Directory services objects – HP Integrated Lights-Out 2 User Manual
Page 145
4.
Use the Lights Out Management tab to set the rights for the role. All users and groups within
a role will have the rights assigned to the role on all of the iLO 2 devices managed by the
role. In this example, the users in the remoteAdmins role is given full access to the iLO 2
functionality. Select the boxes next to each right, and then click Apply. Click OK to close the
property sheet.
5.
Using the same procedure as in step 4, edit the properties of the remoteMonitors role,
add the rib-email-server device to the Managed Devices list on the HP Devices tab,
and add users to the remoteMonitors role using the Members tab. Then, on the Lights Out
Management tab, select the box next to the Login. Click Apply and OK. Members of the
remoteMonitors
role are now able to authenticate and view the server status.
User rights to any iLO 2 are calculated as the sum of all the rights assigned by all the roles in which
the user is a member, and in which the iLO 2 is a Managed Device. Following the preceding
examples, if a user is in both the remoteAdmins and remoteMonitors roles, they have all the
rights, because the remoteAdmins role has those rights.
To configure iLO 2 and associate it with a Lights-Out Management object used in this example,
use settings similar to the following on the Directory Settings screen.
RIB Object DN = cn=rib-email-server,ou=RILOES,dc=testdomain,dc=local
Directory User Context 1 = cn=Users,dc=testdomain,dc=local
For example, to gain access, user Mel Moore, with the unique ID MooreM, located in the users
organizational unit within the testdomain.local domain, who is also a member of one of the
remoteAdmins
or remoteMonitors roles, would be allowed to log in to the iLO 2. Mel would
enter testdomain\moorem, or [email protected], or Mel Moore, in the Login
Name field of the iLO 2 login screen, and use the Active Directory password in the Password field
of that screen.
Directory services objects
One of the keys to directory-based management is proper virtualization of the managed devices
in the directory service. This virtualization allows the administrator to build relationships between
the managed device and user or groups already contained within the directory service. User
management of iLO 2 requires three basic objects in the directory service:
•
Lights-Out Management object
•
Role object
•
User objects
Setting up HP schema directory integration
145