Installation Manual

ManualsBrandsHP ManualsComputers & AccessoriesHigh-End HP ProLiant DL360P G8 Server 2 x 2.90Ghz E5-2690 8C 192GB 8x Caddies (Certified Refurbished)

281

282

283

284

285

286

287

288

289

290

• Single point of administration (HPE Extended Schema configuration)—You can use native

administration tools like MMC to administer iLO users.

• Immediacy—A single change in the directory rolls out immediately to associated iLO

processors. This feature eliminates the need to script this process.

• Simpler credentials—You can use existing user accounts and passwords in the directory

without having to record a new set of credentials for iLO.

• Flexibility (HPE Extended Schema configuration)—You can create a single role for a single

user on a single iLO processor, a single role for multiple users on multiple iLO processors,

or a combination of roles suited to your enterprise. With the HPE Extended Schema

configuration, access can be limited to a time of day or a certain range of IP addresses.

• Compatibility—iLO directory integration supports Active Directory.

• Standards—iLO directory support is based on the LDAP 2.0 standard for secure directory

access.

Choosing a directory configuration to use with iLO

Before you configure iLO for directories, you must choose between the schema-free and HPE

Extended Schema configuration options.

Consider the following questions:

1. Can you apply schema extensions to your directory?

• Yes—Continue to question 2.

• No—You are using Active Directory, and your company policy prohibits applying

extensions.

No—Directory integration with the HPE Extended Schema does not fit your environment.

Use group-based schema-free directory integration. Consider deploying an evaluation

server to assess the benefits of directory integration with the HPE Extended Schema

configuration.

2. Is your configuration scalable?

The following questions can help you determine whether your configuration is scalable:

• Are you likely to change the rights or privileges for a group of directory users?

• Will you regularly script iLO changes?

• Do you use more than five groups to control iLO privileges?

Depending on your answer to these questions, choose from the following options:

• No—Deploy an instance of the schema-free directory integration to evaluate whether

this method meets your policy and procedural requirements. If necessary, you can

deploy an HPE Extended Schema configuration later.

• Yes—Use the HPE Extended Schema configuration.

More information

Schema-free directory authentication

HPE Extended Schema directory authentication

Schema-free directory authentication

When you use the schema-free directory authentication option, users and groups reside in the

directory, and group privileges reside in the iLO settings. iLO uses the directory login credentials

to read the user object in the directory and retrieve the user group memberships, which are

284 Kerberos authentication and Directory services