Directory tests, Encryption – HP Integrated Lights-Out User Manual
Page 55
Configuring iLO 2 55
Instead of logging in as cn=user,ou=engineering,o=hp a search context of
ou=engineering,o=hp allows login as user
Example 2:
If a system is managed by Information Management, Services, and Training, search contexts like:
Directory User Context 1:ou=IM,o=hp
Directory User Context 2:ou=Services,o=hp
Directory User Context 3:ou=Training,o=hp
Allow users in any of these organizations to log in using just their common names. If a user exists in
both the IM organizational unit and the Training organizational unit, login is first attempted as
cn=user,ou=IM,o=hp.
Example 3 (Active Directory only):
Microsoft Active Directory allows an alternate user credential format. Search contexts in this format
cannot be tested except by successful login attempt. A user may login as:
in which case a search context of
@domain.hp.com
allows the user to login as
user
To test the communication between the directory server and iLO 2, click Test Settings. For more
information, see the section, "Directory Tests (on page
)."
Directory tests
To validate current directory settings for iLO 2, click Test Settings on the Directory Settings page. The
Directory Tests page appears.
The test page displays the results of a series of simple tests designed to validate the current directory
settings. Additionally, it includes a test log that shows test results and any problems that have been
detected. After your directory settings are configured correctly, you do not need to rerun these tests. The
Directory Tests screen does not require you to be logged in as a directory user.
To verify your directory settings:
1.
Enter the distinguished name and password of a directory administrator. A good choice would be
the same credentials used when creating the iLO 2 objects in the directory. These credentials are not
stored by iLO 2. They are used to verify the iLO 2 object and user search contexts.
2.
Enter a test user name and password. Typically, this account would be intended to access the iLO 2
being tested. It can be the same account as the directory administrator. However, the tests cannot
verify user authentication with a superuser account. These credentials are not stored by iLO 2.
3.
Click Start Test. Several tests begin in the background, starting with a network ping of the directory
user through establishing an SSL connection to the server and evaluating user privileges as they
would be evaluated during a normal login.
While the tests are running, the page periodically refreshes. At any time during test execution, you can
stop the tests or manually refresh the page. Consult the help link on the page for test details and actions in
the event of trouble.
Encryption
iLO 2 provides enhanced security for remote management in distributed IT environments. Web browser
data is protected by SSL encryption. SSL encryption of HTTP data ensures that the data is secure as it is