Directory services 152
d.
Add users to the role. Click the
Members
tab, and add users using the Add button and the Select
Users dialog box. The devices and users are now associated.
4.
Use the Lights Out Management tab to set the rights for the role. All users and groups within a role
will have the rights assigned to the role on all of the iLO 2 devices managed by the role. In this
example, the users in the
remoteAdmins
role will be given full access to the iLO 2 functionality.
Select the boxes next to each right, and then click
Apply.
Click
OK
to close the property sheet.
5.
Using the same procedure as in step 4, edit the properties of the
remoteMonitors
role, add the
rib-
email-server
device to the Managed Devices list on the HP Devices tab, and add users to the
remoteMonitors
role using the Members tab. Then, on the Lights Out Management tab, select the box
next to the Login. Click
Apply
and
OK.
Members of the
remoteMonitors
role will be able to
authenticate and view the server status.
User rights to any iLO 2 are calculated as the sum of all the rights assigned by all the roles in which the
user is a member, and in which the iLO 2 is a Managed Device. Following the preceding examples, if a
user is in both the
remoteAdmins
and
remoteMonitors
roles, they will have all the rights, because the
remoteAdmins
role has those rights.
To configure iLO 2 and associate it with a Lights-Out Management object used in this example, use
settings similar to the following on the Directory Settings screen.
RIB Object DN = cn=rib-email-server,ou=RILOES,dc=testdomain,dc=local
Directory User Context 1 = cn=Users,dc=testdomain,dc=local
For example, to gain access, user
Mel Moore
, with the unique ID
MooreM
, located in the users
organizational unit within the
testdomain.local
domain, who is also a member of one of the
remoteAdmins
or
remoteMonitors
roles, would be allowed to log in to the iLO 2. Mel would enter
testdomain\moorem,
or
or
Mel Moore,
in the Login Name field of
the iLO 2 login screen, and use their Active Directory password in the Password field of that screen.
Directory services objects
One of the keys to directory-based management is proper virtualization of the managed devices in the
directory service. This virtualization allows the administrator to build relationships between the managed
device and user or groups already contained within the directory service. User management of iLO 2
requires three basic objects in the directory service:
•
Lights-Out Management object