HP Integrity and HP 9000 iLO MP Operations Guide, Fifth Edition

Setting up Directory Security Groups

The following procedures describes how to set up directory security groups in LDAP Lite using

the iLO MP TUI. To use the web GUI, see “Administration > Directory Settings > Group

Administration” (page 87).

NOTE: You must select the default schema from the LDAP command for the LDAP Lite settings

to work.

To set up directory security groups, follow these steps.

1. At the command mode prompt (MP:CM>), enter LDAP. The screen displays the current LDAP

options.

[hqgstlb3] MP:CM> ldap

LDAP

Current LDAP options:

D - Directory settings

G - Security Group Administration

2. Enter G- Security Group Administration. The screen displays the current group configuration.

Enter menu item or [Q] to Quit:G

Current Group Configuration:

Group Names Group Distinguished Names Access Rights

--------------------------------------------------------------------------

1 - Administrator C, P, M, U

2 - User C, P

3 - Custom1 None

4 - Custom2 None

5 - Custom3 None

6 - Custom4 None

Only the first 30 characters of the Group Distinguished Names are displayed.

Enter number to view or modify, or [Q] to Quit:

3. Enter the number for the group you want to view or modify. The screen displays the current

LDAP group settings.

4. Set up a group distinguished name.

5. Select rights for the group.

6. Enter Y to confirm.

You can control access to the iLO MP using directories without schema extensions. The iLO MP

acquires the user name to determine group membership from the directory. The iLO MP then

cross-references the group names with its locally stored names to determine user privilege level.

The iLO MP must be configured with the appropriate group names and their associated privileges.

To configure the iLO MP, use one of the following options:

• Web GUI, (Administration > Directory Settings > Group Administration page)

• iLO MP TUI (use the LDAP command)

Configuring LDAP Lite Default Schema 47