Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
Showing results for 
Search instead for 
Do you mean 

Trying to link ilo to active directory

Occasional Visitor

Trying to link ilo to active directory

I am using the instructions based on the "intergrating hp proliant lights-out processors with microsoft active directory"
I am using the schema-free integration. I am using the hplomig.exe utility, as well as the web based tool for ILO.

I setup everthing as per the instructions. Here is the error I get. When I test from the ILO webpage

Connect to Directory Server Passed
Connect using SSL Passed
Certificate of Directory Server Passed
Bind to Directory Server Not run
Directory Administrator login Not run
User Authentication Failed
User Authorization Not run
Directory User Context 1 Not run
Directory User Context 2 Not run
Directory User Context 3 Not run
LOM Object exists Not run
LOM Object password Not run

Test Log
Initiating Directory Settings diagnostic for server "servername"
Directory Server address "servername resolved to xxx.xxx.xxx.xxx
Accepting Directory Server certificate for /CN=servername.domainname.org signed by /C=US/CN=domainname
Unable to authenticate test user "username" [User Object not found]
Ceasing tests.
Some diagnostics FAILED for server "servername"

I have doublechecked to make sure my user name and password were correct.

What am I missing.

4 REPLIES
Trusted Contributor

Re: Trying to link ilo to active directory

The following settings are required for schema-free directory settings to work

1) ldap server dns/ip
2) directory context field (at least one). Otherwise you can try to use full distinguished name of the user.

3) In the group settings page you need to give complete distinguished name of the group and appropriate privilages which would apply to the member of the group. Note that the distinguished name should exactly match without any extra space. If you use HPLOMIG you need not worry about this.

4) Add the user to the group which you have configured in the group settings page.

5) If you are trying to use user@domain or Netbios (domain\user) format, you need to enable activeX controls on the client machine. You should use only DNS name not ip for ldap server. In network settings page you need to provide ILO IP and the domain name.
Eg: yourldapserverDNS and directory context in directory settings page
In network settings page iloIP and yourdomain for ilo.
Honored Contributor

Re: Trying to link ilo to active directory

Occasional Contributor

Re: Trying to link ilo to active directory

I am using the hpqlomig.

I have two test users, each in different OU's but both are domain admin
I setup both OU's in the user context field, and the security group in its field. Yet only one of my uses work. I run a test from the ILO webpage and it runs the user authentication test it says the user has invalid credentials. The user is valid and can login to the servers
Occasional Contributor

Re: Trying to link ilo to active directory

Just as a follow up.

I have used or setup a number of different ou's, some with short names, others with long names, some 1 ou deep, othes as many as 8 out deep. All the users in those ou can use ILO, but the one OU my admin are in cannot use ILO if intergrated with AD. Why?
//Add this to "OnDomLoad" event