Certificate services, Preparing the directory – HP Onboard Administrator User Manual

Enabling LDAP Directory Services Authentication to Microsoft Active Directory 323

Enabling LDAP Directory Services Authentication
to Microsoft Active Directory

Certificate Services

The Microsoft® implementation of LDAP over SSL requires that the Domain Controllers install DC certificates

from the CA of the organization. This process occurs when the Enterprise Root CA service is added to a

server in Active Directory. HP strongly recommends using an Enterprise Root CA to minimize the complexities

of requesting and accepting DC certificates from a stand-alone CA.

NOTE:

The Onboard Administrator LDAP feature supports Microsoft® Active Directory using the

memberOf attribute. Novell eDirectory is also supported with the groupMembership attribute.

OpenLDAP is not supported.

Preparing the directory

To prepare the directory:

1.

Create an Active Directory group named OA Admins, and then add a user named Test Admin in this
group.

2.

Create a group called OA Operators, and then add a user named Test Operator in this group. User
permissions are irrelevant.

3.

Navigate to the Directory Settings screen located under Users/ Authentications for the enclosure.