Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
cancel
Showing results for 
Search instead for 
Did you mean: 

Schemaless Integration with ilo2

SOLVED
Go to solution
Highlighted
Joseph L. Casal
Acclaimed Contributor

Schemaless Integration with ilo2

I have tried everything under the sun to get this to work, including earlier posts here. Anyone have any hints they care to share? I just cant make this work.

I have installed the cert, I am using the netbios name of the directory server, the only part I may be unsure of is the search contexts...

Thanks!
jlc
7 REPLIES
pratap m keshav
Frequent Visitor
Solution

Re: Schemaless Integration with ilo2

The search context should point to the place/Directory where user records can be found. At least one of the 3 contexts should be filled in order to use short names. For Eg: if userA, using which you are trying to login, is in Users directory in mydomain.com then CN=Users,DC=mydomain,DC=com should be provided in one of the context field.

In order to use the netbios (domain\user format) name format,
1) ActiveX controls should be enabled in the client machine.
2) Directory server field should be the DNS name instead of IP.
3) In network settings, one of the DNS server fields should contain the Directory server IP address.

If you have done all these, you can send the exact error(s) when doing the Directory test settings.
Joseph L. Casal
Acclaimed Contributor

Re: Schemaless Integration with ilo2

Darnit! I had the ldap query formated wrong... Thanks!!!

jlc
Joseph L. Casal
Acclaimed Contributor

Re: Schemaless Integration with ilo2

I now have this working in a lab with the default user "Administrator" working.

Search context 1 is:
CN=Users,DC=Company,DC=com
While Security Group Distinguished Name is:
CN=Domain Admins,CN=Users,DC=Company,DC=com

But now I added Search context 2 as:
OU=Users,OU=TestOU,DC=Company,DC=com

And made sure a user in that OU was a Domain Admin, but it fails for him?

Any ideas?

Thanks!
jlc
pratap m keshav
Frequent Visitor

Re: Schemaless Integration with ilo2

What is the firmware version are you using? You can download and flash latest firmware from the following link and try http://h18023.www1.hp.com/support/files/lights-out/us/locate/20_6220.html

Also make sure the user you are trying to login is at least a member of one of the groups configured in ILO2.
Joseph L. Casal
Acclaimed Contributor

Re: Schemaless Integration with ilo2

Its the latest, that was one of the first things I did when setting up the machine.

The Group Perms are as follows:
CN=Domain Admins,CN=Users,DC=Company,DC=com

So shouldn't this work? The user is a Domain Admin.

Thanks!
jlc
pratap m keshav
Frequent Visitor

Re: Schemaless Integration with ilo2

I have tried the same settings which you have mentioned in my setup and it is working fine.

Can you provide the result (Screenshot) of the directory tests for the user for which login fails? That can give some more information about the error you are getting.
Joseph L. Casal
Acclaimed Contributor

Re: Schemaless Integration with ilo2

Well the documents don't really specify, but you need to use the "common name" of the user. Thats why "Administrator" worked, as the login name is the same as the cn. The user not working has a login name of JDoe, but his cn is "John X. Doe". I was alwasy using JDoe.

Not the slickest and surely not documented well, but its all working now. Thanks so much for the help!

jlc
//Add this to "OnDomLoad" event