Setup for schema-free directory integration, Active directory preparation – HP Integrated Lights-Out User Manual
Page 138
Directory services 138
For information about how to extend the schema and configuration of directory settings information,
see Integrating HP ProLiant Lights-Out processors with Microsoft® Active Directory
•
Certificate requirements
iLO 2 must communicate with the directory using LDAP over SSL. This communication requires the
directory server to have a certificate. Installing the certificate for the domain replicates it throughout
the domain controllers in the domain. For information about installing the certificate, refer to the
Customer Advisory available on the HP website
•
Failover options
To enable failover (redundancy), use the domain name as the directory server name when
configuring iLO 2. Most DNS servers resolve a domain name to a working directory server (domain
controller).
•
Login format
NetBIOS, UPN, and distinguished name formats are accepted for login names. The login script for
iLO 2 communicates with the client operating system and attempts to translate the login name into a
directory distinguished name. For the login script to do this, the directory name must be a DNS
name, not an IP address. Also, both the client and iLO 2 must be able to access the directory server
using the same name. Both the client and iLO 2 must be in the same DNS domain.
•
Multiple targets
You do not need to use multiple targets in the directory. HP schema directory integration only
requires one hpqTarget object, which can represent many LOM devices.
Setup for Schema-free directory integration
Before setting up the Schema-free option, your system must meet all the prerequisites outlined in the
"Active Directory Preparation (on page
)" section.
You can set up iLO 2 for directories in three ways:
•
Manually using a browser ("
Schema-free browser-based setup
" on page
•
Using a script ("
" on page
•
Using HPLOMIG ("
Schema-free HPLOMIG-based setup
" on page
Active Directory preparation
The schema-free option is supported on the following operating systems:
•
Microsoft® Active Directory
•
Microsoft® Windows® Server 2003 Active Directory
SSL must be enabled at the directory. To enable SSL, install a certificate for the domain in Active
Directory. iLO 2 only communicates with the directory over a secure SSL connection. For more
information, refer to the Microsoft® Knowledge Base, article number 247078: Enabling SSL
Communication over LDAP for Windows® 2000 Domain Controllers on the Microsoft® website