a.Right-click the remoteAdmins role in the roles organizational unit in the region1 organizational unit, and select Properties.

b.Select the Role Managed Devices subtab of the HP Management tab, and click Add.

c.Using the Select Objects dialog box, browse to the HP devices organizational unit in the region1 organizational unit. Select the three iLO 2 MP objects created in step 2. Click OK and click Apply.

d.Add users to the role. Click the Members tab, and add users using Add and the Select Objects dialog box. The devices and users are now associated.

e.To set the rights for the role, use the Lights Out Management Device Rights subtab of the HP Management tab (Figure 7-16).

Figure 7-16 Setting Role Rights

All users within a role will have rights assigned to the role on all of the iLO 2 MP devices managed by the role. In this example, users in the remoteAdmins role are given full access to the iLO 2 MP functionality. Select the boxes next to each right, and click Apply.

f.To close the property sheet, click Close.

4.Using the same procedure as in step 3, edit the properties of the remoteMonitors role:

a.Add the three iLO 2 MP devices within HP devices under region1 to the Managed Devices list on the Role Managed Devices subtab of the HP Management tab.

b.Add users to the remoteMonitors role using the Members tab.

c.Using the Lights Out Management Device Rights subtab of the HP Management tab, click the Login checkbox, and click Apply and Close. Members of the remoteMonitors role are now able to authenticate and view the server status.

User rights to any iLO 2 MP device are calculated as the sum of all the rights assigned by all the roles in which the user is a member, and in which the iLO 2 MP device is a managed device. Using the preceding examples, if a user is in both the remoteAdmins and remoteMonitors roles, he or she has all rights, because the remoteAdmins role has those rights.

To configure an iLO 2 MP device from the previous example and associate it with an iLO 2 MP object, use settings similar to the following on the iLO 2 MP directory settings TUI.

NOTE: In LDAP Distinguished Names, use commas, not periods, to separate each component.

RIB Object DN = cn=rib-email-server,ou=hp

Directory Services for eDirectory 165

Page 165
Image 165
HP Integrity iLO 2 MP 5991-6005 manual Setting Role Rights, Add users to the remoteMonitors role using the Members tab