•
How directory integration works
At the login page, enter a login name and a password. If ActiveX is enabled in the browser, the login name is converted to the directories DN format and stored in a security cookie in the browser. The browser then loads the home page for RILOE II.
RILOE II reads the security cookie and extracts the DN for each page displayed. RILOE II reads the directory object pointed to by the DN. RILOE II then determines what groups the object is a member of and compares this information with a list kept in RILOE II. If there is a match, then the privileges associated with this group in RILOE II determine whether you have access to the page requested.
When using a
If you are a member of any group that RILOE II recognizes, you have login rights to RILOE II, regardless of what rights are associated with the group. User rights are a combination of all rights for the groups you are a member of that RILOE II recognizes.
If at login the ActiveX control does not run, then the complete login name or the login name prepended with a user context is used for the directory lookup process. For this to work, the login name must either be in full DN format or in a format that the combination of the login name with a user context is made into a full DN.
HP Extended schema
Refer to the
Advantages and disadvantages of schema-free and HP Extended schema
Before configuring RILOE II for directories, you must decide whether to use the directory's
The advantages of using the
•There is no need to extend the directory's schema.
•When ActiveX controls are enabled on the browser, logging in using NetBIOS and
The advantages of using the HP Extended schema option are:
•There is much more flexibility in controlling access. For example, access can be limited to a time of day or from a certain range of IP addresses.
•Groups are maintained in the directory, not on each RILOE II.
•eDirectory works only with RILOE II using the HP Extended schema.
Directory services 76