HP iLO 3 User Guide

Verifying single sign-on (HP Zero Sign In) configuration

To verify that HP Zero Sign In is configured correctly:

1. Browse to the iLO login page (for example, http://iloname.example.net).

2. Click the HP Zero Sign In button.

If a prompt for credentials appears, Kerberos authentication has failed and the system has

reverted to NTLM authentication. Click Cancel, and then repeat the procedures in “Configuring

single sign-on” (page 164).

To verify that login by name is working properly:

1. Browse to the iLO login page (for example, http://iloname.example.net).

2. Enter the user name in the Kerberos SPN format (for example, user@EXAMPLE.NET).

3. Enter the associated domain password.

If a prompt for credentials appears, Kerberos authentication has failed. Click Cancel to close

the dialog box.

domain, but the Kerberos configuration parameters (Kerberos Realm, Kerberos KDC Server

Address, and Kerberos KDC Server Port) reference the parent domain.

Schema-free directory integration

With schema-free directory integration, users and group memberships reside in the directory, but

group privileges reside in the iLO settings. iLO uses login credentials to read the user object in the

directory and retrieve the user group memberships, which are compared to those stored in iLO. If

the credentials and membership match, authorization is granted, as shown in Figure 84 (page 166).

Figure 84 Schema-free directory integration

User enters

user name

and password

iLO

interface

Credentials

translated

to a DN

User found in

the directory

and veriﬁed in

the iLO groups