HP Integrated Lights-Out 4 User Manual
Page 49
Figure 22 Add/Edit Directory Group page
3.
Provide the following details in the Group Information section:
•
Group DN (Security Group DN)—DN of a group in the directory. Members of this group
are granted the privileges set for the group. The specified group must exist in the directory,
and users who need access to iLO must be members of this group. Enter a DN from the
directory (for example, CN=Group1, OU=Managed Groups, DC=domain, DC=extension).
Shortened DNs are also supported (for example, Group1). The shortened DN is not a
unique match. Any group named Group1 is displayed. HP recommends using the fully
qualified DN.
•
Group SID (Security ID)—Microsoft Security ID is used for Kerberos and LDAP group
authorization. This is required for Kerberos. The format is S-1-5-2039349.
4.
Select from the following permissions when you are adding or editing a group account:
•
Administer User Accounts—Enables users to add, edit, and delete local iLO user accounts.
•
Remote Console Access—Enables users to remotely access the host system Remote Console,
including video, keyboard, and mouse control.
•
Virtual Power and Reset—Enables users to power-cycle or reset the host system. These
activities interrupt the system availability. Users with this privilege can diagnose the system
by using the Generate NMI to System button.
•
Virtual Media—Enables users to use the Virtual Media feature on the host system.
•
Configure iLO Settings—Enables users to configure most iLO settings, including security
settings, and to remotely update iLO firmware.
After iLO is configured, revoking this privilege from all users prevents reconfiguration with
the web interface, HPQLOCFG, or the CLI. Users who have access to iLO RBSU, the UEFI
Administering users
49