Table of Contents
Advertisement
•
Use DHCPv6 Supplied Domain Name
•
Use DHCPv6 Supplied DNS Servers
6.
Click the General tab.
7.
Optional: Update the iLO Subsystem Name (Hostname).
8.
Update the Domain Name.
9.
Click Submit.
10. To restart iLO, click Reset.
iLO hostname and domain name requirements for Kerberos authentication
•
Domain Name—The iLO domain name value must match the Kerberos realm name, which is typically
the domain name converted to uppercase letters. For example, if the parent domain name is
somedomain.net, the Kerberos realm name is SOMEDOMAIN.NET.
•
iLO Subsystem Name (Hostname)—The configured iLO hostname must be identical to the iLO
hostname that you use when you generate the keytab file. The iLO hostname is case-sensitive.
Preparing the domain controller for Kerberos support
In a Windows Server environment, Kerberos support is part of the domain controller, and the Kerberos
realm name is usually the domain name converted to uppercase letters.
Procedure
1. Create and enable computer accounts in the domain directory for each iLO system.
Create the user account in the Active Directory Users and Computers snap-in. For example:
•
iLO hostname: myilo
•
Parent domain name: somedomain.net
•
iLO domain name (fully qualified): myilo.somedomain.net
2. Ensure that a user account exists in the domain directory for each user who is allowed to log in to iLO.
3. Create universal and global user groups in the domain directory.
To set permissions in iLO, you must create a security group in the domain directory. Users who log in
to iLO are granted the sum of the permissions for all groups of which they are a member. Only
universal and global user groups can be used to set permissions. Domain local groups are not
supported.
Generating a keytab file for iLO in a Windows environment
Procedure
1. Use the Ktpass.exe tool to generate a keytab file and set the shared secret.
iLO hostname and domain name requirements for Kerberos
authentication
307
Advertisement
Table of Contents
Troubleshooting
