beautypg.com

Directory services, Overview of directory integration, Benefits of directory integration – HP Remote Insight Lights-Out Edition II Board User Manual

Page 75

background image

Directory services 75

Directory services

In this section

Overview of directory integration............................................................................................................. 75
Benefits of directory integration................................................................................................................ 75
How directory integration works .............................................................................................................. 76
Advantages and disadvantages of schema-free and HP Extended schema .................................................... 76
Setup for Schema-free directory integration ............................................................................................... 77
Setting up HP schema directory integration ............................................................................................... 79
Directory settings.................................................................................................................................... 99

Overview of directory integration

RILOE II can be configured to use a directory to authenticate and authorize its users. There are two
configuration options available: using a directory that has been extended with HP Schema or using the
directory’s default schema (schema-free.)

There are white papers available for more information on directory integration on the HP website
(

http://www.hp.com/servers/lights-out

).

Benefits of directory integration

Directory integration benefits include:

Scalability—The directory can be leveraged to support thousands of users on thousands of RILOE IIs.

Security—Robust user password policies are inherited from the directory. User password complexity,
rotation frequency, and expiration are policy examples.

Anonymity (lack thereof)—In some environments, users share Lights-Out accounts, which results in not
knowing who performed an operation, instead of knowing what account (or role) was used.

Role-based administration (when using HP Extended schema)—You can create roles (for instance,
clerical, remote control of the host, complete control) and associate users or user groups with those
roles. A change to a role applies to all users and Lights-Out devices associated with that role.

Single point of administration—You can use native administrative tools, such as MMC and
ConsoleOne to administrate Lights-Out users.

Immediacy—A single change in the directory rolls-out immediately to associated Lights-Out
processors, which eliminates the need to script the change process.

Elimination of another username and password—You can use existing user accounts and passwords
in the directory without having to record or remember a new set of credentials for Lights-Out.

Flexibility—When configured for HP Extended schema, you can create a single role for a single user
on a single RILOE II, you can create a single role for multiple users on multiple RILOEs, or you can
use a combinations of roles as is suitable for your enterprise.

Compatibility—Lights-Out directory integration applies to iLO, RILOE, and RILOE II products. The
integration supports the popular Active Directory and eDirectory.

See also other documents in the category HP Computer Accessories: