Server Management - Remote Server Management
1745793 Members
3927 Online
108722 Solutions
New Discussion юеВ

iLO AND AD problem

 
Chintan Shah
Occasional Advisor

iLO AND AD problem

Hi,
At one of my client. I upgraded the iLO to 1.7. But AD integration has disappeared. I have checked the directory settings in OA and directory group information. Everything is there. But iLO somehow is dis integrated of AD. There is no option for AD settings. Only local admin in User administration tab (inside iLO)..
Does upgrading iLO to 1.7 require to re-integrate AD, head scratcher!!!
5 REPLIES 5
WFHC-WI
Honored Contributor

Re: iLO AND AD problem

What iLO license do you have?
Chintan Shah
Occasional Advisor

Re: iLO AND AD problem

iLO 2 license... How does iLO licensing interfere with the upgrade. Since, HP is pushing hard for RSP, requiring SIM 5.3 and advisory says to have iLO 1.7 to avoid SSH problems.. So, I suppose iLO licensing should not cause any problem in upgrade action. Just a opinion.
WFHC-WI
Honored Contributor

Re: iLO AND AD problem

AD integration requires an iLO2 Advanced license. Is this the type of iLO license you are using on this server?
Chintan Shah
Occasional Advisor

Re: iLO AND AD problem

Hi, thank you for your reply. we have iLO 2 license, which provides AD integration as standard function. Ok. If I start from the start, how to start with AD integration with iLO 2 version 1.7
I have Directory settings and Directory groups already created, what next?
WFHC-WI
Honored Contributor

Re: iLO AND AD problem

Hi again Chintan.

Visit the Administration tab and choose "Licensing." This will show you the specific license for your iLO port. It may be iLO2 Standard, iLO2 Advanced, iLO2 Blade Select, etc.

The _Advanced_ license is needed for AD authentication.

Next, from this document:
http://bizsupport2.austin.hp.com/bc/docs/support/SupportManual/c00553302/c00553302.pdf

Enter the directory server├в s DNS name or IP address and LDAP port. Typically, the LDAP port for an SSL connection is 636.

Enter the distinguished name for at least one group. This group can be a security group (for example: "CN=Administrators,CN=Builtin,DC=HP,DC=com") or any other group as long as the
intended iLO 2 users are members of the group. With a minimum configuration, you can log into iLO 2 using your full distinguished name and password. You must be a member of a group that iLO 2 recognizes.

So you would log in with a username like "CN=Chintan Shah,OU=Contractors,OU=North Region,DC=SomeCompany,DC=com"

(Remember in iLO both usernames and passwords are case sensitive.)

Also, you can enter at least one directory user context to make logging in simpler.
At login time, the login name and user context are combined to make the user's distinguished name.
For instance, if you set up a user context of "OU=USERS,DC=HP,DC=COM" then log in with username "CHINTAN.SHAH", the distinguished name "CN=CHINTAN.SHAH,OU=USERS,DC=HP,DC=COM" will be used for authentication.

Good luck!