Configuring The Hmc So That It Uses Ldap Remote Authentication; Configuring The Hmc So That It Uses Key Distribution Center Servers For Kerberos Remote Authentication - IBM Hardware Management Console Installing And Configuring

To configure a domain suffix entry, use these steps:
1. In the navigation area, click HMC Management.
2. In the work area, click Change network settings. The Customize Network Settings window opens.
3. Click the Name Services tab.
4. Enter a string to be used as a domain suffix entry.
5. Click Add to add it to the list.

Configuring the HMC so that it uses LDAP remote authentication

You can configure your HMC so that it uses LDAP (Lightweight Directory Access Protocol) remote
authentication.
When a user logs in to the HMC, authentication is first performed against a local password file. If a local
password file is not found, the HMC can contact a remote LDAP server for authentication. You must
configure your HMC so that it uses LDAP remote authentication.
Note: Before you configure the HMC so that it uses LDAP authentication, you must ensure that a
working network connection exists between the HMC and the LDAP servers. For more information about
configuring HMC network connections, see "Configuring the HMC network types" on page 50.
To configure your HMC so that it uses LDAP authentication, do the following:
1. In the navigation area, click HMC Management.
2. In the content area, click LDAP Configuration. The LDAP Server Definition window opens.
3. Select Enable LDAP.
4. Define an LDAP server to use for authentication.
5. Define the LDAP attribute used to identify the user being authenticated. The default is uid, but you
can use your own attributes.
6. Define the distinguished name tree, also known as the search base, for the LDAP server.
7. Click OK.
8. If a user wants to use LDAP authentication, the user must configure his profile so that it uses LDAP
remote authentication instead of local authentication.
Configuring the HMC so that it uses Key Distribution Center servers for Kerberos
remote authentication
You can configure the HMC so that it uses Key Distribution Center (KDC) servers for Kerberos remote
authentication.
When a user logs in to the HMC, authentication is first performed against a local password file. If a local
password file is not found, the HMC can contact a remote Kerberos server for authentication. You must
configure your HMC so that it uses Kerberos remote authentication.
Note: Before you configure the HMC so that it uses KDC servers for Kerberos remote authentication, you
must ensure that a working network connection exists between the HMC and the KDC servers. For more
information about configuring HMC network connections, see "Configuring the HMC network types" on
page 50.
To configure the HMC so that it uses KDC servers for Kerberos remote authentication, do the following:
1. Enable the Network Time Protocol (NTP) service on the HMC and set the HMC and the KDC servers
to synchronize time with the same NTP server. To enable the NTP service on the HMC, do the
following:
a. In the navigation area, select HMC Management.
b. In the content area, select Change Date and Time.
c. Select the NTP Configuration tab.
58
Power Systems: Installing and configuring the Hardware Management Console