HP Onboard Administrator User Manual
Page 69
First Time Setup Wizard 69
Column
Description
distinguished name is recommended to uniquely specify the LDAP group. If the
Onboard Administrator is configured to search the GC port and a distinguished name
is not used, then an incorrect match in multiple domains may occur which could result
in unintended authorization.
Privilege Level
Used to determine which administrative functions the user is allowed to perform. A
user's privilege level can be administrator, operator, or user.
Description
0 to 58 characters, containing alphanumeric characters, the dash (-), the underscore
(_), and the space. The description of the LDAP group, a more readable version of the
group name, or other useful information.
•
New—To add a new Directory Group to the selected enclosure, click New. You can add a maximum of
30 Directory Groups. The Add LDAP Group screen appears.
•
Edit—Select a Directory Group to be edited by selecting the check box next to the name of the group.
To change the settings on the Edit LDAP Group screen, click Edit.
•
Delete—Select the Directory Group to be deleted by selecting the check box next to the name of the
group. To remove the group, click Delete.
Nested LDAP group support
When using Microsoft Active Directory, you can place one or more groups in another group. Groups that are
contained within another group are called nested groups. The group that contains nested groups is called a
nesting group. The advantage of nested groups is that users of a nested group can log in to the Onboard
Administrator if their nesting group is configured appropriately. For example, assume group2 is nested in
group1. Users in group2 are allowed to log in to the Onboard Administrator if the parent LDAP group
(group1) is added to the Onboard Administrator and can be found using one of the search contexts. The
search context is not restricted to the exact location: if the search context path is high in the LDAP directory
tree, subtree searching is used. The Onboard Administrator supports the security group type only.
Distribution group type is not supported.
To apply settings, click Next.