User's Manual
Table Of Contents
- HP Remote Insight Lights-Out Edition II User Guide
- Notice
- Contents
- Operational overview
- Installing the RILOE II
- Configuring the RILOE II
- Using the RILOE II
- Accessing RILOE II for the first time
- Features of the RILOE II
- Managing the user and configuration settings of the RILOE II
- Using the Remote Console
- Terminal Services pass-through option
- Using virtual devices
- Resetting the RILOE II to the factory default settings
- Getting help
- Pocket PC access with RILOE II
- RILOE II security
- Systems Insight Manager integration
- Directory services
- Overview of directory integration
- Benefits of directory integration
- How directory integration works
- Advantages and disadvantages of schema-free and HP Extended
- Setup for Schema-free directory integration
- Setting up HP schema directory integration
- Features supported by HP schema directory integration
- Setting up directory services
- Directory services support
- Schema required software
- Schema installer
- Management snap-in installer
- Directory services for Active Directory
- Active Directory Lights-Out management
- Directory services for eDirectory
- User login using directory services
- Directory settings
- Directory-enabled remote management
- Scripting, command line, and utility options
- Overview of the Lights-Out DOS utility
- Lights-Out directories migration utilities
- Compatibility
- Pre-migration checklist
- HP Lights-Out directory package
- HPQLOMIG operation
- Finding management processors
- Upgrading firmware on management processors
- Selecting a directory access method
- Naming management processors
- Configuring directories when HP Extended schema is selected
- Configuring directories when schema-free integration is sele
- Setting up management processors for directories
- HPQLOMGC operation
- Lights-Out Configuration Utility
- Using Perl with the XML scripting interface
- HPONCFG
- Remote Insight command language
- RIBCL sample scripts
- RIBCL general guidelines
- XML header
- Data types
- Response definitions
- RIBCL
- LOGIN
- USER_INFO
- ADD_USER
- DELETE_USER
- GET_USER
- MOD_USER
- GET_ALL_USERS
- GET_ALL_USER_INFO
- RIB_INFO
- RESET_RIB
- GET_NETWORK_SETTINGS
- MOD_NETWORK_SETTINGS
- GET_GLOBAL_SETTINGS
- MOD_GLOBAL_SETTINGS
- CLEAR_EVENTLOG
- UPDATE_RIB_FIRMWARE
- GET_FW_VERSION
- HOTKEY_CONFIG
- DIR_INFO
- GET_DIR_CONFIG
- MOD_DIR_CONFIG
- SERVER_INFO
- RESET_SERVER
- INSERT_VIRTUAL_FLOPPY
- EJECT_VIRTUAL_FLOPPY
- COPY_VIRTUAL_FLOPPY
- GET_VF_STATUS
- SET_VF_STATUS
- GET_HOST_POWER_STATUS
- SET_HOST_POWER
- GET_VPB_CABLE_STATUS
- GET_ALL_CABLES_STATUS
- GET_TWOFACTOR_SETTINGS
- MOD_TWOFACTOR_SETTINGS
- Troubleshooting the RILOE II
- Supported client operating systems and browsers
- Supported hardware and software
- Server PCI Slot and Cable Matrix
- Network connection problems
- Alert and trap problems
- NetWare initialization errors
- Miscellaneous problems
- Accessing System Partition Utilities
- Inability to reboot the server
- Inability to upgrade the RILOE II firmware
- Incorrect time or date of entries in the event log
- Interpreting LED indicators
- Invalid Source IP address
- Login name and password problems
- Remote Console mouse control issue
- Resetting the RILOE II to Factory Default Settings
- Virtual Floppy media applet is unresponsive
- Video Problems
- Troubleshooting the host server
- Directory Services errors
- Directory Services schema
- Technical support
- Regulatory compliance notices
- Acronyms and abbreviations
- Index
Directory services 76
•
Standards—Lights-Out directory support builds on top of the LDAP 2.0 standard for secure directory
access.
How directory integration works
Schema-free
At the login page, enter a login name and a password. If ActiveX is enabled in the browser, the login
name is converted to the directories DN format and stored in a security cookie in the browser. The
browser then loads the home page for RILOE II.
RILOE II reads the security cookie and extracts the DN for each page displayed. RILOE II reads the
directory object pointed to by the DN. RILOE II then determines what groups the object is a member of
and compares this information with a list kept in RILOE II. If there is a match, then the privileges
associated with this group in RILOE II determine whether you have access to the page requested.
When using a schema-free directory configuration, after you attempt to log in to RILOE II, RILOE II
attempts to read your object in the directory to determine what groups you are a member of. RILOE II
compares the list of groups to group names RILOE II is configured to recognize. If RILOE II finds a match,
RILOE II determines what privileges you have based on the privileges configured for that group in RILOE
II.
If you are a member of any group that RILOE II recognizes, you have login rights to RILOE II, regardless of
what rights are associated with the group. User rights are a combination of all rights for the groups you
are a member of that RILOE II recognizes.
If at login the ActiveX control does not run, then the complete login name or the login name prepended
with a user context is used for the directory lookup process. For this to work, the login name must either
be in full DN format or in a format that the combination of the login name with a user context is made into
a full DN.
HP Extended schema
Refer to the "Directory-enabled remote management (on page 103)" section.
Advantages and disadvantages of schema-free and HP
Extended schema
Before configuring RILOE II for directories, you must decide whether to use the directory's schema-free
option (the default schema) or the HP Extended schema option.
The advantages of using the schema-free option are:
• There is no need to extend the directory's schema.
• When ActiveX controls are enabled on the browser, logging in using NetBIOS and e-mail formats is
supported.
The advantages of using the HP Extended schema option are:
• There is much more flexibility in controlling access. For example, access can be limited to a time of
day or from a certain range of IP addresses.
• Groups are maintained in the directory, not on each RILOE II.
• eDirectory works only with RILOE II using the HP Extended schema.