Directory Services | 155 |
3.In Windows® 2000, the safety interlock that prevents accidental writes to the schema must be temporarily disabled. The schema extender utility can do this if the remote registry service is running and the user has sufficient rights. This can also be done by setting
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Service sParameters\Schema Update Allowed in the registry to a non- zero value (refer to the "Order of Processing When Extending the Schema" section of Installation of Schema Extensions in the Windows® 2000 Server Resource Kit) or by the following steps. This step is not necessary if you are using Windows® Server 2003.
IMPORTANT: Incorrectly editing the registry can severely damage your system. HP recommends creating a back up of any valued data on the computer before making changes to the registry.
a.Start MMC.
b.Install the Active Directory Schema
e.Click OK.
The Active Directory Schema folder might need to be expanded for the checkbox to be available.
4.Create a certificate or install Certificate Services. This step is necessary to create a certificate or install Certificate Services because iLO communicates with Active Directory using SSL. Active Directory must be installed before installing Certificate Services.
5.To specify that a certificate be issued to the server running active directory:
a.Launch Microsoft® Management Console on the server and add the default domain policy
c.
d.Using the wizard, select the domain controller template, and the certificate authority you want to use.