beautypg.com

Directory tests, Encryption – HP Integrated Lights-Out 2 User Manual

Page 53

background image

Directory User Context 1:ou=IM,o=hp
Directory User Context 2:ou=Services,o=hp
Directory User Context 3:ou=Training,o=hp

Allow users in any of these organizations to log in by using just their common names. If a user
exists in both the IM organizational unit and the Training organizational unit, login is first
attempted as cn=user,ou=IM,o=hp.

Example 3 (Active Directory only):

Microsoft Active Directory allows an alternate user credential format. Search contexts in this
format cannot be tested except by successful login attempt. A user can log in as:

[email protected]

in which case a search context of @domain.hp.com allows the

user to login as user.

To test the communication between the directory server and iLO 2, click Test Settings. For more
information, see

“Directory tests” (page 53)

.

Directory tests

To validate current directory settings for iLO 2, click Test Settings on the Directory Settings page.
The Directory Tests page appears.

The test page displays the results of a series of simple tests designed to validate the current directory
settings. Additionally, it includes a test log that shows test results and any issues that have been
detected. After your directory settings are configured correctly, you do not need to rerun these
tests. The Directory Tests screen does not require you to be logged in as a directory user.

To verify your directory settings:

1.

Enter the distinguished name and password of a directory administrator. A good choice would
be the same credentials used when creating the iLO 2 objects in the directory. These credentials
are not stored by iLO 2. They are used to verify the iLO 2 object and user search contexts.

2.

Enter a test user name and password. Typically, this account would be intended to access the
iLO 2 being tested. It can be the same account as the directory administrator. However, the
tests cannot verify user authentication with a superuser account. These credentials are not
stored by iLO 2.

3.

Click Start Test. Several tests begin in the background, starting with a network ping of the
directory user through establishing an SSL connection to the server and evaluating user
privileges as they would be evaluated during a normal login.

While the tests are running, the page periodically refreshes. At any time during test execution, you
can stop the tests or manually refresh the page. Consult the help link on the page for test details
and actions in the event of trouble.

Encryption

iLO 2 provides enhanced security for remote management in distributed IT environments. Web
browser data is protected by SSL encryption. SSL encryption of HTTP data ensures that the data is
secure as it is transmitted across the network. iLO 2 provides support for two of the strongest
available cipher strengths; the Advanced Encryption Standard (AES) and the Triple Data Encryption
Standard (3DES). iLO 2 supports the following cipher strengths:

256-bit AES with RSA, DHE and a SHA1 MAC

256-bit AES with RSA and a SHA1 MAC

128-bit AES with RSA, DHE and a SHA1 MAC

128-bit AES with RSA and a SHA1 MAC

168-bit Triple DES with RSA and a SHA1 MAC

168-bit Triple DES with RSA, DHE and a SHA1 MAC

Security

53