Setting up hp schema directory integration, Setting up directory services, Setting up hp schema – HP Integrated Lights-Out 2 User Manual

Page 136

Advertising
background image

Setting up HP schema directory integration

When using the HP schema directory integration, iLO 2 supports both Active Directory and
eDirectory. However, these directory services require the schema being extended.

Features supported by HP schema directory integration

iLO 2 Directory Services functionality enables you to:

Authenticate users from a shared, consolidated, scalable user database.

Control user privileges (authorization) using the directory service.

Use roles in the directory service for group-level administration of iLO 2 management processors
and iLO 2 users.

Extending the schema must be completed by a Schema Administrator. The local user database is
retained. You can decide not to use directories, to use a combination of directories and local
accounts, or to use directories exclusively for authentication.

NOTE:

When connected through the Diagnostics Port, the directory server is not available. You

can log in using a local account only.

Setting up directory services

To successfully enable directory-enabled management on any Lights-Out management processor:

1.

Plan

Review the following sections:

“Directory services” (page 130)

“Directory services schema” (page 171)

“Directory-enabled remote management” (page 156)

2.

Install
a.

Download the HP Lights-Out Directory Package containing the schema installer, the
management snap-in installer, and the migrations utilities from the HP website (

http://

www.hp.com/servers/lights-out

).

b.

Run the schema installer once to extend the schema. For more information, see

“Schema

installer” (page 138)

.

c.

Run the management snap-in installer, and install the appropriate snap-in for your directory
service on one or more management workstations. For more information, see

“Management

snap-in installer” (page 140)

.

3.

Update
a.

Flash the ROM on the Lights-Out management processor with the directory-enabled
firmware.

b.

Set directory server settings and the distinguished name of the management processor
objects on the Directory Settings page in the iLO 2 GUI. For more information, see

“Directory settings” (page 51)

.

4.

Manage
a.

Create a management device object and a role object using the snap-in. For more
information, see

“Directory services objects” (page 145)

.

b.

Assign rights to the role object, as necessary, and associate the role with the management
device object.

c.

Add users to the role object.

136

Directory services

Advertising
Popular Brands
Popular manuals