Directory services 139
5.
Click
OK
at the warning that the server cannot be renamed. The Enterprise root CA option is
selected because there is no CA registered in the active directory.
6.
Enter the information appropriate for your site and organization. Accept the default time period of
two years for the
Valid for
field. Click
Next.
7.
Accept the default locations of the certificate database and the database log. Click
Next.
8.
Browse to the c:\I386 folder when prompted for the Windows® 2000 Advanced Server CD.
9.
Click
Finish
to close the wizard.
Verifying certificate services
Because management processors communicate with Active Directory using SSL, you must create a
certificate or install Certificate Services. You must install an enterprise CA because you will be issuing
certificates to objects within your organizational domain.
To verify that certificate services is installed, select
Start>Programs>Administrative Tools>Certification
Authority.
If Certificate Services is not installed an error message appears.
Configuring Automatic Certificate Request
To specify that a certificate be issued to the server:
1.
Select
Start>Run,
and enter
mmc
.
2.
Click
Add.
3.
Select
Group Policy,
and click
Add
to add the snap-in to the MMC.
4.
Click
Browse,
and select the Default Domain Policy object. Click
OK.
5.
Select
Finish>Close>OK.
6.
Expand
Computer Configuration>Windows Settings>Security Settings>Public Key Policies.
7.
Right-click
Automatic Certificate Requests Settings,
and select
New>Automatic Certificate Request.
8.
Click
Next
when the Automatic Certificate Request Setup wizard starts.
9.
Select the
Domain Controller
template, and click
Next.
10.
Select the certificate authority listed. (It is the same CA defined during the Certificate Services
installation.) Click
Next.
11.
Click
Finish
to close the wizard.
Schema-free browser-based setup
Schema-free can be setup using the iLO 2 browser-based interface.
1.
Log on to iLO 2 using an account that has the Configure iLO 2 Settings privilege. Click
Administration.
IMPORTANT:
Only users with the Configure iLO 2 Settings privilege can change these settings.
Users that do not have the Configure iLO 2 Settings privilege can only view the assigned
settings.
2.
Click
Directory Settings.
3.
Select
Use Directory Default Schema
in the Authentication Settings section. For more information,
refer to the "Schema-free setup options (on page
140
)" section.