HP SIM V5.1 User Guide (356920-009, January 2007)
7 Directory Services
The Directory Service Groups tool is used to determine a system's membership in a Windows domain,
organizational unit (OU), or group. You must first configure the directory server parameters on the Directory
Server Configuration page. After you configure the directory server, the Directory Groups tool must be
configured with the distinguished name (DN) of the desired container objects in the directory.
• Directory Server Configuration Used to configure directory server settings including the network
name, port, and credentials to access the directory server. Select Options→Directory
Servicve→Directory Ser ver Configuration.
• Directory Groups Used to enter the complete distinguished name (DN) or one or more containers,
organizational units (OU), or group objects in the directory. Select Options→Directory
Servicve→Directory Groups.
Related procedures
• Configuring directory servers
• Configuring directory groups
Related topic
▲ Users and authorizations
Configuring directory servers
1. Select Options→Directory Service→Directory Server Configuration. The Directory Server
Configuration page appears.
2. (Required) Enter the network name or IP address of the directory server in the Name field. Multiple
systems can be specified by separating each system by a semicolon (;). This enables a backup to be
specified if a system cannot be contacted. For example, if the first system cannot be contacted, the
backup tries the second system in the list.
3. Select either Use SSL or Use Global Catalog for the Port Configuration setting.
The port configuration flag is preset to use SSL and to specify the default LDAP SSL port of 636 in the
Port field. The global catalog flag is cleared by default. Selecting and clearing the SSL or global catalog
flags changes the port number to the default values.
The global catalog communicates through LDAP but over a different set of ports: 3368 and 3269 for
SSL. The global catalog contains a read-only copy of all objects in the Active Directory, spanning multiple
domains, but only a small subset of object attributes. Configuring a global catalog here can provide a
simple solution for multi-domain sites. You can configure the directory attributes replicated to the global
catalog, but the desired attributes are enabled by default.
Note: HP recommends selecting Use SSL so that user name and password credentials are encrypted.
If this option is cleared, the directory server certificate is treated as a trusted system certificate and can
be imported using the existing HP SIM GUI or command line interface (CLI).
4. (Required) Enter the port number of the directory server.
The port number is preset to use SSL in the Port Configuration field and to specify the default LDAP
SSL port of 636 in the Port field.
5. In the User Name field, enter the user name to authenticate to the directory server. Write access for
this account is not required. An empty field, indicates an anonymous connection should be used. Any
password entered is ignored.
6. In the Password field, enter the password for the user name specified.
7. In the Confirm field, reenter the password for the user name specified.
After configuring the directory server parameters, you must configure the containers and groups that contain
the computer objects of interest. See “Configuring directory servers” for information on configuring directory
server parameters.
Configuring directory servers 145