Viewing trusted certificates – HP Integrated Lights-Out 3 User Manual

Page 63

Advertising
background image

4.

Configure iLO privileges for each role in the Single Sign-On Settings section.

When you log in to an HP SSO-compliant application, you are authorized based on your HP
SSO-compliant application role assignment. The role assignment is passed to iLO when SSO
is attempted. For more information about each privilege, see

“Managing iLO users by using

the iLO web interface” (page 32)

.

SSO attempts to receive only the privileges assigned in this section. iLO directory settings do
not apply. Default privilege assignments are as follows:

User—Login only

Operator—Login, Remote Console, Power and Reset, and Virtual Media

Administrator—Login, Remote Console, Power and Reset, Virtual Media, Configure iLO,
and Administer Users

5.

Click Apply to save the SSO settings.

6.

If you selected Trust by Certificate or Trust by Name, add the trusted certificate or DNS name
to iLO.

For more information about adding certificates and DNS names, see

“Adding trusted

certificates” (page 64)

.

The certificate repository can hold five typical certificates. However, if typical certificates are
not issued, certificate sizes might vary. When all of the allocated storage is used, no more
imports are accepted.

7.

After you configure SSO in iLO, log in to an HP SSO-compliant application and browse to
iLO. For example, log in to HP SIM, navigate to the System page for the iLO processor, and
then click the iLO link in the More Information section.

NOTE:

Although a system might be registered as a trusted server, SSO might be refused

because of the current trust mode or certificate status. For example, if an HP SIM server name
is registered, and the trust mode is Trust by Certificate, but the certificate is not imported, SSO
is not allowed from that server. Likewise, if an HP SIM server certificate is imported, but the
certificate has expired, SSO is not allowed from that server. The list of trusted servers is not
used when SSO is disabled. iLO does not enforce SSO server certificate revocation.

Viewing trusted certificates

The Manage Trusted Certificates table on the Single Sign-On Settings page displays the status of
the trusted certificates configured to use SSO with the current iLO management processor.

Status—The status of the record (if any are installed).

Configuring iLO security

63

Advertising
Popular Brands
Popular manuals