- Community Home
- >
- Software
- >
- HPE OneView
- >
- Struggling with AD authentiction
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-05-2014 08:02 AM
11-05-2014 08:02 AM
Hi all!
I am struggling with AD authentication to work in OneView. I have version 1.10.05 (latest) and can not get it to work with AD integration.
All the users that have Admin rights to OneView is in this group: OneView Admin and context to this group is:
OU=Groups,OU=NET,DC=Company,DC=SE
In the "Add Directory" screen I have just a description in the first field. Correct??
Directory Type is "Active Directory"
Search Context is:
First Field: CN (nothing more than CN. Should it be?? or should it be CN=OneView Admin)
Second Field: OU=Groups,OU=NET
Third Field: DC=Company,DC=SE
I have checked that the group I want to give authority to log is in OU=Groups
Credential:
I have use a Domain Admin. Should it be just username or domain\username or shold the user exist in the above search context?
For me that have to work with HPSIM this is a very complex integration. More example in the help text are needed
BR
/Mikael Christenson
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-05-2014 09:47 AM
11-05-2014 09:47 AM
SolutionWelcome to the HP OneView Communities.
Two things:
- The username you provided is not in the correct format. Only CN account values are allowed. You provided an NT Domain style account name, which is not supported. To get the CN value, open Active Directory Users and Computer MMC console, turn on Advanced Features under Options, navigate to the user account, open the Properties, then click on Attribute Editor. Scroll down until you get to CN, and copy the value. You must use this AD attribute for authentication for Directory Configuration validation, Add Directory Group, and authentication at the main logon screen of the appliance.
- There are a number of LDAP/AD bugs introduced in the 1.10.05 patch/release. We have a patch in testing (1.10.07) that will not only address LDAP/AD bugs, but will also introduce NtSamAccountName and UPN support for AD.
Unfortunately, I do not have an ETA on when the .07 patch will be released, but we are close. Once it is released, an announcement will be made in this forum.
I am an HPE employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-05-2014 12:30 PM
11-05-2014 12:30 PM
Re: Struggling with AD authentiction
Thanks Chris!
That really helped me. But do you really mean that that I have to use my CN name to logon to the appliance if I enable AD-support?
I really looking forward to the patch that enables NT account.
Thanks again
/Micke Ch
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-05-2014 12:33 PM
11-05-2014 12:33 PM
Re: Struggling with AD authentiction
Unfortunately, you need to use the CN value of your, and other, user account.
I am an HPE employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-12-2015 12:46 PM
01-12-2015 12:46 PM
Re: Struggling with AD authentiction
Just to complete the discussion in this topic, both the 1.10.07 and 1.20 releases support SamAccountName and UPN usernames for authentication. You still provide CN as the Attribute value in the first field when configuring LDAP/Active Directory authentication on the appliance.
I am an HPE employee