Server Management - Remote Server Management
1748150 Members
3678 Online
108758 Solutions
New Discussion юеВ

ILO Active Directory User Name Issue

 
chongkan
Trusted Contributor

Re: ILO Active Directory User Name Issue

in the AD server cmd run:

dsquery user username

where username is a known AD username to find out the current and correct DN for the users you want to grant access to ilo.

Then use the correct DN to configure the iLO with the ILO directories migration utility.

please let know.
Bilhan
Advisor

Re: ILO Active Directory User Name Issue

Hi,
I have tried all but still I can not log-in using SAMaccount name (shortname). I am also using schema free configuration.

Is there any solution to use short names in ILO login?

Thanks.
Frederic Oriol
New Member

Re: ILO Active Directory User Name Issue

I have been unable to use the short account name (Pre-Win2K name) too. Instead we found out that ILO uses the Directory Name (different from the Display Name). So you either have to login using that ("Fred Flintstone", quotation marks needed) or rename the account to match the Pre-Win2K name.
acartes
Honored Contributor

Re: ILO Active Directory User Name Issue

OR use the directory distinguished name syntax, i.e. cn=Administrator,o=ilo
The fully qualified user object name will work with all directory services.
thirusrinivasan
Occasional Advisor

Re: ILO Active Directory User Name Issue

Kamal and Scott

I have the same situation and we have ActiveX locked down for the users. Can you please tell me the exact settings that has to be enabled for ActiveX to allow just using the SAMAccountName for login.

I have to decided to ENABLE the Unsigned ActiveX Controls and the Initialize ActiveX scripts.
Please advise if this is OK or need more settings.

Thanks
Thiru
Lane Leverett
New Member

Re: ILO Active Directory User Name Issue

I had the same issue and although I cannot login with only the SAMAccountName, I can login with the UPN (i.e. username@domain.com). I only had to change one ActiveX setting based on our previous configuration. So this is what my ActiveX settings look like now that I have made the change:

*********************************************
Allow previously unused ActiveX controls to run without prompt
Disable
Allow Scriptlets
Disable
Automatic prompting for ActiveX controls
Disable
Binary and script behaviors
Enable
Display video and animation on a webpage that does not use external media player
Disable
Download signed ActiveX controls
Prompt
Download unsigned ActiveX controls
Disable
Initialize and script ActiveX controls not marked as safe for scripting
Prompt
Run ActiveX controls and plug-ins
Enable
Script ActiveX controls marked as safe for scripting*
Enable
*********************************************

The only one I change from our default settings was "Initialize and script ActiveX controls not marked as safe for scripting" from "Disable" to "Prompt".

I am also running the schema free option.

Thanks,

Lane Leverett
Jen S.
New Member

Re: ILO Active Directory User Name Issue

Since I kept finding this thread when I tried to resolve this issue myself, I figured I'd update it with my solution.

To obtain the DOMAIN\userid login, I added both the distinguished name for my security group OU and the distinguished name for my users OU to the "Directory User Context" options. The distinguished name for the security group itself was added to the group accounts section. Also, Active X has to be set to at least prompt as mentioned in another post here, and Directory Server Address must be set to the DNS name, not the IP. Hope this helps someone! :)
Matthew Thyer
Occasional Advisor

Re: ILO Active Directory User Name Issue

Is there a configuration possible where I can login with my userid (SAMaccountname) using the default schema and without ActiveX ? (e.g. from FireFox or other Linux browsers ?)
trilee2
Occasional Advisor

Re: ILO Active Directory User Name Issue

You can telnet or SSH to the ILO if you have it setup in the web interface. Problem is there is different syntax for that user name possible and it really quirky. The other problem is the command syntax is not at all intuitive one you're in there.
Matthew Thyer
Occasional Advisor

Re: ILO Active Directory User Name Issue

So there is no Web access method using the default schema that will let me login using my userid unless I have ActiveX ?

This is a pain for many environments that have ActiveX locked down.