Server Management - Remote Server Management
cancel
Showing results for 
Search instead for 
Did you mean: 

Set-HPEiLODirectoryGroup, remove login for authenticated users...

 
SOLVED
Go to solution
Highlighted
Occasional Advisor

Set-HPEiLODirectoryGroup, remove login for authenticated users...

Hi all,

Does anyone know if this is a bug/power feature or how to make the following scenario possible?

I'm trying to disable login for authenticated users, using LDAP as authentication method. I have DL380 Gen10's with iLO5 (fw 1.39-1.45) using HPE iLO cmdlets v3.0.0.0 (I beleive this worked in v2.2.0.0).

Whichever way I have attacked this, I always ends up with a partial result and the change is not reflected in the GUI.  Note that I'm using the administrator account to make changes.

$iLOConnection | Set-HPEiLODirectoryGroup -GroupName "Authenticated Users" -GroupSID 'S-1-5-11' -LoginPrivilege 'No' -Force

IP            Hostname  Status StatusInfo
--            --------  ------ ----------
1.1.1.1          PARTIAL HPE.Framework.Core.StatusInfo

 

Is there a way around this or should I simply remove the group instead (not prefered)?

Thanks

3 REPLIES 3
Highlighted
HPE Pro

Re: Set-HPEiLODirectoryGroup, remove login for authenticated users...

hello

 

right now  no way to disable login for authenticated users, try remove the group and verify the same 


I am an HPE Employee

Accept or Kudo

Highlighted
HPE Pro
Solution

Re: Set-HPEiLODirectoryGroup, remove login for authenticated users...

We are able to reproduce the scenario only when login privilege is set to yes and all other privilege is set to No.

The behavior is an expected behavior for redfish and RIBCL  i.e. when there is no other privilege for a group, changing the login privilege to “No” is not permitted by Redfish/RIBCL.


I am an HPE Employee

Accept or Kudo

Highlighted
Occasional Advisor

Re: Set-HPEiLODirectoryGroup, remove login for authenticated users...

Hi,

I will have to change approach and remove the group instead.  We do not wish our domain users to be able to login and have view access.

Thank you for confirming that this is a power feature.