Setting up hp sim sso – HP Integrated Lights-Out 2 User Manual

Page 57

Advertising
background image

After pasting the HP SIM server base-64 encoded x.509 certificate data into the Directly
import a HP SIM Server Certificate section, click Import Certificate to record the data.
This type of record supports SSO Trust by Name and SSO Trust by Certificate.

There are other ways to retrieve HP SIM server certificate data. For more information, see your HP
SIM documentation.

Setting up HP SIM SSO

The HP SIM SSO page allows you to view and configure the existing iLO 2 Single Sign-On settings.
You must have the Configure iLO 2 privilege to alter these settings. To access iLO 2 SSO settings,
click Administration>Security>HP SIM SSO.

The HP Systems Insight Manager Single Sign-On Settings page includes the following fields and
options:

Single Sign-On Trust Mode – Enables you to control how SSO-initiated connections are
accepted:

— Trust None (default) – Rejects all SSO connection requests.

— Trust by Certificate (most secure) – Enables only SSO connections from an HP SIM server

matching a certificate previously imported into iLO 2.

— Trust by Name – Enables SSO connections from an HP SIM server matching a DNS name

or certificate previously imported into iLO 2.

— Trust All (least secure) – Accepts any SSO connections initiated from any HP SIM server.

Users who log in to HP SIM are authorized based upon the role assignment at the HP SIM
server. The role assignment is passed to the LOM processor when SSO is attempted. You can
configure iLO 2 privileges for each role in the Single Sign-On Settings section. For more
information about each privilege, see

“User administration” (page 28)

.

Using directory-based user accounts, SSO attempts to receive only the privileges assigned in
this section. Lights-Out directory settings do not apply. Default privilege assignments are:

User – Login only

Operator – Login, Remote Console, Power and Reset, and Virtual Media

Administrator – Login, Remote Console, Power and Reset, Virtual Media, Configure iLO
2, and Administer Users

HP SIM Trusted Servers – Enables you to view the status of trusted HP SIM servers configured
to use SSO with the current LOM processor. Click Add a SIM Server to add a server name,

Security

57

Advertising
Popular Brands
Popular manuals