- Community Home
- >
- Servers and Operating Systems
- >
- HPE BladeSystem
- >
- BladeSystem - General
- >
- Re: Help configuring LDAP integration for BladeSys...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2008 06:08 AM
тАО12-18-2008 06:08 AM
I have read a few threads here, for example this, http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1277300
but cannot seem to get everything in order.
What happens is that when I run the LDAP tests I get a status of authentication = success but authorization = failed.
In addition I can use HP SIM as single sign-on and get logged in with my AD-key, but that's not completely what I want.
So obviously I have the servers in place and these settings correctly configured, but I am missing something in regards to actual access.
So, what should I actually put into each field, I am not sure after reading the manual ( http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00705292/c00705292.pdf ) what should actually be in each field.
Here's what I have
Directory Server address: myserver.mydomain.net
Directory Server SSL Port: 636
Search Context 1: OU=My OU,CN=Admin,CN=MainOU,DC=mydomain,DC=net
This is my first question, should the search context point to the path where the USER is or the path where the GROUP in which the user is a member is ?
And in which case should CN= be used or OU= be used ? is CN= only for users or groups and OU= for OU's ? (As you can guess I am more comfortable with the ILO authentication settings and config syntax... :-))
Additionally I have enabled the "Use NT Account Name Mapping (DOMAIN\username)" setting, is this only for easy login or for account lookup as well ?
On top of this I have added two domain groups, using their AD names, and granted the groups Administrator access, and I am member of the groups.
Still I get authorization failed ?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2008 07:16 AM
тАО12-18-2008 07:16 AM
Re: Help configuring LDAP integration for BladeSystem OA login
http://forums11.itrc.hp.com/service/forums/categoryhome.do?categoryId=298
There are a lot more on the ILO/OA AD integration.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2008 10:59 PM
тАО12-18-2008 10:59 PM
Re: Help configuring LDAP integration for BladeSystem OA login
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2008 11:29 PM
тАО12-18-2008 11:29 PM
Re: Help configuring LDAP integration for BladeSystem OA login
And for the questions about wich ou to point out. You need to point to the OU where the users are as 2.31 and down doesn't support nested groups. Thats a new feature in 2.32
ou=Users,dc=MyCompany,dc=com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-19-2008 01:23 AM
тАО12-19-2008 01:23 AM
Re: Help configuring LDAP integration for BladeSystem OA login
I thought that would be related to membership in groups specified to allow access ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-19-2008 01:24 AM
тАО12-19-2008 01:24 AM
Re: Help configuring LDAP integration for BladeSystem OA login
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-19-2008 07:23 AM
тАО12-19-2008 07:23 AM
Re: Help configuring LDAP integration for BladeSystem OA login
It should Point to the group in which user is member.
Try the below search Context:
Search Context 1: OU=My OU,OU=Admin,OU=MainOU,DC=mydomain,DC=net
If the Groups are directly under Users in Domain, Use CN otherwise use OU.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-19-2008 07:26 AM
тАО12-19-2008 07:26 AM
Re: Help configuring LDAP integration for BladeSystem OA login
And I've added the actual groups in that OU that I want to grant access.
But I still can't get things to work, I only get authentication success and authorization failure. So I must still be doing something wrong somewhere ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-19-2008 07:32 AM
тАО12-19-2008 07:32 AM
Re: Help configuring LDAP integration for BladeSystem OA login
Don't use the test LDAP Test Page. Does it work?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-19-2008 07:50 AM
тАО12-19-2008 07:50 AM
Re: Help configuring LDAP integration for BladeSystem OA login
Try the attachment, is it same as your directory structure?
try the search context if it matches.