In some cases, you might not be able to get the maximum login flexibility option to work. For instance, if the client and RILOE II are in different DNS domains, one of the two might not be able to resolve the directory server name to an IP address.

Setting up HP schema directory integration

When using the HP schema directory integration, RILOE II supports both Active Directory and eDirectory. However, these directory services require the schema being extended.

Features supported by HP schema directory integration

RILOE II Directory Services functionality enables you to:

Authenticate users from a shared, consolidated, scalable user database.

Control user privileges (authorization) using the directory service.

Use roles in the directory service for group-level administration of RILOE II management processors and RILOE II users.

Extending the schema must be completed by a Schema Administrator. The local user database is retained. You can decide not to use directories, to use a combination of directories and local accounts, or to use directories exclusively for authentication.

NOTE: When connected through the Diagnostics Port, the directory server is not available. You can log in using a local account only.

Setting up directory services

To successfully enable directory-enabled management on any Lights-Out management processor:

1.Review the following sections:

"Directory services (on page 75)"

"Directory services schema (on page 187)"

"Directory-enabled remote management (on page 103)"

2.Install:

a. Download the HP Lights-Out Directory Package containing the schema installer, the management snap-in installer, and the migrations utilities from the HP website (http://www.hp.com/servers/lights-out).

b. Run the schema installer (on page 81) once to extend the schema.

c.Run the management snap-in installer (on page 83), and install the appropriate snap-in for your directory service on one or more management workstations.

3.Update:

a.Flash the ROM on the Lights-Out management processor with the directory-enabled firmware.

b.Set directory server settings and the distinguished name of the management processor objects on the Directory Settings (on page 99) page in the RILOE II GUI.

4.Manage:

a.Create a management device object and a role object ("Directory services objects" on page 88) using the snap-in.

b.Assign rights to the role object, as necessary, and associate the role with the management device object.

c.Add users to the role object.

Directory services 79

Page 79
Image 79
HP 232664-006 manual Setting up HP schema directory integration, Features supported by HP schema directory integration