HP Integrity iLO 3 Operations Guide
Enforcing directory login restrictions
Figure 62 shows how two sets of restrictions potentially limit a directory user's access to iLO 3
devices. User access restrictions limit a user's access to authenticate to the directory. Role access
restrictions limit an authenticated user's ability to receive iLO 3 privileges based on rights specified
in one or more roles.
Figure 62 User and role access restrictions
Enforcing user time restrictions
You can place a time restriction on directory user accounts. Time restrictions limit the ability of the
user to log in (authenticate) to the directory. Typically, time restrictions are enforced using the time
on the directory server, but if the directory server is located in a different time zones or a replica
in a different time zone is accessed, time zone information from the managed object can be used
to adjust for relative time.
While directory server evaluates user time restrictions, the determination can be complicated by
time zone changes or by the authentication mechanism.
Figure 63 shows the user time restrictions.
142 Installing and configuring directory services