Simpler Navigation for Servers and Operating Systems
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
Server Management - Remote Server Management
cancel
Showing results for 
Search instead for 
Did you mean: 

iLO2 "Directory Default Schema" Config

jns32
Occasional Visitor

iLO2 "Directory Default Schema" Config

I have been trying for several days to get a new iLO2 card to play nicely with Active Directory. I have used the "Lights-Out Migration Utility" to do a config, have done several myself (based on the "Conveniently integrating HP ProLiant Lights-Out processors with Microsoft® Active Directory" Integration Note, and nothing is working.
Here are the details:
Under "Directory" tab:
Using Directory Default Schema, "Directory Server Address" is "server1.domain.lcl", LDAP Port is 636, "Directory User Context 1": CN=Users,DC=domain,DC=lcl
"Directory User Context 2: OU=Users,DC=domain,DC=lcl
---
For User Admin - Group Accounts, the "Administrator" group is set with a "Security Group Distinguished Name" of CN=iLO,CN=Users,DC=domain,DC=lcl.

We have 4 AD users (all Domain Admins) in the iLO group which we wish to give access to the iLO2. Our iLO2 card has the Advanced license and is running v. 1.79 firmware.

The result I am getting is this:
When I perform a "test settings", the failure occurs at "User Authentication" with the following log -
Initiating Directory Settings diagnostic for server server1.domain.lcl
Directory Server address server1.domain.lcl resolved to 192.168.132.30
Accepting Directory Server certificate for /CN=server1.domain.lcl signed by /DC=lcl/DC=domain/CN=server2
Unable to authenticate test user username [Invalid credentials]
Ceasing tests.
Some diagnostics FAILED for server server1.domain.lcl

Attempting to log on to the iLO2 card in the following formats fails:
domain\username
username
username@domain.lcl

Any help would be greatly appreciated.
Thank you.
5 REPLIES
branfarm
Advisor

Re: iLO2 "Directory Default Schema" Config

Were you ever able to resolve this issue? I have been struggling with the exact problem for some time now.
Thanks,

Brandon
jns32
Occasional Visitor

Re: iLO2 "Directory Default Schema" Config

Nope, eventually just gave up. I really needed this to work, but it isn't something I can spend a whole week on!
branfarm
Advisor

Re: iLO2 "Directory Default Schema" Config

I hear ya -- I don't know why it has to be so difficult. The OA ldap config is very simple -- why is iLO/iLO2 so different?

I was able to get mine working, but you end up having to use the Display name of the user. So instead of the username, JSmith for example, you use John Smith. It works, but since it's different than OA It will just be confusing.
Ben Short
Frequent Advisor

Re: iLO2 "Directory Default Schema" Config

Just out of interest, is the username you log in with the same as the Common Name (CN) of the AD User Object?

Quite often these two values will not match up depending on your AD Deployment.

With a bit of poking around with ADExplorer or ADSI you should be able to locate what the CN of your user account is.

Try logging in with the CN and hopefully that may solve your problem :)
Marc_82
Occasional Visitor

Re: iLO2 "Directory Default Schema" Config

The magic answer for me was that the login name to use was the display name! In my case the display name is different from the user logon name.
My display name is John Doe and my user logon name is johndoe, with @corp.contoso.com or CORPCONTOSO\ as alternatives.
To log on in iLO now I just juse John Doe with the right capitals and my password and I log in to iLO from my AD account.
That was what is was just trying to find out the last couple of days.

note to HP: please make this more clear in your documentation.
http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00190541/c00190541.pdf?jumpid=reg_R1002_USEN