HP Onboard Administrator User Manual
Page 71
First Time Setup Wizard 71
If two users have the same common name user1 in both search contexts, and their passwords are
the same, when either user attempts to log in, the Onboard Administrator contacts
cn=user1,ou=OU1,dc=hp,dc=com.
If their passwords are different, and a user provides the password for the user in OU2, the Onboard
Administrator uses DN cn=user1,ou=OU1,dc=hp,dc=com, but that will be rejected because
the password does not match. The next login will be attempted using
cn=user1,ou=OU2,ou=OU1,dc=hp,dc=com, which will succeed.
Search context is also applicable to LDAP directory groups, which are useful when LDAP nested groups
are configured. When specifying the search context for an LDAP directory group, the exact context is
not required. For example, if a group's location is ou=OU2,ou=OU1,dc=hp,dc=com, the higher-level
search context ou=OU1,dc=hp,dc=com can be used to locate that group. This feature helps circumvent
the length limit of search contexts. For more information about nested groups, see "Directory Groups
Configuration screen (on page
)."
Field
Possible value
Description
Directory Server Address
IPv4 Address:
###.###.###.### where ###
ranges from 0 to 255 or DNS
name of the directory server or
the name of the domain.
IPv6 Address:
####:####:####:####:###
#:####:####:####, where
#### ranges from 0 to FFFF. A
compressed version of the
same IPv6 address is also
supported.
The IP address or the DNS name or the name of
the domain of the directory service. This field is
required.
Directory Server SSL Port
1 to 65535
The port used for LDAP communications. Port
636 is the standard SSL LDAP port. This field is
required.
Search Context 1
All characters except "
(quotes), not to exceed 127
characters
First searchable path used to locate the user
when the user is trying to authenticate using
directory services. The path is also used to
search for a nesting LDAP group.
Search Context 2
All characters except "
(quotes), not to exceed 127
characters
Second searchable path used to locate the user
when the user is trying to authenticate using
directory services. The path is also used to
search for a nesting LDAP group.
Search Context 3
All characters except "
(quotes), not to exceed 127
characters
Third searchable path used to locate the user
when the user is trying to authenticate using
directory services. The path is also used to
search for a nesting LDAP group.
Search Context 4
All characters except "
(quotes), not to exceed 127
characters
Fourth searchable path used to locate the user
when the user is trying to authenticate using
directory services. The path is also used to
search for a nesting LDAP group.
Search Context 5
All characters except "
(quotes), not to exceed 127
characters
Fifth searchable path used to locate the user
when the user is trying to authenticate using
directory services. The path is also used to
search for a nesting LDAP group.