when I click Apply Settings, I get an alert box with the message: "LOM Object distinguished name is not specified. Applying these settings will prevent directory authentication."
I also tried entering the information in the LOM ODM field, but authentication still does not work.
Under Modify Group, I listed the CN for the lowest level of the group, and moved up to dc=com. Ex: cn=IT,cn=LoginScripts,cn=groups,dc=[domain],dc=com. (no real CN's listed here.)
I have tried loging in with the following:
doman\username
username@domain.com
The directory server address is resolved.
It accepts the certificate.
Unable to authenticate domain\user [object not found].
-OR-
Unable to authenticate test user, user@domain.com.
Thank you for your help.
Jack Roberts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-13-2006 07:15 PM - last edited on тАО11-13-2020 04:12 AM by Vajith V
тАО08-13-2006 07:15 PM - last edited on тАО11-13-2020 04:12 AM by Vajith V
Re: ILO with AD integration
Please use the HP Lights Out directory migration utility(HPQLOMIG.exe) which helps you to configure iLO for either
Default Schema or Extended Schema.This is a
GUI based tool.
HPQLOMIG.exe is part of "HP Directories Support for Management Processors" softpaq
(SP31581.exe) which is downloadable from the
following web site.
https://support.hpe.com/hpsc/swd/public/detail?swItemId=MTX_13aa310d9f23432a8d02d5ad56
iLO directory configuration pictures
I have attached the ZIP file which has the pictures of the iLO directory configuration for your reference.
1.iLOdirsettings.bmp
This picture shows the directory settings
for default schema.
NOTE: Please ensure you fill in the
hostname field in "Directory server
address" field.
This is required for logging using
"loginname@domain.com" and Netbios
name format(Domain name\loginname)
Assuming "sriv" is the login name
Ex : loginname@domain.com
sriv@mycompu.com
Ex : Netbios name (domain\loginmame)
MYCOMPU\sriv
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-17-2007 07:06 AM
тАО04-17-2007 07:06 AM
Re: ILO with AD integration
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-17-2007 07:59 PM
тАО04-17-2007 07:59 PM
Re: ILO with AD integration
I see that you have password for the "LOM object password".
That would only be needed for the HP Schema extension right?
ANSWER
YES.
LOM Object Distinguished Name,LOM Object Password and LOM Object Password
Confirm fields in "iLO directory settings page" are needed only for HP
Extended schema.
For "Schema-free directory integration" these fields can be ignored.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-18-2007 02:49 AM
тАО04-18-2007 02:49 AM
Re: ILO with AD integration
2nd Question.
For "Directory User Context 1:", is this field required to be filled out for schema-free, the white papers on iLO AD skipped this section using the GUI utility.
And if required, so far I've placed the container which the user/group resided in AD as such:
CN=Users,DC=ibx,DC=com
Is this correct?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-18-2007 07:21 AM
тАО04-18-2007 07:21 AM
Re: ILO with AD integration
I think since I am not using SSL at all, I should use port 389?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-18-2007 07:32 PM - last edited on тАО11-13-2020 04:13 AM by Vajith V
тАО04-18-2007 07:32 PM - last edited on тАО11-13-2020 04:13 AM by Vajith V
Re: ILO with AD integration
QUERY 1
For schema-free "Directory User Context 1" field is required.
CN=Users,DC=ibx,DC=com is correct as long as it matches with Active
directory server configuration.
QUERY 2
iLO supports LDAP over SSL.So default LDAP port should be 636
Refer the whitepaper
"Integrating HP ProLiant Lights-Out processors with Microsoft├В┬о Active
Directory"
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=c00190541
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-13-2008 09:05 AM
тАО03-13-2008 09:05 AM