Directory services objects for edirectory – HP Remote Insight Lights-Out Edition II Board User Manual

Directory services 95

e.

The devices and users are now associated. Use the Lights Out Management Device Rights
subtab of the HP Management tab to set the rights for the role. All users within a role will
have the rights assigned to the role on all of the RILOE II devices managed by the role. In this
example, the users in the remoteAdmins role will be given full access to the RILOE II functionality.
Select the boxes next to each right, and click Apply. Click Close to close the property sheet.

3.

Using the same procedure as in step 1, edit the properties of the remoteMonitors role:

a.

Add the three RILOE II devices within hp devices under region1 to the Managed Devices list
on the Role Managed Devices subtab of the HP Management tab.

b.

Add users to the remoteMonitors role using the Members tab.

c.

Then, using the Lights Out Management Device Rights subtab of the HP Management
tab, select the check box next to Login, and click Apply and Close. Members of the
remoteMonitors role will be able to authenticate and view the server status.

User rights to any LOM device are calculated as the sum of all the rights assigned by all the roles in which
the user is a member, and in which the LOM device is a Managed Device. Following the preceding
examples, if a user is in both the remoteAdmins and remoteMonitors roles, they will have all the rights,
because the remoteAdmins role has those rights.

To configure a LOM device and associate it with a Lights-Out Management object used in this example,
use settings similar to the following on the Directory Settings screen.

NOTE: Commas, not periods, are used in LDAP distinguished names to separate each component.

RIB Object DN = cn=rib-email-server,ou=hp

devices,ou=region1,o=samplecorp

Directory User Context 1 = ou=users,o=samplecorp

For example, user CSmith, located in the users organizational unit within the samplecorp organization,
who is also a member of one of the remoteAdmins or remoteMonitors roles, would be allowed to log in to
the RILOE II. They would type

csmith

(case insensitive) in the Login Name field of the RILOE II login

screen and use their eDirectory password in the Password field of that screen to gain access.

Directory Services objects for eDirectory

Directory Services objects enable virtualization of the managed devices and the relationships between the
managed device and user or groups already contained within the directory service.