HP Onboard Administrator User Manual

Configuring the HP BladeSystem c7000 enclosure and enclosure devices 274

Use the Directory Settings screen to set directory access for the currently selected enclosure.

•

Enable LDAP Authentication—Select this check box to enable a directory server to authenticate a user
sign in.

•

Enable Local Users—Select this check box to enable a user to sign in using a local user account instead
of a directory account.

•

Search Context—Specify one to six search contexts. A search context is a search filter or shortcut to a
common directory, defining the directory user search to start at the specified path. By specifying a

search context, users do not have to specify their full DNs at login. A DN might be long, and users might
not be familiar with their DN or might have accounts in different directory contexts. The Onboard

Administrator attempts to contact the directory service by DN, and then applies the search contexts in
order, beginning with Search Context 1 and continuing through any subsequent search contexts

until successful.

o

Example 1:
Assume you are user1. If you enter the search context ou=OU1,dc=hp,dc=com, you can log in

as user1 instead of cn=user1,ou=OU1,dc=hp,dc=com.

o

Example 2:
Assume the following search contexts are defined:

—

Search Context 1: ou=OU1,dc=hp,dc=com

—

Search Context 2: ou=OU2,ou=OU1,dc=hp,dc=com

If two users have the same common name user1 in both search contexts, and their passwords are

the same, when either user attempts to log in, the Onboard Administrator contacts
cn=user1,ou=OU1,dc=hp,dc=com.
If their passwords are different, and a user provides the password for the user in OU2, the Onboard

Administrator uses DN cn=user1,ou=OU1,dc=hp,dc=com, but that will be rejected because

the password does not match. The next login will be attempted using
cn=user1,ou=OU2,ou=OU1,dc=hp,dc=com, which will succeed.