HP Integrity iLO 3 Operations Guide

ManualsBrandsHP ManualsServerHP Integrity BL890c i2 Server Blade

111

112

113

114

115

116

117

118

119

120

running and you have appropriate rights. You can also do this by setting

HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services NTDS Parameters Schema

Update Allowed in the registry to a nonzero value (see the “Order of Processing When

Extending the Schema” section of the Installation of Schema Extensions in the Windows 2000

Server Resource Kit), or by doing the following:

CAUTION: Incorrectly editing the registry can severely damage your system. HP recommends

creating a backup of any valued data on the computer before making changes to the registry.

NOTE: This step is not necessary if you are using Windows Server 2003.

a. Start the MMC.

b. In MMC, install the Active Directory schema snap-in.

c. Right-click Active Directory Schema and select Operations Master.

d. Select The Schema may be modified on this Domain Controller.

e. Click OK.

The Active Directory schema folder may need to be expanded for the checkbox to be available.

4. Create a certificate or install Certificate Services. This step is necessary because iLO 3 uses

SSL to communicate with Active Directory.

5. To specify that a certificate be issued to the server running Active Directory, do the following:

a. Launch MMC on the server and add the default domain policy snap-in (Group policy and

browse to default domain policy object).

b. Click Computer Configuration>Windows Settings>Security Settings>Public Key Policies.

c. Right-click Automatic Certificate Requests Settings, and select New>Automatic Certificate

Request.

d. Using the wizard, select the domain controller template and the certificate authority you

want to use.

6. Download the Smart Component that contains the installers for the schema extender and the

snap-ins. You can download the Smart Component from the HP website at http://www.hp.com/

go/integrityiLO.

7. Run the schema installer application to extend the schema, which extends the directory schema

with the proper HP objects.

The schema installer associates the Active Directory snap-ins with the new schema. The snap-in

installation setup utility is a Windows MSI setup script and runs anywhere MSI is supported

(Windows XP, Windows 2000, Windows 98). However, some parts of the schema extension

application require the .NET Framework, which you can download from the Microsoft website

at:

http://www.microsoft.com

Installing and initializing snap-ins for Active Directory

To install the snap-ins and configure the directory service:

1. To install the snap-ins, run the snap-in installation application.

Directory services for Active Directory 119