HP Onboard Administrator User Manual

First Time Setup Wizard 71

If two users have the same common name user1 in both search contexts, and their passwords are

the same, when either user attempts to log in, the Onboard Administrator contacts
cn=user1,ou=OU1,dc=hp,dc=com.
If their passwords are different, and a user provides the password for the user in OU2, the Onboard

Administrator uses DN cn=user1,ou=OU1,dc=hp,dc=com, but that will be rejected because

the password does not match. The next login will be attempted using
cn=user1,ou=OU2,ou=OU1,dc=hp,dc=com, which will succeed.

Search context is also applicable to LDAP directory groups, which are useful when LDAP nested groups
are configured. When specifying the search context for an LDAP directory group, the exact context is

not required. For example, if a group's location is ou=OU2,ou=OU1,dc=hp,dc=com, the higher-level

search context ou=OU1,dc=hp,dc=com can be used to locate that group. This feature helps circumvent

the length limit of search contexts. For more information about nested groups, see "Directory Groups
Configuration screen (on page

67

)."

Field

Possible value

Description

Directory Server Address

IPv4 Address:
###.###.###.### where ###

ranges from 0 to 255 or DNS

name of the directory server or
the name of the domain.

IPv6 Address:

####:####:####:####:###
#:####:####:####, where

#### ranges from 0 to FFFF. A

compressed version of the

same IPv6 address is also
supported.

The IP address or the DNS name or the name of
the domain of the directory service. This field is

required.

Directory Server SSL Port

1 to 65535

The port used for LDAP communications. Port

636 is the standard SSL LDAP port. This field is

required.

Search Context 1

All characters except "
(quotes), not to exceed 127

characters

First searchable path used to locate the user
when the user is trying to authenticate using

directory services. The path is also used to

search for a nesting LDAP group.

Search Context 2

All characters except "
(quotes), not to exceed 127

characters

Second searchable path used to locate the user
when the user is trying to authenticate using

directory services. The path is also used to

search for a nesting LDAP group.

Search Context 3

All characters except "

(quotes), not to exceed 127

characters

Third searchable path used to locate the user

when the user is trying to authenticate using

directory services. The path is also used to

search for a nesting LDAP group.

Search Context 4

All characters except "

(quotes), not to exceed 127

characters

Fourth searchable path used to locate the user

when the user is trying to authenticate using

directory services. The path is also used to
search for a nesting LDAP group.

Search Context 5

All characters except "

(quotes), not to exceed 127

characters

Fifth searchable path used to locate the user

when the user is trying to authenticate using

directory services. The path is also used to
search for a nesting LDAP group.