a. Click View in the Certificate Status box.
b. Click New in the Certificate Details window.
c. Paste the Base64-encoded X.509 certificate data into the Import Certificate window, and then
click Import.
10. Enter valid search contexts in one or more of the Directory User Context boxes.
11. Click Apply Settings.
12. To test the communication between the directory server and iLO, click Test Settings.
13. To configure directory groups, click Administer Groups to navigate to the Directory Groups
page.
Schema-free directory settings
• Use Directory Default Schema—Selects directory authentication and authorization by using user
accounts in the directory. User accounts and group memberships are used to authenticate and
authorize users. To disable access, select Disabled.
This configuration supports Active Directory and OpenLDAP.
• Generic LDAP—Specifies that this configuration uses the OpenLDAP supported BIND method.
• iLO Object Distinguished Name/CAC LDAP Service Account—Specifies the CAC LDAP service
account when CAC/Smartcard authentication is configured and used with the schema-free directory
option.
User search contexts are not applied to the iLO object DN when iLO accesses the directory server.
• iLO Object Password—Specifies the CAC LDAP service account password when CAC/Smartcard
authentication is configured and used with the schema-free directory option.
• Directory Server Address—Specifies the network DNS name or IP address of the directory server.
The directory server address can be up to 127 characters.
If you enter the FQDN, ensure that the DNS settings are configured in iLO.
Hewlett Packard Enterprise recommends using DNS round-robin when you define the directory server.
• Directory Server LDAP Port—Specifies the port number for the secure LDAP service on the server.
The default value is 636. If your directory service is configured to use a different port, you can specify
a different value. Make sure that you enter a secured LDAP port. iLO cannot connect to an unsecured
LDAP port.
• Directory User Contexts—These boxes enable you to specify common directory subcontexts so that
users do not need to enter their full DNs at login. Directory user contexts can be up to 128 characters.
• Certificate Status—Specifies whether a directory server CA certificate is loaded.
If the status is Loaded, click View to display the CA certificate details. If no CA certificate is loaded,
the status Not Loaded is displayed. iLO supports SSL certificates up to 4 KB in size.
Schema-free directory settings 251
To Next Page
Loading...
Need help?
General