4

I have a problem with ILO2 integration with Active Directory.

Server ProLiant DL580 G5

I can't login to ILO2 via my Active Directory account.

I try loginname (testuser or testuser@domain.local) and Distinguished Name (Test User).

When I try it I get message from ILO2:

.iLO 2 has detected a failed login attempt. Cause: Unauthorized. Please wait for login prompt. NOTE: Username and password are case sensitive.

iLO 2 Firmware Version:     2.25   04/14/2014
License Type:     iLO 2 Advanced

I Setup it in Administration-> Settings -> Directory

I Use "Use Directory Default Schema"

My settings:

  • Directory Server Address: myserver.domain.local
  • Directory Server LDAP Port:636
  • Directory User Context 1:DC=domain,DC=local

When I test settings I get this:

Results
Overall Status:     Passed

Test Description     Status
Ping Directory Server    Passed
Directory Server IP Address    Not run
Directory Server DNS Name    Passed
Connect to Directory Server    Passed
Connect using SSL    Passed
Certificate of Directory Server    Passed
Bind to Directory Server    Passed
Directory Administrator login    Not run
User Authentication    Passed
User Authorization    Passed
Directory User Context 1    Not run
Directory User Context 2    Not run
Directory User Context 3    Not run
Directory User Context 4    Not run
Directory User Context 5    Not run
Directory User Context 6    Not run
Directory User Context 7    Not run
Directory User Context 8    Not run
Directory User Context 9    Not run
Directory User Context 10    Not run
Directory User Context 11    Not run
Directory User Context 12    Not run
Directory User Context 13    Not run
Directory User Context 14    Not run
Directory User Context 15    Not run
LOM Object exists    Not run
LOM Object password    Not run

Test Log:

Initiating Directory Settings diagnostic for server myserver.domain.local
Directory Server address myserver.domain.local resolved to 10.10.10.8
Accepting Directory Server certificate for /CN=MYSERVER.domain.local signed by /DC=local/DC=domain/CN=DOMAIN CA
Test user CN=Test User,OU= ,OU= ,OU= GPO,DC=domain,DC=local authenticated.

In Administer Groups I set:

Administrator Group Settings

Security Group Distinguished Name: CN=ILO-Admins,OU=Group for ILO Access,OU=Domaingroups,DC=domain,DC=local

Administer Group Accounts:
Remote Console Access: Allowed
Virtual Power and Reset: Allowed
Virtual Media: Allowed
Configure iLO 2 Settings: Allowed

My Test User is member of this group.

Ladadadada
  • 26,337
  • 7
  • 59
  • 90
Anton
  • 77
  • 1
  • 3

1 Answers1

2

Now It's work. I just set full LDAP path to OU with my users.

Anton
  • 77
  • 1
  • 3
  • 1
    Glad you've resolved this. Please be sure to [mark your answer as accepted when you're able](http://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work). – jscott May 20 '14 at 11:53
  • Same problem with C3000. Yes it is necessary to add both the OU of the users and the resource groups they are members of/which are mapped to the ILO. – Tony Wall Dec 09 '15 at 12:30