Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
Showing results for 
Search instead for 
Do you mean 

iLO 2 - AD authentication - Default Schema

Advisor

iLO 2 - AD authentication - Default Schema

I am only able to logon when I use the distinguished name for my account which leads me to believe that the "Directory User Context" is not configured properly.

I have configured the "Directory User Context 1" with the DN of the OU where my user account is located in active directory.

I've noticed that in all of the examples on all of the threads, a "container" is always used.

ex. CN=Users,DC=MyDomain,DC=Com

Is there a known issue if my account is located in an OU instead of a container? Or maybe my syntax is wrong?

ex. OU=Administrators,OU=IT,OU=US,DC=MyDomain,DC=COM
6 REPLIES
Occasional Advisor

Re: iLO 2 - AD authentication - Default Schema

Your syntax looks correct. Have you tried to login using "Display Name" of your AD account?

God Bless,
LC...
Advisor

Re: iLO 2 - AD authentication - Default Schema

Yes, I have tried displayName.

Thanks,

Jim
Honored Contributor

Re: iLO 2 - AD authentication - Default Schema

Advisor

Re: iLO 2 - AD authentication - Default Schema

Thanks, I have that manual and it really only goes so far.

I believe that everything is set up correctly as I am able to logon with a DN. When I logon with another format, I get "user object not found". This leads me to believe that iLO is not looking in the right place for the account.

With that said, I've set up other LDAP application in the past and script quite a bit, so I'm pretty familiar with how this all works, but I'm obviously missing something.

In the manual, all of the examples for "Directory User Context" use "Containers" and not OUs and I'm wondering if that is the problem. We don't use the default containers as they are a security risk.
Occasional Advisor

Re: iLO 2 - AD authentication - Default Schema

Hi

Your syntax is correct. You can use Containers or OUs or leave the directory Context blank. This is a placeholder so it can make a easy and quick search.

If you can login with DN ONLY and not domainname\username format, try this.

GO to Internet Explorer - Tools - Internet Options - Intranet (choose the appropriate zone) - Go to ActiveX controls and Plugins -
"Initialize and script ActiveX Controls not marked as safe for scripting" - Set it to prompt.

Try loggin in with the domainname\username format. Good luck
Advisor

Re: iLO 2 - AD authentication - Default Schema

Perfect. It worked!
//Add this to "OnDomLoad" event