Configuring iLO 2 49
12.
Select the certificate added to the user in iLO 2. Click
OK
.
13.
If prompted to do so, insert your smart card, or enter your PIN or password. The login page should
be displayed with the e-mail address for the user in the Directory User field. You cannot change the
Directory User field.
14.
Enter the password for the directory user. Click
Login
.
After completing the authentication process, you have access to iLO 2. See the "Directory settings (on
page
51
)" section for more information on configuring directory users and privileges.
Setting up a user for two-factor authentication
To authenticate a user with a local iLO 2 account, a certificate must be associated with the user's local
user name. On the Administration>Modify User page, if a certificate has been mapped to the user, a
thumbprint (an SHA1 hash of the certificate) appears with a button that removes the certificate. If a
certificate has not been mapped to the user,
Thumbprint: A certificate has NOT been
mapped to this user
appears with a button that starts the certificate import process.
To set up a user for two-factor authentication and add a user certificate:
1.
Log in to iLO 2 using an account that has the Configure iLO 2 Settings privilege.
2.
Click
Administration>User Administration
. Select a user.
3.
Click
View/Modify.
4.
Under the User Certificate Information section, click
Add a certificate.
5.
On the Map User Certificate page, paste the user certificate into the text-box and click
Import
Certificate
. For more information on creating, copying, and pasting certificate information, see the
"Setting up two-factor authentication for the first time (on page
47
)" section.
Two-factor authentication login
When you connect to iLO 2 and two-factor authentication is required, the Client Authentication page
prompts you to select the certificate you want to use. The Client Authentication page displays all of the
certificates available to authenticate a client. Select your certificate. The certificate can be a certificate
mapped to a local user in iLO 2, or a user specific certificate issued for authenticating to the domain.