Remote Lights-Out Mgmt (iLO 2, iLO, RILOE II) Forum
cancel

iLO 2 - AD authentication - Default Schema

Highlighted
Jim Cochran
Super Collector

iLO 2 - AD authentication - Default Schema

I am only able to logon when I use the distinguished name for my account which leads me to believe that the "Directory User Context" is not configured properly.

I have configured the "Directory User Context 1" with the DN of the OU where my user account is located in active directory.

I've noticed that in all of the examples on all of the threads, a "container" is always used.

ex. CN=Users,DC=MyDomain,DC=Com

Is there a known issue if my account is located in an OU instead of a container? Or maybe my syntax is wrong?

ex. OU=Administrators,OU=IT,OU=US,DC=MyDomain,DC=COM
6 REPLIES
LC...
Occasional Contributor

Re: iLO 2 - AD authentication - Default Schema

Your syntax looks correct. Have you tried to login using "Display Name" of your AD account?

God Bless,
LC...
Jim Cochran
Super Collector

Re: iLO 2 - AD authentication - Default Schema

Yes, I have tried displayName.

Thanks,

Jim
Cederberg
Occasional Visitor

Re: iLO 2 - AD authentication - Default Schema

Jim Cochran
Super Collector

Re: iLO 2 - AD authentication - Default Schema

Thanks, I have that manual and it really only goes so far.

I believe that everything is set up correctly as I am able to logon with a DN. When I logon with another format, I get "user object not found". This leads me to believe that iLO is not looking in the right place for the account.

With that said, I've set up other LDAP application in the past and script quite a bit, so I'm pretty familiar with how this all works, but I'm obviously missing something.

In the manual, all of the examples for "Directory User Context" use "Containers" and not OUs and I'm wondering if that is the problem. We don't use the default containers as they are a security risk.
thirusrinivasan
Occasional Contributor

Re: iLO 2 - AD authentication - Default Schema

Hi

Your syntax is correct. You can use Containers or OUs or leave the directory Context blank. This is a placeholder so it can make a easy and quick search.

If you can login with DN ONLY and not domainname\username format, try this.

GO to Internet Explorer - Tools - Internet Options - Intranet (choose the appropriate zone) - Go to ActiveX controls and Plugins -
"Initialize and script ActiveX Controls not marked as safe for scripting" - Set it to prompt.

Try loggin in with the domainname\username format. Good luck
Jim Cochran
Super Collector

Re: iLO 2 - AD authentication - Default Schema

Perfect. It worked!
//Add this to "OnDomLoad" event