- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Remote Server Management
- >
- Re: Active Directory and ILO2, I am almost there!...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-21-2008 06:25 AM
тАО03-21-2008 06:25 AM
Active Directory and ILO2, I am almost there!!!!
I am able to login with my DN string
CN=Test\, Dan,CN=Users,DC=ad,DC=domain,DC=com
(I got the string from the ldp utility and if it was not for a poster I would never have figured out the \ after Test)
I then was able to add
CN=Users,DC=ad,DC=domain,DC=com
to the Directory User Context 1: and now I can login with just Test\, Dan.
Obviously I can't leave it like this because users aren't gogin to know there DN especially with the \ after there last name.
I am looking to do what everyone else is trying to do and that is to be able to use the login name that is "dtest" for this user. I have tried adding the @ad.domain.com to the Directory User Context and that did not work.
I did see that there was mention of Active X having to be enabled and I have setup my active x setttings for "Internet" for the following
Allow previously unused ActiveX controls to run without prompt
Disable
Allow Scriptlets
Disable
Automatic prompting for ActiveX controls
Disable
Binary and script behaviors
Enable
Display video and animation on a webpage that does not use external media player
Disable
Download signed ActiveX controls
Prompt
Download unsigned ActiveX controls
Disable
Initialize and script ActiveX controls not marked as safe for scripting
Prompt
Run ActiveX controls and plug-ins
Enable
Script ActiveX controls marked as safe for scripting*
Enable
With no luck
Now I am not sure if there is a group policy pushing down to deny the active x ability to run and if anyone know the key to check that would be great.
well that is where I stand and if anyone knows of any more things to check that would be great.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-21-2008 08:39 AM
тАО03-21-2008 08:39 AM
Re: Active Directory and ILO2, I am almost there!!!!
Your client needs to be in the same domain as your directory server for the short name to work. Try dtest@ad.domain.com.
Need to enable
Initialize and script ActiveX controls not marked as safe for scripting
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-21-2008 12:21 PM
тАО03-21-2008 12:21 PM
Re: Active Directory and ILO2, I am almost there!!!!
I do have a group similar to test called iLO (has the user dtest in it) so I added that to the string
CN=iLO,CN=Users,DC=ad,DC=domain,DC=com
I also made the change to the active X and tried logging in with dtest@ad.domain.com, ad.domain.com\dtest all without success.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-23-2008 08:41 AM
тАО03-23-2008 08:41 AM
Re: Active Directory and ILO2, I am almost there!!!!
(Administration->Network) which would help the directory user to login with "Email"(loginname@domain) and "NetBios name"(domain/loginname)
formats.
Primary/Secondary/Tertiary DNS Server
The Primary/Secondary/Tertiary DNS server IP address should be same
as the Active directory server IP address.
Domain Name
This domain should be same as the domain for which the
Active directory server is configured.
One other suggestion
Please ensure "Directory Server Address" under "Administration->Security->Directory" has "FQDN"(Fully qualified
domain name) instead of IP address.
Example : test.rind.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-25-2008 06:01 AM
тАО03-25-2008 06:01 AM
Re: Active Directory and ILO2, I am almost there!!!!
I did what you said and:
-Primary/Secondary/Tertiary DNS Server
The Primary/Secondary/Tertiary DNS server IP address should be same
as the Active directory server IP address.
It is, I only have one AD server in this test environment and it is also the only dns server.
-Domain Name
This domain should be same as the domain for which the
Active directory server is configured.
It is, ad.domain.com
-One other suggestion
Please ensure "Directory Server Address" under "Administration->Security->Directory" has "FQDN"(Fully qualified
domain name) instead of IP address.
Example : test.rind.com
This also was setup correctly.
I tried logging in as ad.domain.com/dtest and it did not work. It came up as unauthorized. Man this is a good one..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-25-2008 06:36 AM
тАО03-25-2008 06:36 AM
Re: Active Directory and ILO2, I am almost there!!!!
Do you have a Container (folder) called Test? I used the wrong term of group earlier.
If you look at the User property for Account Dan, does it show "User logon name" as Dan follow by @ad.domain.com or is it Dtest?
If above is true. Then you should be able to login as ad.domain.com\dan or dan@ad.domain.com
Is it possible to get a screenshot of your mmc for the "AD Users and Computers" where the users are located?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-25-2008 07:56 AM
тАО03-25-2008 07:56 AM
Re: Active Directory and ILO2, I am almost there!!!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-25-2008 12:11 PM
тАО03-25-2008 12:11 PM
Re: Active Directory and ILO2, I am almost there!!!!
I dontt have a container called test. I have one called ilo so in ad under the USERS group I created the user dtest and also in the USERS folder I created the group ilo and added the user dtest to the ilo group. Is that the issue? Should the group ILO not be ing the USERS group that is created with AD? rather it should be under a new ou? I can get screen shots tomorow because it is in our test environment.
As far as this question
If you look at the User property for Account Dan, does it show "User logon name" as Dan follow by @ad.domain.com or is it Dtest?
it is dtest then @ad.analog.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-25-2008 03:08 PM
тАО03-25-2008 03:08 PM
Re: Active Directory and ILO2, I am almost there!!!!
If the users and groups are in the Users container, iLO should be able to locate the users. To make it simple to trouble shoot, go ahead and remove the group for now.
Are you using the "extended schema" method?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-26-2008 04:31 AM
тАО03-26-2008 04:31 AM
Re: Active Directory and ILO2, I am almost there!!!!
CN=Users,DC=ad,DC=domain,DC=com