•
Easy implementation without schema extensions.
The iLO 2 MP schema-free integration is configured from any iLO 2 MP user interface
(browser, command line, or script).
•
Minimal administration and maintenance.
— After initial setup, only groups and permissions require maintenance support on the
iLO 2 MP; typically group and permission changes occur infrequently.
— The schema-free approach does not require updating directory databases with new iLO
2 MP devices objects.
•
Reliable security.
iLO 2 MP schema-free integration does not affect standard directory attributes, avoiding
conflicting use of attributes that can result over time.
•
Complements two-factor authentication.
iLO 2 MP schema-free integration can be used in conjunction with iLO 2 MP two-factor
authentication to provide asset protection using strong authentication.
NOTE:
If you have already extended your directory with HP schema, there is no need to switch
to the schema-free approach. Schema extension provides the lowest maintenance approach for
directory integration. Once this process has taken place, there is no advantage for the schema-free
approach until a schema change is required.
To configure LDAP Lite, follow these steps:
1.
Follow the procedure for
“Configuring LDAP Extended Schema” (page 55)
, but omit Step
8. It is not necessary to enter a new port number.
2.
Set up directory security groups.
Setting up Directory Security Groups
The following procedure describes how to set up directory security groups in LDAP Lite using
the iLO 2 MP TUI. To use the web interface, see
“Group Accounts” (page 112)
.
NOTE:
Due to command syntax changes in LDAP Lite, some customer-developed scripts may
not run. You must change any scripts you developed to enable them to run with the new LDAP
Lite syntax.
NOTE:
You must select the default schema from the
LDAP
command for the LDAP Lite settings
to work.
To set up directory security groups, follow these steps.
1.
At the
MP:CM>
prompt, enter
LDAP
. The screen displays the current LDAP options.
[hqgstlb3] MP:CM> ldap
LDAP
Current LDAP options:
D - Directory settings
G - Security Group Administration
2.
Enter
G
. The current group configuration appears.
Enter menu item or [Q] to Quit:G
Current Group Configuration:
Group Names Group Distinguished Names Access Rights
--------------------------------------------------------------------------
Configuring LDAP Lite Default Schema
57
Summary of Contents for ntegrity iLO 2 MP
Page 1: ...HP Integrity iLO 2 MP Operations Guide HP Part Number 5991 5992 Published November 2007 ...
Page 10: ...10 ...
Page 48: ...48 ...
Page 146: ...146 ...
Page 186: ...186 ...
Page 194: ...194 ...