HP Integrity iLO 3 Operations Guide
NOTE: Due to command syntax changes in schema-free LDAP, some customer-developed scripts
may not run. You must change any scripts you developed to enable them to run with the new
schema-free LDAP syntax.
NOTE: You must select the default schema from the LDAP command for the schema-free LDAP
settings to work.
To set up directory security groups:
1. At the CM:hpiLO-> prompt, enter LDAP. The screen displays the current LDAP options.
[hqgstlb3] CM:hpiLO-> ldap
LDAP
Current LDAP options:
D - Directory settings
G - Security Group Administration
2. Enter G. The current group configuration appears.
Enter menu item or [Q] to Quit:G
Current Group Configuration:
Group Names Group Distinguished Names Access Rights
--------------------------------------------------------------------------
1 - Administrator C, P, M, U
2 - User C, P
3 - Custom1 None
4 - Custom2 None
5 - Custom3 None
6 - Custom4 None
Only the first 30 characters of the Group Distinguished Names are displayed.
Enter number to view or modify, or [Q] to Quit:
3. Enter the number for the group you want to view or modify. The current LDAP group settings
appear.
4. Set up a group distinguished name.
5. Select rights for the group.
6. Enter Y to confirm.
Login process using directory services without schema extensions
You can control access to iLO 3 using directories without schema extensions. Integrity iLO 3 acquires
the user name to determine group membership from the directory. The iLO 3 then cross-references
the group names with its locally stored names to determine user privilege level. Integrity iLO 3 must
be configured with the appropriate group names and their associated privileges. To configure iLO
3, use one of the following methods:
• Web GUI (Administration > Directory Settings > Group Administration page)
• iLO 3 MP TUI (LDAP command)
Configuring schema-free LDAP 41