Schema-free directory integration – HP Integrated Lights-Out 2 User Manual

Advantages and disadvantages of schema-free directories and HP schema
directory

Directories enhance security, enabling you to manage access and rights from a centralized location.
Directories also enable flexible configuration. Some directory configuration practices work better
with iLO 2 than others. Before configuring iLO 2 for directories, you must decide whether to use
the schema-free directory or the HP schema directory integration methods. Answer the following
questions to help evaluate your directory integration requirements:

1.

Can you apply schema extensions to your directory?
•

No – Are you using Microsoft Active Directory?

•

No – Directory integration might not fit your environment. Consider deploying an
evaluation directory server to assess the benefits of directory integration.

•

Yes – Use group-based schema-free directory integration.

•

Yes – Proceed to question 2.

2.

Is your configuration scalable?
•

No – Deploy an instance of the schema-free directory integration to evaluate whether or
not this directory integration method meets your policy and procedural requirements. If
necessary, you can deploy HP schema directory integration later.

•

Yes – Use HP schema directory integration.

The following questions can help you determine if your configuration is scalable:
•

Are you likely to changes the rights or privileges for a group of directory users?

•

Will you regularly script iLO 2 changes?

•

Do you use more than five groups to control iLO 2 privileges?

Schema-free directory integration

Using the schema-free directory integration method, users and group memberships reside in the
directory, but group privileges reside in the individual iLO 2. iLO 2 uses login credentials to read
the user object in the directory and retrieve the user group memberships, which are compared to
those stored in iLO 2. If there is a match, authorization is granted. For example:

Advantages of using schema-free directory integration:

•

There is no need to extend the directory schema.

•

When ActiveX controls are enabled in the browser and login, NetBIOS and e-mail formats
are supported.

•

Little or no setup is required for users in the directory. If there is no setup, the directory uses
existing users and group memberships to access iLO 2. For example, if you have a domain

Advantages and disadvantages of schema-free directories and HP schema directory

131